Week in OSINT #2018-27
Dashcams, databases and domain intelligence.
Last week I asked someone for some feedback on which items might need some more TLC in my weekly posts. The answer was: Nothing! There are so many different areas that are covered, so no need for anything! This week it is not any different. We jump from Jihadi’s to Facebook and and from company intelligence to a website with dash cams within the UK. This week I have these things covered for you:
- Dash Cams in the UK
- Digital Methods Initiative
- Jihad Intel
- Links to Link Sites
- Facebook Graph and Job Titles
- Finding Social Media Profiles via Images
- Polar Data
- Finding Facebook Profiles via Phone Numbers
- Turning Tweets into Timezones
- Measurement Tool for Google Earth
Site: Dash Cams in the UK
A few days ago I saw a tweet from Lorand Bodo that mentioned a site where people can upload their dash cam videos.
The site is from NextBase that is a manufacturer of these cams and they provide their customers with a platform where the videos can be indexed. The videos themselves are hosted on Vimeo, but via the site you can zoom in on the map of the UK to find out whether something interesting has been uploaded.
Link to the map: https://www.nextbase.co.uk/video-map/
Site: Digital Methods Initiative
On Twitter the user VAguileraDiaz found two interesting sites. In the first tweet he listed a forum where hundreds of links were posted.
But there is something special to it, so it seems:
Not so nice of this forum user called "Tr1gger", to go and take credit of other peoples’ hard work! But the good thing is that right under the first tweet a second tweet appeared. It was about a page of the Dutch Methods Initiative:
The Digital Methods Initiative is an Internet Study Research group that holds Summer Schools and Winter Schools and is based at the University of Amsterdam. And they have set-up a page with links divided into several categories, so go visit the wiki page to have a look.
Site: Jihad Intel
And we have another tweet from Lorand Bodo! This time it is a site with information about the several different Islamic terrorist organizations in the world.
From posters to protest symbols, from hand signs to headbands all the way to tattoos and Twitter images. If you need information about a terrorist group, this site is recommended!
Site: Links to Link Sites
There are many link sites when it comes to OSINT and the ORCS project will help to categorize all the different categories. But so far there wasn’t a big overview with all those link sites to quickly find them. Just like the “one ring to rule them all”, there now is the list of Bruno Mortier where all these sites are being indexed.
Bruno Mortier’s Start.me: https://start.me/p/ZME8nR/osint
Blog: Facebook Graph and Job Titles
On the 4th of July a tweet from i_intelligence pointed me to another post from Boolean Strings and Facebook Graph searches. This time it is about job titles, how to find the ID’s that are related and how to use them in a search. In the article there is also a link to a comprehensive list of job title’s and ID’s to help people find exactly what they are looking for.
List with job ID’s: http://topgrowthhacker.com/facebook-ads-manager-job-title-targeting-codes-2018/
Blog: Polar Data
It is a long time ago, a time when people would just run around the block for fun. Now people want to share their track length, calories burned and locations with the whole wide world. And then Strava came with their heat map and explorer, which opened up a can of worms regarding military bases all over the world.
And now Bellingcat has written a post about another fitness nightmare — or gold mine, depending on which side you are — Polar. This platform was even more revealing than Strava, so just another tool that gives a great insight into the movement and routines of people.
Bellingcat got in touch with them after identifying people working at MI6, diplomats, law enforcement and even people involved in sensitive operations. And as a result the 6th of July Polar came out with a statement that they will be temporarily suspending access to the API that is used to explore this data: https://www.polar.com/en/legal/faq/public_and_private_training_data_statement
Tool: Finding Social Media Profiles via Images
A view days ago a retweet by Stuart Winter-Tear showed me a new tool that is extremely interesting!
The tool look simple, the impact this can have is huge! A single photo from a know social media profile, a possible name and let the tool do its work. It goes over several different social media sites to find out whether there are any matches that can lead the investigator to other profiles of the same person. And it will actually use face recognition to find the right Facebook profile too. Check out the GitHub repo for this little gem!
Blog: Finding Facebook Profiles via Phone Numbers
It used to be simple to find a user on Facebook via a phone number. But even after they removed this option, there is still a way to find users by using a phone number. Just fire up your favourite emulator to get the Facebook app running, or use a burner phone for this.
I remember reading an article about it some time ago, but since this tweet popped up in my timeline on Twitter, here it is!
Tool: Turning Tweets into Timezones
The Twitter user x0rz had an interesting conversation the other day, where someone tried to gain information from him. But that wasn’t the most interesting part of this all…
The most interesting thing was a screen shot of his tool “Tweet Analyzer” where tweet from an account are being pulled in and analysed on several pieces of data. Together it creates a complete overview of most used hashtags, geolocated tweets and even the times one is posting the most. Very nice analysis tool that really deserves a test run. So go ahead Git it right now!
Blog: Measurement Tool for Google Earth
OSINT Techniques shared a post by Forbes about a new measurement tool that is available in Google Earth.
The tool itself can not just be used to measure a distance between two or more points, for instance a route. But when more points are used and the line is turned into a closed shape, it will give the area and perimeter distance of that enclosed area.
Within Google Earth for the Web the tool can be found within the usual measurement tool. Just click and keep on clicking until you get to your start, indicated by the text “Close shape”. Afterwards in the top right of your screen it will show you the perimeter distance and area in square meters and feet.
Within Google Earth Pro this was already implemented before if I recall correctly and can be found under the ruler function, under the tab “Polygon”.
While finishing up this weeks edition I had a quick run over tools and sites that might be interesting and all of a sudden I saw something completely different and refreshing to me, the tool Should-I-Trust.
The tool runs locally and you can search for any kind of intelligence on a single domain. It searched for bug bounties, queries Censys.io and for instance any information about the domain on Virustotal. It creates a report with all information found, to give you an idea of the general operational security of a given company.
And that was it for this week! Not so many tools this time, but tools ain’t the most important thing of course. I am very happy that I am still able to keep filling these weekly updates with new thing! I have thought about changing it to bi-weekly or monthly if things started to get less interesting, but there is no way I will do this at this point! Currently I also started to have a little bit more time during lunch breaks and the evenings, so you all keep on tweeting and keep developing because I will do my best to cover everything that might be interesting!
Have a good week and have a good search!