OSINT Recap with @TheOSINTGuide | Part1
Welcome to OSINT Recap, your yearly recap of all info about OSINT events from your favorite OSINT newsletters.
Let’s start the series with content posted by
.OSINT Tools -
Nuclei - It is a fast, customizable vulnerability scanner powered by the global security community and built on simple YAML-based templates. It can be used to find information for interesting information from a website, including stuff that does not appear in the content.
Spiderfoot - It’s an OSINT tool that integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.
Google Factcheck Explorer - This tool allows you to easily browse and search for fact checks. For example, you can search for a politician's statement or for a topic. Another similar tool and website is AP Fact Check. FaceCheck.org, Snopes.com, Politifact, and Reuters Fact Check.
CS Account Management - The tool’s main purpose is to try to figure out when a website was created. But I use it to find if a website exists in different internet archives. If the tool finds your website in an archive, it will list out a URL that brings you to that archive’s earliest version of your website.
Carbon14 -
OSINT tool for estimating when a web page was written.
(I haven’t tested this personally, so let us know in the comments if it’s not working right now.)e-scraper - A Python script to extract unique email addresses from a list of specified domains. Read a how-to-use tutorial.
Rootabout.com - A website to search for images in the Internet Archive.
Etherscan.io - gain insights into Ethereum-based activities and track transactions in real-time.
UrlScan.io - for scanning malicious URLs.
Cisco Talos Intelligence - platform for gathering threat intel(search using IP, URL, domain, network owner, file SHA256)
OSINT Tips -
Make sure you are NOT using the Way Back Machine’s search bar seen below. It does not have keyword search and only searches archived websites.
Instead, use the main search bar, which has more options and supports keyword searches.How to find company Employees through Website Changes -
Use Wayback Machine’s change feature to identify changes in the websites, specifically on pages having details about employees.
OSINT Techniques -
Researching Politically Exposed Persons and International Corruption -
Researching politically exposed persons (PEPs) and international corruption requires a meticulous and strategic approach, leveraging specialized databases and investigative tools. A crucial aspect is to focus on connections to the main person of interest and people close to them. Often, revealing connections are indirect, linked through associates, family members, or business partners. Read a complete tutorial by clicking here.Essential Databases for Investigative Journalists -
Several databases provide these capabilities, making it easier to uncover hidden connections and track assets. Here are some of the most important international and U.S.-focused search databases for investigative journalists. Click here to read the full tutorial.Verify college degrees, enrollments, or dropouts -
You can verify if someone attended a university in the U.S. by calling the school to request a student’s “directory information” or by submitting a request through studentclearinghouse.org.
For more info, click here.How to Search Pastebin on the Internet Archive -
Open the website(https://archive.org/), enter your query in the general search option, and select Search archived websites in the menu and search your query. Now, on the results page, you can select pastebin.com in the collection search menu.
OSINT Resources -
Username Search Tools - Here’s the list of tools for searching usernames -Username Search tool by IntelTechniques
What’sMyName
UserSearch
NameCheck
Instant Username SearchPeople Searching Websites - There are five people-searching websites in particular that can be used for this process. Each website has its own inputs (data you can search for) and outputs (results).
truepeoplesearch.com - name, address, phone (NAP)searchpeoplefree.com - email, (NAP)
cyberbackgroundchecks.com - email, (NAP)
thatsthem.com - email, (NAP)
advancedbackgroundchecks.com - email, (NAP)
fastpeoplesearch.com - (NAP)
nuwber.com - (NAP)
familytreenow.com - (NAP) - focuses on genealogy
clustrmaps.com - name, address
homemetry.com - address
PasteBin Search tools -
RedHunt Labs Online IDE Search
Cipher387 Pastebin Search Engines
PSBDMP.ccResources for Investigating companies in Europe -
Northdata
DatoCapital
Offshore Leaks Database
LUXEMBOURG BUSINESS REGISTERS
OCCRP Aleph
OpenCorporates
Want more info? Click here.Resources for Investigating companies in Europe(France) -
pappers.fr
Infogreffe.fr
inpi.fr
bodacc.fr
sirene.fr
service-public.fr
societe.com
verif.comResources for Investigating Companies in Europe(Luxembourg)
LUXEMBOURG BUSINESS REGISTERS
Guichet.lu
For more info, click here.Resources for Investigating Companies in the UK
UK Companies House (the Corporate Register)
Search the bankruptcy and insolvency register
Search for disqualified company directorsUK Property Records -
The UK also has property records available to search via the official government database and several private phone directories.
https://propertyregistry.uk/search/
Some other resources for property records search -
https://www.savills.co.uk/https://themovemarket.com/
Search for People, Businesses & Places in the UK
UK Telephone Directory, Person Search & Company InformationResources for genealogy -
Family Search
Find a Grave
Civil War Soldiers and Sailors Database
a database of obituaries
Heritage Quest
FamilyTreeNowAbuse.ch platforms:
• Malware Bazaar: search using the malware’s SHA256 or upload malware file
• Feodo Tracker: search IPs and network names and AS numbers
• SSL Blacklist: a project of abuse.ch with the goal of detecting malicious SSL connections
• URL Haus: a platform from abuse.ch and Spamhaus dedicated to sharing malicious URLs that are being used for malware distribution.
• Threat Fox: search domains, IPs, and other malicious data points.
OSINT Tools for investigating US court systems -
CourtListener is a free legal research website containing millions of legal opinions from federal and state courts. With CourtListener, lawyers, journalists, academics, and the public can research an important case, stay up to date with case law as it develops, or do deep analysis using our raw data.judyrecords is a 100% free nationwide search engine that lets you instantly search hundreds of millions of United States court cases and lawsuits.
Dockets are at the heart of many legal workflows, e.g., litigation strategy, calendaring, research, business development, and calculating legal risk. Docket Alarm's aim is to provide coverage for every litigation docket, with relevant information extracted and made actionable.UniCourt provides access to the complete set of civil and criminal federal court records - it is a free alternative to PACER (the fee-based database of federal court records)
Violationtracker - a wide-ranging database on corporate misconduct.
https://www.osha.gov/ords/imis/establishment.html - search to locate OSHA enforcement inspections by establishment name
https://court-scraper.readthedocs.io/en/latest/ - I am sorry to say that I have not yet tried out or created a guide for this Python tool, but it appears very promising
https://openpolicedata.streamlit.app/ - aims to make it easier to access and analyze police data for 425+ incident-level datasets for about 4865 police agencies. Types of data include traffic stops, use of force, officer-involved shootings, and complaints.
https://bkdata.com/research/ is a private database that holds information on bankruptcy cases.
https://www.bop.gov/mobile/find_inmate/byname.jsp - federal inmate search (states have individual search databases)
Find someone’s current and past addresses:
(most of these are just different versions of the same thing, but the first tool on the list is different)
Publicaccountability.org – another tool for finding someone's current and past addresses based on actual records
The following is a list of standard “People-Search Websites” (PSW)
fastpeoplesearch.com – searching for people, their addresses, and their phone numbers.
These sites also do an amazing job of correlating data to find spouses, family members, and former cohabitants (parents, roommates, former romantic partners).
You can search by name, address, phone numbers, and in some of these you can search by email address.
That’s it for this part. We will cover the remaining posts in the upcoming part.
If you liked the above content, don’t forget to subscribe to the original creator’s newsletter,