Week in OSINT #2018–47
Information on images, interesting intelligence and intriguing investigations
Welcome to the last Week in OSINT of November. After this one there will be two more after which I will take a little end-of-the-year break. So in the coming few episodes I will try to include as many useful tools as possible to make sure nobody has to feel bored ;-)
For now we’re off to last week’s list of tools, sites and tutorials to cover. This week we have the following:
- Imago
- Whitehat Videos
- Tessa88
- Zotero
- Elon Musk Bitcoin Scam
- YouTube location based search
- Paliscope Smart Images
- Carrot2
Tool: Imago
The other week I stumbled upon a small tool that I didn’t really need, but which I absolutely wanted to include today. Imago is a script written in Python that can go through a directory of images and extract all the metadata in one single go. The tool has a some nice features like extracting EXIF data and GPS coordinates, calculate a hash, create an error level analysis and even has a beta function to detect images with nudity within JPEG’s. And the best of all is that it will save the extracted data into a CSV file of SQLite database. So if you happen to have a bunch of photos to go through, then grab Imago and take it for a spin!
Media: Whitehat Videos
Last week Whitehat Security posted a link to a playlist on YouTube with some interesting videos aimed mostly towards open source intelligence. Some videos deal with tools that are designed for pentesting, so have a look and pick the videos that are of interest to you.
Playlist: https://www.youtube.com/playlist?list=PLD_f5iLGKKToiFsTnlOTTiWViOUxLxf4c
Report: Tessa88
A few days ago Frank Castle shared a write-up about an investigation by Recorded Future about a hacker names ‘tessa88’, known for selling high profile dumps. Via a lengthy open source analysis on several social media accounts and little trails of information, Recorded Future was able to determine the real identity with a high degree of certainty. A nice read, and I certainly recommend this as a read during a coffee break!
Blog: https://www.recordedfuture.com/tessa88-identity-revealed/
Tool: Zotero
Everybody in the world of open source intelligence is looking for a way to organise their heaps of links and bookmarks. And if you have a running investigation there might be times you would like to save some bookmarks temporarily and in an organised way. Well, thanks to a tiny little tweet by OSINT Stash last week, I would like to share with you: Zotero! Add files, PDF’s, links, start organising and collaborate with others. And you can even share things with others! Might this be the tool we’ve all been waiting for? Check out the website and have a look yourself!
Link: https://www.zotero.org/
Report: Elon Musk Bitcoin Scam
I love reports, write-ups or investigations in general that are shared with the public. The next one comes from Steve Micallef and deals with a bitcoin scam, that seem to gain popularity recently. This report zooms in on one of the many out there, dives into the domain names and wallets and gathers enough information to not just answer the What and Where, but even shows information that shows the identity of one of the people behind this particular scam.
Link: https://medium.com/@micallst/an-osint-analysis-of-the-elon-musk-bitcoin-scam-778fb1b14b3b
Website: YouTube location based search
When this URL was shared, it was the first time I heard about a tool for location based searches on YouTube videos. Some said it wasn’t that accurate, so I gave it a go and did a few searches. I must say it indeed returned some weird results, like videos taken in South-Korea while searching for videos in downtown London. Since I didn’t take the time to read up on the techniques used by this tool, I can only imagine that the tool looks at certain indicators where the video was initially uploaded.
Again, I am not sure what the exact technique behind it is, but it certainly gives someone a first tool to search videos based on a location!
Tool: Paliscope Smart Images
Paliscope is well known in the world of OSINT investigators and they keep adding nifty little functions! The latest addition is ‘Paliscope Smart Images’ that will give you an instant overview on the EXIF information available in the images collected for an investigation. No more need to go into the properties of an image, the available type of information is highlighted by little icons. SO I think it’s time to update!
Website: Carrot2
Carrot2 is a very simple looking search engine with an awesome little trick after you enter your desired search. The results are shown by grouping them together by types of information, grouped by keywords and has a few tabs to more information. A little gem out there on the web, that just gives you that little bit more than just a long list of hits.
And if you are looking for more tools, I found it via an article by Laura Brown on the website of Intelligence Fusion.
For now, this is it from me! Two more articles to go this year before I take a little break. So if you have any links, tools, articles or websites you want to share, feel free to do so soon!
Have a good week and have a good search!
