Our weekly hack for those in the field doing the work & digging up critical intel.
The ability to uncover information on the internet is the primary skill of an online investigator. There are hundreds of thousands of surface, deep, and dark websites, but which are most pertinent to your unique case? Do you know how to utilize Google to its full potential? With new social media platforms coming online at a rapid pace, capturing leads and evidence in social media networks is more complex than ever. Do you know the latest tools of the trade?
Hg’s OSINT Tips of the week provides you with the latest intel how to be most effective in our tradecraft. We are always looking for new tools, so don’t hesitate to let us know if you have one you’d like reviewed in a future post!
SEARCH ENGINE: Shodan.io
Shodan.io gathers information about all devices directly connected to the internet. Shodan indexes public data from readily available devices, from tablets to large-scale power plants. Shodan indexes banners—metadata derived from a running device—which is crucial for those inquiring about server information. When navigating Shodan, search by keyword, syntax, or by specific banner identifiers. Results are derived from the past 30 days and are able to be exported. If selected, this resource can provide a generated report of the query in the form of graphs and charts. If you are looking to detect software vulnerabilities, control servers for malware, or even popular operating systems, Shodan is for you.
OPT OUT: Absolutepeoplesearch.com
AbsolutePeopleSearch.com helps locate an individual’s personal information. Searches within this site can be performed by a name, address, reverse email and phone search, and a social media search. When a search is performed and a list of profiles is aggregated, the profiles often include personal identifiers such as name, age, current and former city and states, and relatives. Once the correct profile is located, in a new browser window open Absolute People Search’s opt-out page. Input the required information and click “submit.” When the confirmation email is received, click Complete Removal and the information should be removed within seven to ten business days.
InvestigativeDashboard.org was established by the Organized Crime and Corruption Reporting Project (OCCRP) to help journalists and layperson researchers expose crime and corruption. Investigative Dashboard’s repository of information is self-serve. It includes public records, business registries, and news and media from around the globe. On its website is a link to browse searchable databases that contain 400+ online databases globally. Search across millions of documents, datasets, leaks and investigations. Investigative Dashboard also introduces Visual Investigative Scenarios (VIS), a project created by OCCRP and partners for mapping your investigations. Some maps are public (and quite an interesting read).
Have an OSINT tip for us? Contact us, and we will consider reviewing it in future posts!
Are you an analyst or investigator looking for advanced OSINT & SOCMINT training? If so, check out Hg’s webinar series on social media investigative training, where you can attend live sessions and receive CEUs or watch previously recorded sessions to beef up your investigative skills.