Logo
RSS Feed

πŸ‘ˆπŸΌ Back to
πŸ”Ž Incident Investigation

πŸ“š OSINT Techniques

   

Created: 28.07.2022

This all about searching for the information publicly available.

Domains

To check website/IP address for nefaciousness: https://zeltser.com/lookup-malicious-websites/. wtfis - tool (collects info from VT, Shodan, Passivetotal).

Search Engines

In order to find which search engine is used in a specific country, use https://www.searchenginecolossus.com/.

Google

Respects the demand of a web resource not to index it. You can limit by geo, time/date.

πŸ“• RTFM

site:bakerst221b.com
ext:pdf intext:michael inurl:forensics

intitle: "cv" "phone * * *" "address *" "e-mail"
intitle:"curriculum vitae" "phone * * *" "address *" "e-mail" 
filetype: xls inurl:"email.xls"
intitle: index.of finances.xls

Yandex

Ignores the demand of a web resource not to index it. You can find something here, what you won’t find with Google. Also, here you’ll find a lot more pirated stuff than in Google.

Baidu

Ignores the demand of a web resource not to index it.

Some other tools to try

img

Languages

You can use Google extension to translate pages to your language.

Also, you can use https://2lingual.com/ to look for pages within different regions simultaneously.

Social

Google Groups

Won’t be able to search for email addresses due to the crawlers protection. Remove @ and add spaced instead of .. You can also search for something within the group of choice.

Although you won’t see email address by the username, if someone has replied to the message and quoted it, you’ll get a masked email.

Yahoo Groups

πŸ“˜ BTFM

# though Google (since Yahoo's search is no good)
site:groups.yahoo.com "something"

Twitter

Allows using all range of Google advanced search operators.

News

Google News

news.google.com searches for Google News archives. Not the same as Google -> News tab in the search engine which searches through web and then filters for what it believes to be news.

πŸ›  Tools

πŸ’° SEON

https://learn.seon.io/enterprise-fraud-management?utm_term=%2Bseon&utm_campaign=%5BS%5D%20Brand%20SEON%20%5BEMEA%5D&utm_source=google&utm_medium=cpc&hsa_acc=9367189488&hsa_cam=12655821531&hsa_grp=121524721138&hsa_ad=614550808794&hsa_src=g&hsa_tgt=kwd-330252594903&hsa_kw=%2Bseon&hsa_mt=b&hsa_net=adwords&hsa_ver=3&gclid=Cj0KCQiAm5ycBhCXARIsAPldzoWTCDKZuHoVKsXS_dtSymkjuBt-MZnvsoNDx6gJu3RTYb_etHUf8b8aApeNEALw_wcB

Osintgram

https://github.com/Datalux/Osintgram For Instagram.

πŸ’° PeopleLooker

https://www.peoplelooker.com/ Looks like it’s only about US people.

ing

… also looks at court records, B2B and unclaimed money databases.

πŸ’° BeenVerified

… lookups for people, vehicles and properties. Social media isn’t its primary focus, but it does include a particularly handy β€œusername search” feature.

img

Orbitly

Free sign-up, but I don’t get how to use it. I used my own LinkedIn as a test, and nothing showed up. I tried a couple of other profiles and several emails - nothing.

πŸ’°WebPreserver

https://www.pagefreezer.com/webpreserver/

TweetBeaver

https://tweetbeaver.com/

Maltego

It can be used for free to some limited extent. I could not launch it on M1 Mac.

πŸ’°Cellebrite

References

Expand … Something here