You have been doing OSINT and you didn’t know it
Many people have been using some of the most common OSINT tools and techniques unwittingly. Actually, most people probably don’t even know what OSINT is and what this acronym stands for.
Today I want to go over such tool that everyone with an internet connection has used — on a daily basis — throughout their online life; you guessed it, I am talking about Google and search engines in general. In this article I would like to go over a few cases in which good ol’, regular Google search queries proved to be more effective and efficient than all the fancy reverse image searches together.
I will give you a few examples; let’s start with Julia Bayer’s March 11, 2019 quiztime quiz.
Simple question, tricky answer
Julia warns us that the question might seem easy at first, but once you are at it it can prove much more tricky than it initially seemed.
The question:
Where did I take this picture?
Doing a reverse image search with Google or Yandex proved to be fruitless in this particular case. Maybe you — reader, who reads this in the future — will have much better results as reverse image searches keep improving and, sometimes, just give us different results at different times.
My results, however, were rather disappointing. Here you have Yandex:
And here Google:
Analyzing the image and filtering information
Now what can you do to find it? First, analyze the picture to see if there are any hints where this could be. There is a very obvious one in this picture. I added :orig to the picture’s suffix, so that I could see the picture in its original resolution. Once you do this and have a look at the number plates of the cars you will notice they all have German license plates and they all start with B or BAR. A quick look online, e.g. on Wikipedia, hints at the Berlin area. This made me focus on Berlin first.
We also see that the apartments are a bit atypical, that is, wood has a very prominent presence in these apartments. This is where I thought, why not just describe to Google what I see in this image?
Wooden apartment Berlin
Wooden apartment Berlin, that’s what I told Google to look for. I opened a new tab and typed that phrase, I went over to the image results and scrolled down a little bit, that’s when I saw this picture:
It was obviously the same apartment block. Furthermore, Alamy specified they were being built in the Berlin borough of Wedding.
These are two useful hints, not only have we confirmed that this is Berlin, we also figured out roughly where in Berlin.
We can now try another Google search, let’s translate the search query to German and add Wedding to the query as well. The query will be berlin weddig holzwohnung (thank you, Google Translate). In which holzwohnung means a wooden apartment.
After this I got the exact street address as seen below:
Now you might have to do more or less steps, this all varies on a case by case basis and even if you search for what you found a day or a month ago, results can be different.
Case #2: “Cumhuriyeti ve …”
In a previous article I used a scene from a movie as an example to teach how you can narrow down results. I will use a scene from the same movie, Kader (2006). In one scene the protagonist picks someone up in his cab and drives off. Later on he drives through a tunnel or viaduct. Below you see a video of the scene.
Perhaps it isn’t very clear, but something is written on the viaduct or bridge.
It looks like there is “Cumhuriyeti ve …” written on it. You can use Google Translate to find out the meaning, it translates to republic and … the final words that were written below this weren’t legible.
How can we find using a Google Search query?
You can of course try to do a reverse image search, but I doubt you will have any useful results.
I did the exact same as I did with the previous case; I described what I see in the screenshot.
What do I see? I see a viaduct, a tunnel or a bridge with the words cumhuriyet ve written on it that’s located somewhere in Istanbul on an avenue/street with lots of trees. Now let’s describe this and tell Google what to look for.
Please note that you will need quite a bit of patience and try different keywords to find the place in question.
You can try to use the phrase on the bridge/viaduct to find the place. If you do this, I advise you to use advanced search operators. For people who are new to this, a short explanation: you can find exact matches with Google if you place any text between quotation marks, e.g. “I ate a tuna sandwich today”.
As you will see this will only return exact matches, it’ll exclude phrases like “today I ate a tuna sandwich” because it’s not exactly the same. This is useful for when you have too many results. Let’s try searching the same sentence without quotation marks.
As you see the query above produces too many results. Therefore let’s try with quotation marks.
Now we have far less results, just 198.
The problem here is that the sentence is too short and incomplete, so you will still get too many (useless) results.
Therefore let’s try a different approach. E.g. istanbul viaduct historical.
This returns us many pictures of the aqueduct in Istanbul, so let’s add -aqueduct to it, the minus operator will filter all results that contain the word aqueduct and remove it.
Now there is a structure that looks a lot like it. Some other queries that returned the correct place:
- istanbul arch bridge
- istanbul arch -university -mosque -aqueduct
- istanbul historical bridge -galata -bosphorus
And many more. I only included the English ones but you could have tried in different languages as well.
Bonus: complete the sentence
If you open that picture you will notice that those letters aren’t there anymore. As a bonus question, you can try to find out what was written there before. You can do a reverse image search with Yandex now that you have a better picture of this viaduct/pedestrian bridge.
It was:
“Cumhuriyeti ve demokrasiyi seviyoruz.”
“We love democracy and the Republic.” But it appears that it has been removed. All we know is that by 2011 it had already been removed.
Conclusion
Tools and reverse image search is fun, but you really should start learning Google search operators if you haven’t done so already. Some people call this Google dorking and it goes much further than this, but these are the most basic search operators and arguably the ones you will use the most. A combination of reverse image search and search operators complement each other when trying to geolocate something with Google.
For people new to these search operators, here you have a comprehensive list.
