20618
Every day I write about #osint (Open Source Intelligence) tools and techniques. Also little bit about forensics and cybersecurity in general. Work in https://t.me/netlas
Cryptography for Hackers
1 hour reading guide:
Encryption and Decryption
Popular Cryptographic Methods
Hashing
Difference Between Data-at-Rest and Data-in-Transit
Finding the Cryptography Algorithm from Encrypted Text
and more
https://redteamrecipe.com/cryptography-for-hackers
Tip by twitter.com/Hadess_security
Chasing Shadows: Geolocate Images with Bellingcat's Shadow Finder Tool
A detailed article on how to find identify the geographical area in which a photo was taken by the size of the shadows and the time it was taken
https://www.bellingcat.com/resources/2024/08/22/shadow-geolocate-geolocation-locate-image-tool-open-source-bellingcat-measure/
Authors twitter.com/Galen_Reich twitter.com/Gabor_Friesen
A list of more than 15 reverse image search tools can be found in the Linkedin group of my old mates - OSINT Experts & Resources, by UserSearch
Читать полностью…
10 Essential OSINT CTF Challenges for Every Investigator:
Sakura Room
OhSINT Room
Web OSINT Room
Shodan Room
Las Vegas Challenge
OSINT Dojo Resources
Trace Labs’ Search Party
Geolocating Images Room
Google Dorking Room
S.O.ME.SINT Room
ninamaelainine/10-essential-osint-ctf-challenges-for-every-investigator-c573d75dc4cd" rel="nofollow">https://medium.com/@ninamaelainine/10-essential-osint-ctf-challenges-for-every-investigator-c573d75dc4cd
NPD Breach Check
National Public Data (NPD) confirmed a breach that has exposed personal identity records belonging to potentially hundreds of millions of consumers across the US🇺🇸, UK🇬🇧, and Canada🇨🇦.
Сheck whether the leak has affected your data:
npd.pentester.com
Careers in OSINT
A list of professions (with brief descriptions) where #osint skills can come in handy.
https://www.osintteam.com/careers/
Contributor twitter.com/OsintTeamBlog
AIHIT Data Company Database
Search over 13 million companies by various parameters:
- name
- description
- country
- city
- zipcode
- phone
- email
- clients, partners, investor names
(search by part of value works for each field)
aihitdata.com
YouTube Comments Search
Paste the link to the YouTube video into the form.
Search comments by keyword.
Sort comments by likes, replies or date.
youtube-comments.io
#osint #socmint
picarta.ai v2
After the update, the service allows to search through small areas on the map, with a radius of a few kilometres (or a few tens of kilometres).
Thanks to this, much greater accuracy in determining the coordinates of the photo is achieved.
#geoint
STELLAR
One of the good search-AI assistants. Answers in great detail, with links to sources and pictures. Asking clarifying questions. Very fast.
https://stellar.chatastra.ai/
Creator twitter.com/AstraLabs_Inc
New section in APIs for #OSINT Github Repo - Reverse Image Search. There are various APIs out there that will help automate image search, uniqueness and copyright checks, etc.
https://github.com/cipher387/API-s-for-OSINT/
#osint #socmint
SQL for OSINT: Uncover Hidden Connections, Accelerate Investigations
Detailed article by twitter.com/ervin_zubic for twitter.com/OsintTeamBlog.
https://osintteam.blog/sql-for-osint-uncover-hidden-connections-accelerate-investigations-31ab9c947001
#osint #sql
lenso.ai
Reserve images/face images search tool. Search duplicates and similar images. Filter results by domains and keywords.
