JungleScam – The First eCommerce OSINT Tool

I've found myself at an awkward place at the intersection of OSINT and eCommerce.  The reason I find it awkward is I feel like tons of people are talking about eCommerce but no one in the infosec or investigations community comes to mind.  As more and more transactions become digital, I think it's important to … Continue reading JungleScam – The First eCommerce OSINT Tool

Advertisements

Investigating eCommerce Scammers on Amazon using OSINT

Introduction There's a lot of information out there related to OSINT investigations.  Not nearly enough as there should be, considering the amount of free tools and guides available, but a lot nonetheless.  One thing that isn't talked about online is the intersection between OSINT and eCommerce.  Now, the tools and processes in this article are … Continue reading Investigating eCommerce Scammers on Amazon using OSINT

Using OSINT to help build the OSINT community on Twitter

Introduction One of my main missions is to help create a bridge between the 'old school' OSINT community and the infosec recon community.  OSINT has started to gain traction in the infosec community, but there's still a bit of a communication gap.  Private investigators and intelligence analysts aren't exactly communicating with penetration testers and DFIR … Continue reading Using OSINT to help build the OSINT community on Twitter

Using OSINT to Find Protest Events and Activist Groups on Facebook

Introduction Last week on the OSINT podcast  I was asked a question that I don't believe I answered to the best of my ability.  Partly because audio presents certain challenges when describing a visual process, and partly because I don't think I fully contemplated the extent of the question or how in detail I should … Continue reading Using OSINT to Find Protest Events and Activist Groups on Facebook

Creating an Effective Sock Puppet for OSINT Investigations – Introduction

Introduction and Philosophy In recent light of the epic failure by Surefire Intelligence to frame Robert Mueller for sexual assault allegations, I feel it's important to discuss and unpack how to make a good sock puppet for OSINT operations.  If you aren't familiar, just google Jacob Wohl or Surefire Intelligence and you will likely be … Continue reading Creating an Effective Sock Puppet for OSINT Investigations – Introduction

Chasing an Online Scam Through the Blockchain – an OSINT Investigation

This is my first blockchain investigation and also my first original OSINT investigation.  I've been inspired to do this through reading others in the space and I'm sure their work will be more thorough and done with more precision than mine.  However, using new techniques I've explored, such as finding unlisted Pastebin pages, I've found … Continue reading Chasing an Online Scam Through the Blockchain – an OSINT Investigation

How to Collect OSINT from Unlisted Pastes on Pastebin

Sometimes the best information is the hardest to find.  We are quick to search Google and social media, finding a quick solution for our OSINT requirements.  We may also run background checks or enter the information we do have into other databases trying to find more.  But sometimes the information we are looking for isn't indexed, or … Continue reading How to Collect OSINT from Unlisted Pastes on Pastebin