The OSINT Curious Project

Special Guest Inês Narciso (@IWN_LX) – Ines worked in the Portuguese Intelligence Service for 12 years. She started up doing OSINT in 2008 and later became an OSINT and online undercover operations project manager. In 2019, she joined Iscte Iul a Lisbon University where she teaches Digital Methods and conducts research on disinformation. Since then, she’s also built a company that uses OSINT to find people’s ancestors and build family trees. In her spare time, she also helps pro bono fellow journalists in Portugal and abroad in their investigations and women who have been a victim of revenge porn or intimate image abuse. People in this Episode Micah Hoffman (@webbreacher) Nico (@DutchOSINTGuy) Matthias Wilson (@mwosint) Nixintel Lorand Bodo Sector035 Ritu Gill (@OSINTTechniques) Links to what we discussed Protecting personal privacy against unauthorized deep learning models: https://sandlab.cs.uchicago.edu/fawkes/ Search for videos across 60 platforms: https://www.peteyvid.com/ Estimate the size of a crowd with this tool: https://www.mapchecking.com/ Twitter thread about the video conferencing platform Zoom: https://twitter.com/securitytrails/status/1284187387103457282 Great verification case study in French: https://ledesk.ma/desintox/le-bonimenteur-de-habanos-sa-encore-frappe-il-sest-paye-un-panama-paper/ Twitter search tricks: https://www.labnol.org/internet/twitter-search-tricks/13693/ Improved face detection software that even works on animals: https://www.omgubuntu.co.uk/2020/07/digikams-improved-face-detection-for-photos-even-works-on-animals Blog that has started dropping “0Days” with regards to the TOR project: https://www.hackerfactor.com/blog/index.php?/archives/888-Tor-0day-Stopping-Tor-Connections.html New Telegram update: https://telegram.org/blog/profile-videos-people-nearby-and-more Upcoming virtual OSINT Symposium between 10 and 13 October: https://www.osintsymposium.com/event-details/australian-osint-symposium-1 Self Promotion Learn more about Ines’s work: https://medialab.iscte-iul.pt/ (in Portuguese with some English articles) The Open Source Intelligence Skills-building Conference (October 2020): https://www.osmosiscon.com/ German Open Source Intelligence Conference (GOCON): https://www.gosintcon.de/ – if you have any questions, reach out to Matthias (@mwosint) --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode Micah Hoffman (@webbreacher) Matthias Wilson (@mwosint) Nixintel Technisette Baywolf88 Links to what we discussed https://www.instagram.com/hushpuppi/?hl=en Big phishing criminal Hushpuppi arrested in Dubai. His Instagram account was well-known for flaunting his wealth. Allowed investigators to track his movements and identify his financial assets. https://pimeyes.com/en/ Matches facial images from across the web https://keyfindings.blog/2020/07/01/saving-images-from-google-maps-and-street-view/ Getting photo sphere images from Google Maps using developer tools https://nixintel.info/osint/geolocating-mobile-phones-with-an-ip/ Gives insight on the locations of IP adresses https://twitter.com/SebMeineck/status/1281577528164003841 PimEye reaction to a recent article (https://netzpolitik.org/2020/pimeyes-face-search-company-is-abolishing-our-anonymity/), now you can’t upload a pic anymore. You can only allow PimEye access to your camera https://pskreporter.info/pskmap Shows ham radio operators (with call sign and location) worldwide. Might be useful is ever working on a case involving ham radios https://twitter.com/LorandBodo/status/1281606517825974273 This website allows users to create a 3d reconstruction from a single image. super useful for osint investigations. https://medium.com/@CassiusXIII Guide to corporate OSINT recon https://keyfindings.blog/2020/07/12/how-to-geolocate-mobile-phones-or-not/ Follow-up on the IP geolocation article https://medium.com/analytics-vidhya/who-where-whomwith-wwww-a-facial-recognition-tool-for-image-based-data-gathering-and-graph-dd8f2b13c279 https://www.reddit.com/r/videos/comments/fxgi06/not_new_news_but_tbh_if_you_have_tiktiok_just_get/fmuko1m/?context=1 TikTok mobile app security issues and how they may impact your