
Searching Instagram – part 2
Another amazing blog post about searching and performing open source intelligence on the Instagram platform. Continue reading Searching Instagram – part 2
Another amazing blog post about searching and performing open source intelligence on the Instagram platform. Continue reading Searching Instagram – part 2
This blogpost is inspired by @djnemec‘s Github gist, which you can find here https://gist.github.com/nemec/2ba8afa589032f20e2d6509512381114. The next step In this part, we’re talking about combining searches. Just like in part 1, we will be translating JSON to Base64. And of course we’ll take you through it step by step 🙂 What to combine? Well, you can only combine when you stay in the same category. In … Continue reading The new Facebook Graph Search – part 2
Performing OSINT advanced queries in Facebook after the Facebook Graph Search changes. Continue reading The new Facebook Graph Search – part 1
Using CyberChef web site to convert JSON, URL encoding, percent encoding, Base64 encoding, and UNIX time into other formats for OSINT. Continue reading JSON and Common Web Encodings Demystified
In July 2019 Twitter had some updates to their interface, search-URLs and overall user-experience. They changed a lot of things in the background which made the user-experience for researchers less useful. Actually a tweet thread started by @thegrugq inspired me to write this blog. With this blog you can take a few basic steps to bring back the user experience of “the old” Twitter like … Continue reading Muting the Twitter algorithm and using basic search operators for better OSINT research
How to search effectively and efficiently. Basic principles, tips and tricks for OSINT. Continue reading How to search effectively and efficiently – Part I: basic principles, tips and tricks for OSINT
The tool cURL is already over twenty years old, but it remains one of the most used tools by people, especially the ones working in the IT Security branch. It is used directly on the command line and can send or receive data from a website or IP address. Whether you need to retrieve information over HTTP, HTTPS, FTP, SMTP or any other kind of … Continue reading Dial cURL for Content
Guest blog by Rob Volkert In 2018 there were reportedly 1,244 data breaches totaling over 446 million exposed records, primarily targeting the business sector and health care fields. Cyber security systems may be growing more sophisticated, but so too are attacks designed to collect personal data. There may be a silver lining to breach data for those of us who conduct open source intelligence (OSINT) … Continue reading Basics of Breach Data
The other day I was tagged in a conversation between @WebBreacher and Nick Furneaux, where Nick asked whether it would be possible to calculate the position of a person within a photo. A quick search on the internet returned multiple blogs and websites with calculations based on the size of the camera sensor. But this would only work if an original and uncropped photo was … Continue reading Geometry in Image Forensics
Often i get asked if i’ve got some pointers and tools for OPSEC during online investigations. My primary answer would be first: I can’t give any tips or tradecraft pointers until I know what research questions you are trying to answer. In short, what is your threat model? First of all, one should know where the term OPSEC originates from. OPSEC stands for Operational Security … Continue reading Basic OPSEC Tips & Tricks for OSINT researchers