I've written a few posts on this topic before, but I thought it might be useful to connect the concepts together. Creating highly sophisticated RSS feeds is something I find very valuable for passive OSINT collection. In this post, I'm going to write about how you can use advanced Google operators within Google Alerts and … Continue reading Combining Google Dorks and Google Alerts to Create RSS Feeds for OSINT
There was a long fought battle for king of search. Google won. It's undisputed. There's Yahoo, Bing, and an assortment of others, but Google won. It's not even close. When searching for terms using other search engines, my results are either garbage or outdated. This post is about the coveted art of Google Dorking. Sounds … Continue reading OSINT Applications for Google Dorks
ADS-B Exchange is the world’s largest source of unfiltered flight data. Normally, blocked tail numbers from private airplanes aren’t visible. With ADS-B Exchange, you can access all the information from any tail number you want. This is great for tracking politicians, business leaders, etc. to find connections between them or any associated event. Additionally, ADS-B Exchange tracks international flight data as well, making this particularly useful for OSINT collection outside of the United States.
There's a wide variety of information that you can gather using open sources. Data ranging from email addresses to phone numbers to social media accounts are all common sources of open source intelligence. Application of this data can vary, but is usually is involved in some sort of investigation, trying to correlate data and find a connection with meaning. Something that I've always been interested in is eCommerce and the data behind it. Most users of eCommerce data are marketers or businesses, but what sort of application does it have for the security industry? It certainly has value for competitive intelligence, but could you use eCommerce data from websites like Amazon for trend analysis with a security application?
Google Chrome and Firefox are usually the browsers for choice for OSINT investigations. Not only are they secure, but they provide the best plugins and extensions to make our work a lot easier. This article will discuss the various Chrome extensions I use during OSINT investigations and why I use them.
Namechk is a great OSINT tool that allows you to find out if a username you are investigating is used elsewhere online. It includes various social media platforms as well as domain names and mobile apps. Typically an investigation starts with a name, phone number, or email address. If you don't have any of the above, you can start with their username. People often use the same user name on multiple platforms and some platforms automatically import the username from your email by default. Having a username to start isn't ideal, but Namechk allows you to explore the information you have to try to find other information.
MyMaps by Google is a bare-bones GIS app that allows you to create custom maps for projects you are working on. I like it because I can quickly plot markers for locations of interest in an area I’m investigating and reference them when collecting information that is geotagged. It also allows you to create different layers to organize the markers based on type. It has limitations, such as the amount of markers you can put in each layer and the lack of support for Google Street View within the app.