investigations. Self Promotion Micah Hoffman, Nico Dekens & John TerBush: SANS SEC487 Open-Source Intelligence (OSINT) Gathering & Analysis. Several options for Live Online & In Person --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode Micah Hoffman (@webbreacher) Nico Dekens (@dutch_osintguy) Rae Baker (@wondersmith_rae) Nixintel Ginsberg5150 Special Guest: Peter King (@ibexmind) additional info: https://ibexmind.com/ Links to what we discussed https://spoonbill.io/ Shows historic profile and pinned tweet changes for Twitter accounts. https://radar.freedar.uk/VirtualRadar/desktop.html Aircraft monitoring site but includes military/drones too. https://www.inquirer.com/news/philly-protests-arrests-fbi-lore-elisabeth-blumenthal-george-floyd-20200617.html Good OSINT case study, using social media to ID suspect https://citizenevidence.org/2020/06/26/investigating-infrastructure-links-with-passive-dns-and-whois-data/ Explains how to use OSINT to investigate a website, very beginner friendly https://www.tracelabs.org/trace-labs-osint-vm/ Trace Labs OSINT VM https://www.sans.org/webcasts/tech-tuesday-workshop-introduction-osint-video-image-verification-115875/ Nico’s free SANS image verification workshop https://www.youtube.com/channel/UCynWOUeHAOflEQtJnrZpkNA/videos Layer8 OSINT and Social Engineering conference videos are posted https://www.youtube.com/watch?v=-Psyw3ADNvo&feature=youtu.be Sector035’s Google Dorking 10 minute tip https://www.osintcombine.com/post/download-social-media-videos-without-tools OSINTCombine’s blog post on using the web developer tools in web browsers to download videos on several social media platforms https://twitter.com/TraceLabs/status/1273950482214641665 Trace Labs has renamed their Missing CTF to OSINT Search Party CTF and is doing monthly global events! https://www.npr.org/sections/health-shots/2017/04/09/523011446/how-playing-tetris-tames-the-trauma-of-a-car-crash?t=1593371114814 How Playing Tetris helps Tame Trauma Self Promotion Micah Hoffman, Nico Dekens & John TerBush: SANS SEC487 Open-Source Intelligence (OSINT) Gathering & Analysis. Several options for Live Online & In Person Several Online workshops at dutchosintguy.com --- Support this podcast: https://anchor.fm/osintcurious/support

Originally aired May 3, 2020 People in this Episode  Micah Hoffman  Dutch_OsintGuy  Nico Technisette  Matthias Wilson (MWOsint)  Special Guest: Aliaume Leroy (@Yaolri) more info on: https://www.bbc.co.uk/search?q=aliaume+leroy  Links to what we discussed  https://www.aliseeks.com/search Good resource for recon when conducting IP infringement related work on seller that are active on AlieExpress  https://twitter.com/datajournalism/status/1255106297592254465 The new verification handbook got released this week, lots of useful osint tips, tricks and case studies by industry experts  https://twitter.com/BenDoBrown/status/1255547411201691651 Thread By Benjamin Strick about an ongoing campaign of Chines and Russian named Bots that are attacking a Chinese Businessman who has been critical of China’s response of Covid19  https://twitter.com/dutch_osintguy/status/1256163055215489026?s=20 How birds and where they live can help during osint investigations  https://twitter.com/ShadowDragonIO/status/1256324472115564544 Nice webcast/podcast with some good insights in intelligence gathering, osint and the usage of online persona’s  https://twitter.com/baywolf88/status/1252630129085480966 A nice site to send reverse image searches to multiple sites and links to several other image related tools  https://medium.com/@lorenzoromani/facial-recognition-with-python-and-elasticsearch-quick-tutorial-85cd02fe903d Setting up your own facial recognition using Python and Elasticsearch  https://www.osintessentials.com/starter-tool Simple tool to give tips on how to start off with OSINT investigations. Similar to Micah’s YOGA, just more basic  https://keyfindings.blog/2020/05/03/using-the-wipo-ip-portal-for-osint/ Company research and reverse image searching using the WIPO IP Portal, there’s lots of data to be found in the patent, (trade-)mark and design databases on this portal  