Another week, another set of OSINT tools. This week we'll be looking at tools for OSINT investigations including social media extraction, phone numbers, and YouTube. The goal is to expand your mindset on what's possible using tools, increase your efficiency, and amplify your outcomes. Let's get started.
socid-extractor is a Python script that allows you to extract information about a user from profile webpages / API responses and save it in machine-readable format. Supported websites include:
- Google (all documents pages, maps contributions), cookies required
- Yandex (disk, albums, znatoki, music, realty, collections), cookies required to prevent captcha blocks
- Facebook (user & group pages)
- VK (user page)
- OK (user page)
- Mail.ru (my.mail.ru user mainpage, photo, video, games, communities)
This tool is valuable when you have a series of accounts you've already verified as part of your investigation. Rather than visiting each page and extracting the information manually, you can use socid-extractor instead and grab that information from the command line instead. The good news is if you're already using tools like Maigret, socid-extractor is already included. It's also included in an open source tool called YaSeeker. We'll take a closer look at both next week.
Here's a quick example to show you how easy it is to use this tool and a sample output:
$ socid_extractor --url https://www.deviantart.com/muse1908 country: France created_at: 2005-06-16 18:17:41 gender: female username: Muse1908 website: www.patreon.com/musemercier links: ['https://www.facebook.com/musemercier', 'https://www.instagram.com/muse.mercier/', 'https://www.patreon.com/musemercier'] tagline: Nothing worth having is easy...
As you can see, using a simple CLI command --url, you can pull a ton of information in an easy to use format.
Ignorant is a Python script that allows you to check if a phone number is used on different sites like Snapchat, Instagram, and Amazon. Ignorant does not alert the owner of target phone number when using the tool. Here's a preview of the tool in action:
Ignorant is incredible easy to use. Since it's a Python package with PyPl, you can install it with pip easily and get right to work. Once installed, all you have to do is call ignorant and enter the phone number. Palenath and friends will likely add more modules beyond Snap, IG, and Amazon in the future. Keep an eye on the tools and make sure it's regularly updated.
YouTube Geofind is a web application that allows you to search for geographically tagged videos by location, topic, or channel. Videos are viewable in a map and are exportable to CSV. This tool was recently updated in December 2020. Location and topic searching now includes a language filter on the geotagged results.
If you're looking to monitor specific types of events in a particular location, YouTube Geofind is a great place to start. Because it's easy to use, anyone can get started with location-specific investigations using this tool. Keep in mind that this tool only captures videos that have been geotagged and, frankly, not that many people geotag their content anymore. That said, it's a great introduction to OSINT tools if you're new to the game.
Matthew Wright is the developer of this tool. He makes a variety of tools for YouTube including a comment extractor and a metadata extractor. Make sure to check our their Github for more great resources!
Remember OSINT != tools. Tools help you plan and collect data, but the end result of that tool is not OSINT. You have to analyze, receive feedback, refine, and produce a final, actionable product of value before you can call it intelligence.
Thanks for reading. If you enjoyed this post, make sure to subscribe. A new one just like this will be posted every Tuesday at 6:00 PM UTC-5:00.