Cyber Investigations: Connecting the dots in a spiderweb

I liked geometry so much in high school, I took it twice. Despite my absolute aversion to parallelograms, the take away from geometry was something we obviously know and understand: Getting from point A to point B is fastest when straightest. Technically a line is forever, so it is only two dots on the line—otherwise known as a line segment—we are calculating, but I will leave that to Mrs. Steinmetz’s freshman class.

Investigators and analysts are challenged daily with establishing those points and connecting those dots. In fact, this activity transcends all of the investigative fields, regardless if you are a federal agent, private investigator, intelligence analyst, or business researcher. Details of your report will almost always include the subject’s connections to the rest of their environment.

The OSINT Framework at a Glance

A wonderful tool that helps make these connections is OSINT Framework. Created by Justin Nordine, the site is a collection of free OSINT resources. It’s invaluable for anyone conducting an OSINT investigation. The easy-to-navigate site resembles an intricate spiderweb—you start at the center and the further out you go the more expansive the tools and resources become. The spiderweb contains the basic framework that goes into this unique investigation, including 30 topic areas such as social networks, domain names, forum/blogs, and public records.

When you click on a Forms/Blogs/IRC, for example, the spiderweb expands to a list of Forum search engines such as Boardreader, Omgili, and Craigslist Forums. Instant Messaging opens to Skype, Snapchat, Kik, and Yikyak. Each of those  expands even further.

The site is constantly being updated and Nordine welcomes suggestions, comments, and feedback. You can follow him on Twitter @jnordine and find him on Github.

2018-07-09T11:50:52+00:00 July 12, 2018|Tags: , , , |