https://digitalforensicstips.com/2020/04/nation-state-quality-osint-on-a-taco-bell-budget-part-1/ Matt Edmondson’s OSINT blog post on using Amazon Web Services (AWS) for OSINT  This site also helps to identify type of birds in a picture: https://merlin.allaboutbirds.org/photo-id/ (thnx to 89Kenny)  Self Promotion  Dutch_Osintguy : July 9, 2020 Workshop advanced searching and monitoring with Google for professionals  Micah Hofmann & Dutch_Osintguy Nico: Several options to follow the SANS SEC487 Open-Source Intelligence (OSINT) Gathering and Analysis now with GOSI CERT ! --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode  Micah Hoffman  Nico (Dutch_OsintGuy)  Matthias Wilson (MWOsint)  Nixintel  Kirby Plessas (kirbstr)  Sector035  John TerBush (thegumshoo)  Special Guest : Arno Reuser (@ArnoReuser) more info on ArnoReuser.com & http://bibliography.opensourceintelligence.biz/  Links to what we discussed  https://intelx.io The site hosts breach data that are easily searchable (for free)! We spoke about this in regards to its scraping of Pastebin pastes. If you have a paid account, you can access them.  https://untappd.osint.ninja This page is the webification of the UntappdScraper script Micah made. Makes it easy to analyze user-reported drinking behavior.  https://twitter.com/MwOsint/status/1249416474600628226 Another source for company research is import/export data. Find out who does business with a company and which means of transportation they use. The tweet depicts one example for such a (paid) database, in some countries this data is freely accessible  https://groundwork.azavea.com/ Annotation tool designed for geospatial data, useful for osint geo related research  https://medium.com/@Dutchosintguy/start-caring-stop-sharing-9c108d957b2c Blog by Dutch_Osintguy about the human factor in cyber and how easy it can be for bad actors to gain access to certain video calling session by using basic osint techniques  https://github.com/mattnotmax/cyberchef-recipes Great Cyberchef recipes which can be used for OSINT and cyber  https://twitter.com/olihough86/status/1250514824255221762 Pastebin has disabled its search function, even for Pro customers. This is bad news for OSINT because Pastebin was such a valuable resource, especially for threat intel.  https://techcrunch.com/2020/04/16/clearview-source-code-lapse/ This is more privacy than OSINT but the Clearview AI application source code and other files were found in a public location.  Self Promotion  https://www.eventbrite.com/e/1-day-osint-skills-101-training-by-osint-curious-registration-92599869703 OSINT Curious 1 day OSINT 101 course!  Kirby is teaching online OSINT classes. Visit https://academy.plessas.net for more details.  Micah and Dutch_Osintguy will be doing OSINT SEC487 SANS Live Online trainings in the coming months. Visit https://www.sans.org/find-training/search?types=10&coursecode=SEC487&msc=course-page for details. --- Support this podcast: https://anchor.fm/osintcurious/support

Originally aired May 17, 20202 People in this Episode  Micah Hoffman  Nixintel  John TerBush  Rae Baker  Lorand Bodo  Chris Kubecka  Nico Dekens  Special Guest: Jane Lytvynenko (@JaneLytv) more info on: https://www.buzzfeednews.com/article/janelytvynenko  Links to what we discussed  https://twitter.com/SANSInstitute/status/1260219450449633281 webinar SANS @MIC with Dutch_Osintguy talking about the “OSINT State of Mind”  https://twitter.com/msfrpy/status/1258467675065499650 Great tip by Musafir.py showing the importance of cropping sections of pictures to figure out a location using reverse image search  https://twitter.com/ding0snax/status/1260648866551967744 Great resource with lots of search engines and other recourses for OSINT  https://twitter.com/lorenzoromani/status/1260513489392721923 New blog post by Lorenzo Romani related to facial recognition on social media. Follow up of a previous post from Lorenzo  https://twitter.com/dutch_osintguy/status/1261227044899348480 How to bring back search name by face in Google reverse image search  https://twitter.com/osintcombine/status/1260479927893319680 New awesome free tool from OSINT Combine (Chris Poulter). Rapid data visualization from local CSV files  