20618
Every day I write about #osint (Open Source Intelligence) tools and techniques. Also little bit about forensics and cybersecurity in general. Work in https://t.me/netlas
More lists of #osint resources for different countries can be found in the Linkedin group of my old mates from UserSearch.ai:
https://linkedin.com/groups/13047129/
SOCIAL MEDIA MAP 2023
When gathering information about a person or event on social networks, don't forget that besides market leaders, there are also many lesser known social networks.
In this PDF from twitter.com/ovrdrv you can find the actual ones in 2024:
https://www.ovrdrv.com/wp-content/uploads/2022/05/2023_Overdrive-Interactive_Social-Media-Map.pdf
Duck.AI
A tool for communicating with chatbots made by DuckDuckGo. Free, does not require registration (it positions itself as anonymous and does not collect this users) and very fast:
GPT-3.5 Turbo
Claude 4 Haiku
Liama 3 70B
Mixtral 8x78
Tip by twitter.com/HolismVision
I recommend subscribing to my old mates' Linkedin group linkedin.com/groups/13047129/.
There's a lot of interesting stuff:
view .onion sites without Tor Browser
see Twitter, Instagram and YouTube posts on a map
convert YouTube videos to text
search engines that search photos by face
Deep Tech Finder
Europe tech startups search engines. Search by:
- startup name
- investor name
- growth stage
- industry
- patent technical field
and more.
https://datavisualisation.apps.epo.org/datav/public/dashboard-frontend/host_epoorg.html#/explore?dataSet=1
Creator twitter.com/EPOorg
Toutatis (https://github.com/megadose/toutatis) - a tool for collecting info about an Instagram user (that include part of phone number and email).
17.07 new version was released! Follow twitter.com/palenath so you don't miss the next updates(by the way, he is also the developer of Holehe).
⚠️ I am looking for OSINT investigators interested in using SL Crimewall for their daily tasks.
🤝Just DM me!
#community #crimewall #sociallinks
The OSINT Toolbox
Few days ago twitter.com/cqcore created a query builder to search his Github repositories with collections of tools:
- Telegram-OSINT
- Social-Media-OSINT
- Website-OSINT
- Geolocation-OSINT
- OSINT-Browser-Extensions
and many others.
https://the-osint-toolbox.com/
7 step plan by Sigmund Brandstaetter for learning #OSINT:
Introduction
Basic Techniques
Intermediate Skills
Advanced Techniques
Practical Application/Case Studies
Continuous Learning and Community Engagement
Certification and Proof of Learning
https://osintph.medium.com/osint-learning-path-20817eb5232e
Building Own Nuclei Templates
A detailed beginner's guide from twitter.com/ott3rly to the different methods of creating templates for the Nuclei scanner (twitter.com/pdnuclei). Useful for both searching for vulnerabilities and gathering sensitive information.
https://x.com/ott3rly/status/1810585066424127611
Top 10 Shodan Dorks list by twitter.com/Mane0090
Can be used in different IP Search engines (Shodan, Netlas, Censys, Fofa).
More tutorials on the topic can be found in the "Awesome IP Search Engines" repository
https://github.com/cipher387/awesome-ip-search-engines
#osint #cybersecurity
Kali Linux OSINT VM
- bash script for Kali Linux VM that install 100+ #OSINT tools
- list of Chrome and Firefox extensions
- archive of OSINT templates
- a lot of useful bookmarks in JSON file
https://github.com/midnit3Z0mbi3/Kali-Linux-OSINT-VM
Creator twitter.com/midnit3_Z0mbi3
Online tools (free or partly free) for automating work with dorks (Google and beyond):
dorki.io
taksec.github.io/google-dorks-bug-bounty/
dorksearch.com
dorkme.com
dorkgenius.com
dorks.faisalahmed.me
#osint
Online tools to identify a location from an uploaded photo using AI:
geospy.web.app
earthkit.app
usersearch.org (GeoSpy integration)
picarta.ai
labs.tib.eu/geoestimation/
GeoGuessr GPT https://chatgpt.com/g/g-brlHi7t2R-geoguessr-gpt
EARTHKIT
Upload image
Select an area on the map
Get points on Google Street View panoramas similar to the original image
(still working with small areas)
earthkit.app
+ photo geolocation estimation and Overpass Turbo queries AI generation
🇨🇦Canadian OSINT🇨🇦
- business and corporate info
- archives and genealogy
- legal and court info
- people search
and more (dozens of resources).
