A Better Way to Find and Archive OSINT on Twitter

Introduction I was doing some OSINT research on Twitter when I noticed a thread by @fs0c131y discussing an investigation he/she had done into online sellers who are taking advantage of people during the COVID-19 outbreak. It was quite a good thread and is worth checking out but I feel the most interesting and useful part … Continue reading A Better Way to Find and Archive OSINT on Twitter

InstaLoader – an OSINT Tool for Scraping Instagram Metadata

Introduction There are a lot of Instagram OSINT tools out there. InstaLoader is one of my favorites. It's achieved this status by providing a massive amount of data while maintaining its user-friendliness. InstaLoader does the following: downloads public and private profiles, hashtags, user stories, feeds and saved media, downloads comments, geotags and captions of each post, automatically detects profile … Continue reading InstaLoader – an OSINT Tool for Scraping Instagram Metadata

SkipTracer – an OSINT Scraping Framework

Introduction Skiptracer is an OSINT scraping framework that utizes basic python webscraping of PII paywall sites to compile information (passively) on a target. This is especially useful if you are operating on a very small budget. Skiptracer allows you to search by specific input including: Email Name Phone Screen Name License Plate Domain It's primarily … Continue reading SkipTracer – an OSINT Scraping Framework

LinkedIn2Username – an OSINT Tool for Red Teams

Introduction LinkedIn2Username is an OSINT tool that generates username lists from companies on LinkedIn. What's great about LinkedIn2Username is it's easy to setup and doesn't require an API key. You need only supply your LinkedIn username and password to operate it. One disclaimer before we get started is this tool will likely not deliver quality … Continue reading LinkedIn2Username – an OSINT Tool for Red Teams

Twint – an OSINT Tool for Collection on Twitter at Scale

Introduction Twint is an advanced Twitter scraping tool written in Python that allows for scraping Tweets from Twitter profiles without using Twitter's API.  That being said, it does violate Twitter's TOS so use of this tool should be used with caution.  I recommend research purposes only.  Twint solves one big problem with Twitter: the API … Continue reading Twint – an OSINT Tool for Collection on Twitter at Scale

h8mail – an OSINT Tool for Finding Passwords in Data Breaches

Introduction h8mail is a powerful, user-friendly OSINT tool that allows you to hunt for passwords through different breach and reconnaissance services. It's open source and written in Python with one of the most robust README files I've ever seen. This tool is loaded with features including: 🔎 Email pattern matching (reg exp), useful for reading from … Continue reading h8mail – an OSINT Tool for Finding Passwords in Data Breaches