https://twitter.com/LorandBodo/status/1260537315291795463?s=19 How to detect bot networks on Twitter – case study by Lorand  https://twitter.com/DanielGallagher/status/1258620989275070464 Create 3D models from images  https://twitter.com/ZusorOW/status/1258885451055800320?s=19 Open source softwares’ reliance on various other open source software. The end of GoodTwitter is the end for twint  https://datajournalism.com/read/handbook/verification-3 The new OSINT / Datajournalism verification handbook  Self Promotion  Dutch_Osintguy : July 9, 2020 Workshop advanced searching and monitoring with Google for professionals  Micah Hofmann, Dutch_Osintguy Nico & John Terbush: Several options to follow the SANS SEC487 Open-Source Intelligence (OSINT) Gathering and Analysis now with GOSI CERT !  John TerBush Recorded Future podcast https://www.recordedfuture.com/insikt-weekly-podcast/ --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode Nico (Dutch_Osintguy) Matthias Wilson (MWOsint) Nixintel Lorand Bodo (Lorandbodo) Rae Baker (wondersmith_rae) Technisette Special Guest : Jan Tegze (@jantegze) more info on sourcing.games Links to what we discussed Training yourself how to be an analytical thinker https://medium.com/@raebaker/training-yourself-to-be-an-analytical-thinker-476bdb7e7c99 Related to having an Analytical mind this shows analytical techniques in action through real cases https://study.sagepub.com/system/files/beebepherson2e_im_0.pdf Shows how EXIF data works, but also encourages people to keep digging into images even when EXIF data has been removed because it can still contain material of interest https://nixintel.info/osint/the-secret-life-of-jpegs/ 3 useful links for getting familiar with using api’s and python https://twitter.com/unknownuser1806/status/1244632977746718720?s=21 Alternative to Python? https://julialang.org/ Thread by Thomas from Pointer on fake news during covid (graphic images warning) https://twitter.com/Thms_Pointer/status/1245701702092759042 Great dashboard from OSINTCombine with loads of information on COVID19 from multiple sources https://twitter.com/osintcombine/status/1244383237494824960 Nice quiz on OPSEC, more OSINT related quizzes to come as well https://twitter.com/aware_online/status/1243087218270486529 Great case in which lots of different OSINT techniques are used. Tracking illicit arms trading with GEOINT, reverse image searching, SOCMINT (Twitter and Facebook), corporate research and maritime OSINT https://openfacto.fr/mv-single-eagle-from-second-hand-cars-to-air-defense-systems/ An OSINT/DFIR project on an OSINT tool with a surprising outcome https://keyfindings.blog/2020/03/23/be-careful-what-you-osint-with/ How to land a job in OSINT https://osintcurio.us/2020/04/01/how-to-land-an-osint-job/ Facebook tips and 10 minute tip video https://osintcurio.us/2020/04/02/facebook-tips/ Self Promotion Micah and Dutch_Osintguy will be doing OSINT SEC487 Sans Cybercast trainings the coming months https://www.sans.org/course/open-source-intelligence-gathering Stay tuned for more OSINTcurious lunches/breaksfast/dinner https://twitter.com/osintcurious --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode: Micah Hoffman (WebBreacher)  Nico (Dutch_Osintguy)  Matthias Wilson (MWOsint)  Nixintel  Lorand Bodo (Lorandbodo)  Rae Baker (wondersmith_rae)  Kirby Plessas (kirbstr)  Special guest: Chris Poulter (@osintcombine) and more info on https://www.osintcombine.com/  Links to what we discussed:  OSINT Combine’s talk at the #sansosintsummit https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1582052110.pdf  Nixintel spots fake Twitter accounts blog https://nixintel.info/osint/signs-youre-following-a-fake-twitter-account/  DeepL is a topnotch translation tool, which is now offering support for Chinese and Japanese https://twitter.com/DeepLcom/status/1240548128731914240  Thread about group or video chat invites. Want to address this because during covid19 quarantaine we will see a lot of these links posted openly. This might pose a threat for businesses. https://twitter.com/noneprivacy/status/1238779890461270017?s=21  OPSEC during Covid19 is important when sharing your home offices or desktops