https://github.com/S3V3N11S/Canadian-OSINT-
Contributor Jason Colborne
Search GRID generator
Simple online tool that generates a KML file based on geographic coordinates to upload to Google Earth Pro and search for satellite imagery (and other information) for a given area.
https://colab.research.google.com/github/bellingcat/open-source-research-notebooks/blob/main/notebooks/bellingcat/search-grid-generator.ipynb
Tip by twitter.com/Galen_Reich
#geoint
Also, a huge thank you to everyone who likes or reposts!
Читать полностью…
BigDomainData Reverse Whois Database
Over 265 Million actual domains data and over 561 Million historical domain data.
Search by 50+ WHOIS data fields (creation date, registrant name etc).
bigdomaindata.com/reverse-whois/
OSINT Methodology: How to Investigate Illegal Content in Telegram Chats
https://soxoj.substack.com/p/osint-methodology-how-to-investigate
(detailed article by @soxoj_insides)
Duck.AI
A tool for communicating with chatbots made by DuckDuckGo. Free, does not require registration (it positions itself as anonymous and does not collect this users) and very fast:
GPT-3.5 Turbo
Claude 4 Haiku
Liama 3 70B
Mixtral 8x78
Tip by twitter.com/HolismVision
My old mate Petro Cherkasets (twitter.com/OsintTeamBlog) wrote a nice detailed review of the premium version osint.industries.
It is FREE (on request) for employees of Government Agencies, Law Enforcement, Journalists and Non-Profits organisations.
https://www.osintteam.com/uncover-digital-footprints-with-osint-industries-a-complet-review/
Simple ways to find exposed sensitive information
(article by rl1987)
A detailed guide to searching for sensitive information using Google Dorks (with real examples of documents found).
https://www.trickster.dev/post/simple-ways-to-find-exposed-sensitive-information/
#osint
This article on my Medium blog is for those who have already heard something about Nuclei, but haven't yet figured out how this awesome network scanner works.
cyb_detective/using-nuclei-for-osint-5-minute-basic-guide-f8764424902b" rel="nofollow">https://medium.com/@cyb_detective/using-nuclei-for-osint-5-minute-basic-guide-f8764424902b
How to quickly find a copy of a certain picture in the highest possible resolution?
Upload it to Bing Image Search, click on the X Images Sizes button and then click on the top image ( largest image found)
(And don't forget that Bing is also pretty good at searching for faces)
Suspicious User Agents List
See any unusual lines in the server (website) logs?
With this list of 1300+ http user agents you can identify malware, exploits, vulnerability scanners, scrapers, bots, cryptominers etc
https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_http_user_agents_list.csv
Contributor twitter.com/mthcht
Great update to EarthKit (Google Street View photo search).
Now when hovering over the found match points you can see not only coordinates, but also street panoramas.
earthkit.app/streetview
(Use with tools such as GeoSpy to determine the most accurate location possible)
Twitter Tools
View username, display name and bio history of any Twitter user.
twitter.lolarchiver.com
Partly free. Works well, but not always accurately. Use in combination with other similar tools (like UserSearch etc).
Creator twitter.com/lol_archiver
GOOGLE STREET VIEW TOOLS
Quick view:
showmystreet.com
instantstreetview.com
Download photos/panoramas:
github.com/robolyst/streetview
Search for matches by photo:
earthkit.app/streetview
#geoint #osint
Enhancing OSINT through Mobile App Hacking
(by The Mobile Security Guys)
A short article that describes techniques that help detect vulnerabilities in mobile apps that can be used to collect users' personal data.
https://mobsecguys.medium.com/unlocking-the-treasure-trove-enhancing-osint-through-mobile-app-hacking-a8b4f180e636