Another week, another set of OSINT tools. This week we'll be looking at tools for OSINT investigations including Google Earth, Instagram, and Yandex. The goal is to expand your mindset on what's possible using tools, increase your efficiency, and amplify your outcomes. Let's get started.
Google Earth is one of the staples of visual investigations. If you're looking at multiple locations at the same time, it can be difficult and tedious to navigate to each coordinate one by one and inspect the most recent imagery. Because of the time suck, I wrote a script called Earthshot.
Earthshot takes a CSV of coordinates and automatically takes screenshots from Google Earth on the web. One by one the script will open the coordinate, capture the screenshot, and save it to the directory the script is saved in. Let it run in the background and do a significant amount of initial collection in the background. Control the zoom level by adjusting the zoom variable within the script.
Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers, and more.
One thing that is important to note about toutatis is that it'll only grab the obfuscated version of the phone number and/or email. Additionally, it does not notify the account owner when the information is collected. This means it is truly passive OSINT and doesn't drip into user interaction or any other active engagement.
Palenath is an excellent contributor to the OSINT community. He's a skilled developer and has the rare investigative mindset. If you aren't following him on Twitter or Github, you're missing out on some of the greatest OSINT tools available.
YaSeeker is an OSINT tool that gets inforomation about any Yandex account using an email or login. YaSeeker checks the following services: Music, Collections, Bugbounty, Reviews, Q (Znatoki), O (Classified), Zen, Market, Messenger.
Here are a few things it can find:
- Full Name
- Yandex UID
- Yandex Public ID
- Linked social accounts
- Activity (count of reviews, comments, subscribers, and subscriptions)
- Account features (is it verified, banned, deleted, etc.)
I've also tried the usernames "hacker", "putin", and "vladimir". If you have a more targeted username, give it a spin!
Remember OSINT != tools. Tools help you plan and collect data, but the end result of that tool is not OSINT. You have to analyze, receive feedback, refine, and produce a final, actionable product of value before you can call it intelligence.
Thanks for reading. If you enjoyed this post, make sure to subscribe. A new one just like this will be posted every Tuesday at 6:00 PM UTC-5:00.