while working from home. https://twitter.com/dutch_osintguy/status/1241286386344439808?s=20  Corporate Reconnaissance and OSINT blog by Rae Baker https://osintcurio.us/2020/03/17/corporate-reconnaissance/  TraceLabs Missing CTF https://www.eventbrite.ca/e/trace-labs-global-missing-ctf-iv-an-osint-ctf-for-missing-persons-tickets-99910394680  Username enumeration tool WhatsMyName got a cool web frontend thanks to, none other than Chris Poulter (OSINTCombine) – https://whatsmyname.app  Lorand showed some websites that you can use to tackle and fact check dis-information  https://www.reuters.com/manipulatedmedia  https://firstdraftnews.org/latest/fake-news-complicated/  http://verificationhandbook.com/  https://disinfo.quaidorsay.fr/encyclopedia  https://toolbox.google.com/factcheck/explorer  Self promotion:  Micah’s SEC487 course has moved to CyberCast format. 6 full days of online OSINT learning streaming to you via GoToTraining. Classes https://www.sans.org/course/open-source-intelligence-gathering#type-cybercast  Rae speaking at layer8 about Martine OSINT  Kirby has webinars almost every Thursday at https://academy.plessas.net and has moved all custom training seminars online. Also check out our curated and commentated subscription news feed  Interested in fighting mis and disinformation around COVID19? Then join the Slack channel. DM Lorand on Twitter for more info --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode: Micah Hoffman (WebBreacher)  Dutch_Osintguy  Matthias Wilson (MwOsint)  Nixintel  Sector035  Special Guest: Jeff Lomas (@BleuBloodHound)   Links to what we discussed: Jeff Lomas talked about his blog on cell tower info, DFIR and OSINT https://osintcurio.us/2019/08/19/making-sense-of-osint-cell-tower-data-for-dfir/  People being monitored by the geotagged social media trough Echosec https://twitter.com/KarlSwannie/status/1233092121822978048  An semi automated website for lookups on a domain, ip or email. Covers dns, location, whois and more. Opsec! don’t know if requests are tracked https://synapsint.com/  OSINT CTF that gives people a chance to practice their skills. It covers a wide range of areas like government databases, social media, archived websites as well as some basic digital forensic and cyber security knowledge. https://ctf.cybersoc.wales/  Vis graphing tool for win, linux and osx in beta. Sort of Maltego alternative made with help of occrp.vis.com https://docs.alephdata.org/guide/vis-desktop  Guideline by US DoJ : Legal Considerations when Gathering Online Cyber Threat Intelligence and Purchasing Data from Illicit Sources https://www.justice.gov/criminal-ccips/page/file/1252341/download  Useful to manually create charts in your OSINT investigations https://www.draw.io/  Bram (Aware Online) has been on fire this week, posting lots of quick OSINT tips. Might be worth a shout-out https://twitter.com/aware_online  Great detailed blog on how to build your own web scraper using Python https://hackernoon.com/how-to-build-a-web-scraper-with-python-step-by-step-guide-jxkp3yum  TikTok OSINT thread https://twitter.com/summer__heidi/status/1234308465662627840  The Cyber Intelligence Analyst Cookbook has some good information about CTI and OSINT process and analysis. https://github.com/open-source-rs/The-Cyber-Intelligence-Analyst-Cookbook/  Scrapy: An open source and collaborative framework for extracting the data you need from websites. https://scrapy.org/  Skills Demo:  Matthias a.k.a MWOsint – https://keyfindings.blog/2020/03/08/using-the-microsoft-video-indexer-for-osint/ demo  Self Promotion: Dutch_OsintGuy added new events to his website for several trainings and workshops https://dutchosintguy.com/events-and-blogs/  Dutch_Osintguy : Workshop understanding Google’s search results and advanced searching techniques workshop (Dutch language only) together with Aware Online. March 20th in Amsterdam. https://www.aware-online.com/workshop-google-voor-gevorderden/  Micah (WebBreacher) has multiple SANS SEC487 live classes (https://sans.org/sec487) coming up in the coming months and is looking forward to the GIAC GOSI OSINT certification (https://giac.org/gosi) moving into beta testing in