Tip by twitter.com/HolismVision
#osint #socmint
If you need to process PDF documents (crop, merge, split, convert, read metadata, etc) but don't want to upload them to third-party online services, you can:
1. Use command line tools. 2. Use self-hosted PDF services such as Stirling PDF.
https://github.com/Stirling-Tools/Stirling-PDF
FACEAGLE
Search by uploaded photo among 4,190,655 face images.
https://faceagle.com/
#osint #socmint
Tip by twitter.com/HolismVision
(for some images may unexpectedly fail to produce results, in this case try a different image)
10 Essential #OSINT Newsletters You Should Subscribe to Today (by Nina Maelainine)
OSINT Team
OSINT Newsletter
OSINT Jobs
OSINT Ambition
Forensic OSINT
Digital Investigations
Cyber Detective
Gary Ruddell’s OSINT
OSINT Drip
Ervin Zubic on Medium
https://osintteam.blog/10-essential-osint-newsletters-you-should-subscribe-to-today-f97381760054
OSINT Methods for Image Investigations
A detailed overview of 22 image tools for investigative imaging: search engines, location finders, photo forensics, and more.
https://redteamrecipe.com/osint-methods-for-image-investigations
Tip by twitter.com/Hadess_security
#osint #geoint
Ransomware Tool Matrix
List of which tools (no links) each ransomware gang or extortionist gang uses:
RMM
Exfiltration
Credential Theft
Defense Evasion
Networking
Discovery
Offensive Security
Living-off-the-Land
https://github.com/BushidoUK/Ransomware-Tool-Matrix/
Contributor twitter.com/BushidoUK
LittleSis
Free database detailing the connections between public figures and organizations:
- 10,930,620 Citations
- 1,798,375 Relationships
- 295,011 People
- 130,615 Organizations
littlesis.org
#osint
Search Whisperer Beta
A free AI tool that teaches you how to properly compose search queries and use Google Dorks.
Write what you want to find and get search query recommendations with detailed explanations.
searchwhisperer.ai
Creator twitter.com/henkvaness
Google's filetype:log operator can be used not only to search for logs of a target site, but also to search for mentions of nicknames, emails and full names of people in the logs of different sites.
Читать полностью…
When gathering information about a website, don't forget that Google indexes logs.
With ‘filetype:log site:yourtarget’ or ‘filetype:log intext:targetrelatedkeyword’ you can find useful technical information for investigation.
Tip by twitter.com/AlHomaidNoor
Note that the image forensic tools aperisolve.fr, 29a.ch/photo-forensics which were originally created to detect photomontage, can also be used to detect AI-generated images.
This does not work with all images, but can be used as an additional method
Tip by twitter.com/deedydas
Can Understanding of Naming Conventions Help Solve Your OSINT Case?
A detailed guide on how to use the names of people from different countries in investigations.
ervin.zubic/can-understanding-of-naming-conventions-really-solve-your-osint-case-fa8f4c14e9dc" rel="nofollow">https://medium.com/@ervin.zubic/can-understanding-of-naming-conventions-really-solve-your-osint-case-fa8f4c14e9dc
Author twitter.com/ervin_zubic
#osint #socmint
OSINT without APIs
Article by twitter.com/Intel471Inc about different #osint automation techniques:
Brute-Forcing
Port Scanning and Banner Grabbing
Web Spidering
Web Scraping
Working with DNS Zone Transfers/TXT records/WHOIS data
and more.
https://intel471.com/blog/osint-without-apis
Tip by twitter.com/hakluke
Search by image
Browser extension for Chrome, Edge and Safari.
Allows to take a screenshot of part of your screen and search for it in 45 different reverse image search engines.
Also search for an image via a link or downloaded from computer.
https://github.com/dessant/search-by-image
A list of more than 15 reverse image search tools can be found in the Linkedin group of my old mates - OSINT Experts & Resources, by UserSearch
Читать полностью…
Useful #linux commands for working with PDF files in command line:
ocrmypdf - OCR text
pdftotext - extract text
pdfimages - extract images
exiftool - extract metadata
pdfgrep - search matches with keyword/regular expression
pdfunite - merge PDFs in one file (for quick view)
Search engines for finding pictures of people by face:
Bing Images
Yandex Images
Baidu Images
search4faces.com
faceagle.com
Facecheck.id
Usearsearch.ai (Facecheck integration)
Copyseeker.net (search exact copies of images)
Today I added a new section to my "Dorks collections list" Github repo https://github.com/cipher387/Dorks-collections-list:
Sensitive data dorks
It contains links to articles with sample queries to find erroneously discovered documents with important information on company websites.
#osint