Episode 47: Samuel Lolagar (OSINTGeek), FireEye VM, Dark Web, Parler, ETags, a bit of SIGINT and collecting info from Youtube videos

Summary: <h4>Today’s special guest is Samuel Lolagar <a href="https://twitter.com/aityaakub" rel="noreferrer noopener" target="_blank">@osintgeek</a> </h4> <p>Samuel’s website: <a href="https://osintgeek.de/" rel="noreferrer noopener" target="_blank">https://osintgeek.de</a></p> <p><br></p> <h4>People in this Episode</h4> <ul> <li>Micah Hoffman (@WebBreacher)</li> <li>Matthias Wilson (@MwOsint)</li> <li>Steven Harris (@nixintel)</li> <li>John TerBush (@thegumshoo)</li> <li>Nico Dekens (@dutch_osintguy)</li> <li>Lisette (@technisette)</li> </ul> <h4>Links to what we discussed</h4> <ul> <li>Here’s a new VM from FireEye for threat intel/research: <a href="https://github.com/fireeye/ThreatPursuit-VM" rel="noreferrer noopener" target="_blank">https://github.com/fireeye/ThreatPursuit-VM</a> </li> <li>Check out OSINTCombine’s new blog post on dark web OSINT: <a href="https://twitter.com/osintcombine/status/1326329875037216768" rel="noreferrer noopener" target="_blank">https://twitter.com/osintcombine/status/1326329875037216768</a> </li> <li>If you want to know more about Parler and what info you can find: <a href="https://twitter.com/firstdraftnews/status/1326973035207921667" rel="noreferrer noopener" target="_blank">https://twitter.com/firstdraftnews/status/1326973035207921667</a> </li> <li>Case study of how to verify and geolocate images: <a href="https://mxsx.eu/2020/11/13/Wakashio.html" rel="noreferrer noopener" target="_blank">https://mxsx.eu/2020/11/13/Wakashio.html</a> </li> <li>How to use ETags (part of the HTTP response) in OSINT investigations: <a href="https://medium.com/@catalyst256/osint-etag-youre-it-ecd7e923392c" rel="noreferrer noopener" target="_blank">https://medium.com/@catalyst256/osint-etag-youre-it-ecd7e923392c</a> </li> <li>Article about militias, their radio gears and channel frequencies utilised by them: <a href="https://radiofreeq.wordpress.com/2016/01/19/militia-radio-frequencies/" rel="noreferrer noopener" target="_blank">https://radiofreeq.wordpress.com/2016/01/19/militia-radio-frequencies/</a> </li> <li>Tool to collect valuable info from YouTube videos:<a href="https://tools.digitalmethods.net/netvizz/youtube/" rel="noreferrer noopener" target="_blank"> https://tools.digitalmethods.net/netvizz/youtube/</a> </li> <li>Lorand’s new blog post explains how to construct powerful search queries: <a href="https://www.lorandbodo.com/blog/constructing-searchqueries-osint" rel="noreferrer noopener" target="_blank">https://www.lorandbodo.com/blog/constructing-searchqueries-osint</a> </li> <li>Curated dark web resources for OSINT by MidaSearch: <a href="https://midasearch.org/dark-web/" rel="noreferrer noopener" target="_blank">https://midasearch.org/dark-web/</a> </li> <li>Thoughts about sockpuppet accounts for OSINT: <a href="https://www.aaroncti.com/lets-talk-about-sockpuppet-accounts/" rel="noreferrer noopener" target="_blank">https://www.aaroncti.com/lets-talk-about-sockpuppet-accounts/</a> </li> </ul> <h4>Self Promotion</h4> <ul> <li>Matthias and Samuel are preparing for the German OSINT conference. More info here: <a href="https://gosintcon.de/" rel="noreferrer noopener" target="_blank">https://gosintcon.de</a> </li> <li>Micah and John are co-chairs of the SANS OSINT Summit, a free 2-day OSINT conference in February 2021 (<a href="https://www.sans.org/event/osint-summit-2021/" rel="noreferrer noopener" target="_blank"><strong>https://www.sans.org/event/osint-summit-2021/</strong></a>) and are looking for presenters and attendees!</li> <li>DutchOSINTGuy is proud of his SANS SEC537 Practical OSINT Class (<a href="https://www.sans.org/cyber-security-courses/practical-osint-analysis-and-automation/" rel="noreferrer noopener" target="_blank">https://www.sans.org/cyber-security-courses/practical-osint-analysis-and-automation/</a>). Registration is open for those classes at significant discount.</li> </ul> --- Support this podcast: <a href="https://anchor.fm/osintcurious/support" rel="payment">https://anchor.fm/osintcurious/support</a>