April. --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode Ginsberg5150 Nixintel Sector035 Links to what we discussed WhatsApp invite debacle: https://twitter.com/JordanWildon/status/1230829082662842369 Nixintel his short blogpost about it: https://nixintel.info/osint/whatsapp-dorks-and-tricks/ Open source maps and satellite imagery used to verify claims about Chinese human rights abuses https://twitter.com/bayer_julia/status/1229441850781642754 A Pastebin bot on Twitter: https://twitter.com/leak_scavenger (by https://twitter.com/rnd_infosec_guy) SN Radar http://snradar.azurewebsites.net – geolocation tool for VK posts. OSINT Summit 2020 – https://www.sans.org/event/osint-summit-2020 New Buscador-style OSINT dedicated Linux build called CSI Linux: https://csilinux.com/features.html Sigint through satellites interference http://www.osinteditor.com/resources/sentinel-1-c-sar-interference-analysis-intro/ Citizens find the attackers of the Jawaharlal Nehru University attack: https://medium.com/dfrlab/citizen-sleuths-in-india-unmask-perpetrators-behind-jnu-attack-2a053f0b7556 --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode Micah Hoffman Dutch_Osintguy Sector035 And our special guest: Ritu Gill aka OsintTechniques Links to what we discussed Tweet by Gonzo about searching SSID’s with a Google dork https://twitter.com/gonzos_int/status/1222541952413065216?s=11 Another good name check lookup website https://twitter.com/dutch_osintguy/status/1223688324034060292 Good read about deanonymizing TOR circuits https://twitter.com/x0rzkov/status/1224380928094613505 Guest OSINT Curious blog by Jeff Lomas https://twitter.com/BleuBloodHound : https://osintcurio.us/2020/01/31/combing-through-video-faster-using-dfir-and-osint-skills/ 50 cognitive biases in the modern world https://twitter.com/i_intelligence/status/1224230855213830145 OSINT explanation of Kobe Bryant’s catastrophic helicopter crash https://www.youtube.com/watch?v=XSHpbGhy3Ko&feature=youtu.be How to find the most recent satellite imagery on earth https://twitter.com/mouthofmorrison/status/1212840820019208192 Trace Labs Global CTF 3 Google Geolocation API now includes Wi-Fi and Cell data https://developers.google.com/maps/documentation/geolocation/intro  Tweet by Serge Courier: Scrape Google Maps (a tool and a browser extension to scrape results from a Google maps search – original blog post from Boolean Strings) https://twitter.com/secou/status/1225855494750818304?s=21 10 minute OSINT Curious tip “Viewing LinkedIn Profiles Anonymously” https://youtu.be/bIAdx3CAjtM Identifying and tackling manipulated media – a free online course offered by Reuters https://twitter.com/LorandBodo/status/1225415356409372672 OSINTCombine have put together an importable bookmark stack https://twitter.com/osintcombine/status/1225181330595430400  Ginger_T Article https://medium.com/@Ginger_T/my-journey-into-the-world-of-osint-is-now-just-over-one-year-old-ea6f6d90eda  Self Promotion SANS OSINT Summit – February 18th, next week! https://www.sans.org/event/osint-summit-2020/summit-agenda Dutch_OsintGuy Nico doing two OSINT workshops on March 20th and May 18th Google Advanced Searching and Monitoring (in Dutch) https://www.aware-online.com/workshop-google-voor-gevorderden/ https://twitter.com/aware_online/status/1226504473310351360 Dutch_Osintguy Nico teaching in Amsterdam 21-22-23 OSINT module 1 in English --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode: Ginsberg5150 Dutch_Osintguy Sector035 Kirby Plessas And our special guest: Brenna Smith  Links to what we discussed: Archive of Brenna’s CryptOSINT newsletters can be found here https://us14.campaign-archive.com/home/?u=c435f53a5568f7951404c8a38&id=7f8ca9c380  Our own technisette had a beautiful and healthy baby! Congratulations! https://twitter.com/technisette/status/1219631571851980801  Introduction to OSINT (video) Micah was very lucky to meet and get to work with the talented Ritu Gill, (@OSINTTechniques). At the recent Trace Labs (@TraceLabs) and SANS (@SANSDefense) Missing Persons CTF in Washington DC, they both noticed that many people wanted to participate but had no idea how to get started. After a few discussions, they decided to make an Introduction to OSINT video. https://osintcurio.us/2020/01/16/introduction-to-osint-video/  Lorand Bodo tweeted about a paper that describes a content manipulation (chameleon) attack https://twitter.com/LorandBodo/status/1220359046374600704 with a demo of the attack on Facebook.  Blog by DJ Nemec about using pingbacks to umask a real IP address of a WordPress website that is behind Cloudflare https://t.co/DZY2yOiIRi?amp=1  nixintel wrote a blog about using OSINT techniques to find out who is behind a WordPress site https://nixintel.info/osint/osint-techniques-whos-behind-a-wordpress-site/  New chrome extension that lets you see who posted a video on Twitter first (thread in french https://twitter.com/BriceLeBorgne/status/1217470986095861760) tool on github https://github.com/briceleborgne/OriginVideo (To install the extension, you can download the file I put on Github. Unzip everything in a local folder. Activate developer mode on the Chrome “Extensions” page. Click on “Load the unpackaged extension”, select the folder, en load)  “What is OSINT?” thread on Twitter https://twitter.com/WebBreacher/status/1219606025680101380  TraceLabs Global Missing Persons CTF III – https://www.tracelabs.org/2020/01/trace-labs-global-ctf-iii-an-osint-ctf-for-missing-persons/  New SpiderFoot release https://twitter.com/spiderfoot/status/1221427688109375488  Self Promotion  Nico, Kirby, Micah, and others at SANS osint summit FEB 18th https://www.sans.org/event/osint-summit-2020  Nico joined the recorded future podcast, talked about osint and threat intelligence. You can listen to it here https://www.recordedfuture.com/podcast-episode-142/ --- Support this podcast: https://anchor.fm/osintcurious/support

Webcast 20200112 – #27 People in this Episode Dutch_Osintguy Ginsberg5150 Micah Hoffman Sector035 And our special guest: Roelof Temmingh (VortimoTech) Links to what we discussed Aware online blogs: Searching Telegram via location – https://www.aware-online.com/en/search-for-telegram-groups-based-on-location/ and creating your own flowcharts – https://www.aware-online.com/en/create-your-own-osint-flowcharts/ Micah’s OSINT MindMap – https://webbreacher.com/2018/07/12/osint-map/ OSINT : Using Certificate Transparency lists. https://twitter.com/catalyst256/status/1214590663037198336 Shodan filter reference: https://beta.shodan.io/search/filters Facial recognition by Yandex (vai Nelson Minar): https://nelsonslog.wordpress.com/2020/01/07/facial-recognition-for-the-public-yandex/ Are you wondering what Emergency Action Messages (EAM) over the US Military High Frequency Global Communications System (HF-GCS) are? Find out all you need to know at this blog from @MilcomMP – https://mt-milcom.blogspot.com/p/what-is-emergency-action-message-or-eam.html https://www.bellingcat.com/news/mena/2020/01/09/video-apparently-showing-flight-ps572-missile-strike-geolocated-to-iranian-suburb/ Osint quiz by sector – https://twitter.com/Sector035/status/1211038518635614208 The ‘Hindsight Files’ – https://twitter.com/HindsightFiles Events From Kevin at National Child Protection Task Force Conference – “This is my conference that provides a bigger mix of OSINT with other legal methods. https://web.cvent.com/event/5b3168db-a94e-42f6-b1fa-ee35e90a6770/summary Self Promotion Kirby has a class in St Augustine Jan 21-22 – https://plessas.net/events Kirby will have her NDCAC law-enforcement only classes listed there soon as well. OSINT Summit this February https://www.sans.org/event/osint-summit-2020/summit-agenda – Use code OSINTPOD20 for special deal of $175 Summit tickets Webcast byDutch_Osintguy on operations security (OpSec) tradecraft and tips for online Open Source Intelligence (OSINT) Research – https://www.sans.org/webcasts/112735 SecKC Tuesday 14th for workshops – https://seckc.org/#news-section --- Support this podcast: https://anchor.fm/osintcurious/support

Find all linked material here: https://osintcurio.us/webcast-20191201-25/ People in this Episode Micah Dutch_Osintguy Kirby Sector035 Links to what we discussed Tips on how to interpret leak data https://www.bellingcat.com/resources/how-tos/2019/11/06/massive-white-supremacist-message-board-leak-how-to-access-and-interpret-the-data/ A new blog from MwOsint on investigating right wing extremists https://keyfindings.blog/2019/12/01/researching-right-wing-extremism-in-central-europe/ An Emmy for the Bellingcat documentary https://www.dutchnews.nl/news/2019/11/two-dutch-documentaries-win-international-emmy-awards/ Firstdraft article on identifying bots https://firstdraftnews.org/latest/the-not-so-simple-science-of-social-media-bots/ Blogpost by OsintCombine on Foursquare https://www.osintcombine.com/post/foursquare-the-hidden-osint-gem Tutorial about Vortimo https://vortimo.wordpress.com/2019/11/08/vortimo-tutorial/ LawFare Podcast https://twitter.com/kirbstr/status/1198804496660385793 Diving into the TikTok API https://twitter.com/Sector035/status/1198692966333865987 Automatic transcription of podcasts in iOS 13 https://twitter.com/chadloder/status/1194781978307911680 and a direct link: https://www.cultofmac.com/647598/search-podcast-transcripts-ios-13/ Political ads information on Snapchat https://twitter.com/carljackmiller/status/1195306436529721345 Tutorial on TikTok investigations https://www.secjuice.com/osint-investigations-on-tiktok/ Small tutorial on the tool ‘bulkextractor’ https://digitalforensicstips.com/2019/11/using-bulk-extractor-for-quick-osint-wins/ An SEO tool to analyze search results https://app.samuelschmitt.com A NYT investigation into the bombing of civilian targets in Syria https://www.nytimes.com/video/world/middleeast/100000006818506/russia-bombs-syria-civlians.htm The item we started this episode with was a tweet about interesting Google dorks. Feel free to share your favourite Google dork on Twitter using the hashtag #osintcurious. For example: https://twitter.com/sinwindie/status/1191493752113766401 Self Promotion OSINTCurious is setting up a webshop https://www.redbubble.com/people/osint-curious Micah will be teaching at the SANS CDI (Washington, DC) event in December, anyone taking a class at the event can participate in the Tracelabs Missing Persons CTF! https://www.sans.org/event/cyber-defense-initiative-2019/bonus-sessions/19390/#bonus-box Micah will also be at the SANS OSINT Summit in Feb 2020 https://www.sans.org/event/osint-summit-2020 – Use code OSINTPOD20 to get a special price of $175 on you SANS Open-Source Intelligence Summit registration Kirby has a class for investigators in January in Jacksonville FL https://www.plessas.net/events --- Support this podcast: https://anchor.fm/osintcurious/support

People in this Episode: Ginsberg5150 Sector035 Technisette Micah Dutch_Osintguy Links to what we discussed New OSINT Curious logo! https://twitter.com/OsintCurious/status/1187624103231967232 Tiktok https://twitter.com/OsintCurious/status/1187624103231967232 https://twitter.com/sinwindie/status/1189364481085890562 https://twitter.com/IntelTechniques/status/1188493096499105792 Instagram https://twitter.com/Sector035/status/1187479840233885696 https://twitter.com/osintcombine/status/1187908145223352320 LinkedIn – https://www.osintcombine.com/post/corporate-profiling-advanced-linkedin-searching-more OSINT4Good – https://twitter.com/Europol/status/1187657027050528768 ISIS Attack map – https://twitter.com/TomaszRolbiecki/status/1188849963138191361 AirBnB Scam – https://www.vice.com/en_us/article/43k7z3/nationwide-fake-host-scam-on-airbnb Michael Bazzell’s new book – https://inteltechniques.com/book1.html Firefox customization for OSINT – https://blogpirate.net/2019/10/31/how-to-make-firefox-an-essential-tool-for-osint/ Vortimo b3 – http://vortimo.com/beta3/ Using 10-K and public business data in OSINT – https://www.managerisks.net/new-blog/2019/10/29/season-11-or-so-you-want-to-be-an-open-source-researcher https://blog.google/products/search/search-language-understanding-bert/ nlp processing Bert by google brings new dimension to searching google Self Promotion Micah – At the SANS CDI (Washington, DC) event in December, anyone taking a class at the event can participate in the Tracelabs Missing Persons CTF! https://www.sans.org/event/cyber-defense-initiative-2019/bonus-sessions/19390/#bonus-box --- Support this podcast: https://anchor.fm/osintcurious/support