The OSINT Newsletter - Issue #25
The latest and greatest in OSINT news, tools, tactics, and techniques
👋 Welcome to the 25th issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. My goal with this newsletter is to help promote the OSINT industry, develop better investigators, and raise awareness of ethical use cases for open source intelligence.
🙏 Once again, thank you to all new and existing subscribers who’ve decided to stick around. The OSINT Newsletter has nearly 6500 subscribers and has started working with freelance writers to help grow the newsletter with more issues weekly. Be on the lookout for exclusive content in the coming weeks.
🚨 In last week’s issue, I discussed a new tool that we’re working on for geolocation. I’ll be sharing updates on the progress of that tool weekly until we have a prototype that we can share. Supporters of this publication will get early access.
🏆 Geolocation challenge
In what city was this image taken? What are the specific coordinates?
The first person to provide the correct city gets 1 month of paid access to The OSINT Newsletter for free. The person with the closest coordinates to where the image was taken from will also get 1 month of paid access.
Bonus: the person who provides the best writeup for how they geolocated the image (with the right location) will also get 1 month of free access and will have their writeup featured in the next newsletter issue.
🙋 Reply to this email with your answer; winners will be announced on Friday.
🪃 In case you missed recent newsletters, here are a few links to help you catch up.
Let’s get started. ⬇️
📰 How to find online cameras with Google
Learn how to find online cameras using several Google Dorks. There is common nomenclature found in instances of cameras online, this post shows you what to look for.
📰 Using silent SMS to localize LTE users
This is an interesting blog that Sylvain originally brought to my attention. This is more of a digital privacy read but it discusses how to use silent SMS messages to track LTE users’ locations.
📰 U.S. Counterintel Buys Access to the Backbone of the Internet to Hunt Foreign Hackers
Another digital privacy read, this article talks about how groups are bypassing the NSA and getting netflow data from private intelligence groups. If you haven’t been following 404 Media, definitely add them to your reading list.
📰 Basic OPSEC Tips & Tricks for OSINT Researchers
In this blog from Nico Dekens, learn the basics of OPSEC including the tools, tactics, and techniques you can use to ensure your digital privacy is protected online as you do your investigations.
📰 Democratizing justice: How open-source research is changing financial crime investigations
OpenCorporates sits down with Bellingcat to talk about how open-source research has changed the nature of the financial crime industry and how Bellingcat has applied OpenCorporates data for their investigations.
🚨 If there’s a blog post, news article, or any other content you’d like to see in the newsletter, reply to this email with a link and why you think the community would enjoy it. I’m always looking for great new content.
🏆 The OSINT Newsletter - Issue #24 geolocation write up
Sam Saville won last week’s geolocation writeup challenge and got 30 days of paid access to the newsletter for free. He used a website called Scribe to create this wonderful step-by-step guide on how he was able to geolocate the image.
📺 1 Git Command for OSINT & Cyber
If you’re new to technical OSINT and using open-source tools for collection and analysis, check out this video. Gary shows you how to get started with Git for OSINT.
🐦 NoStarch is releasing a new OSINT-related book
Hacks, Leaks, and Revelations by Micah Lee comes out soon.
Here’s the description:
In the current age of hacking and whistleblowing, the internet contains massive troves of leaked information. These complex datasets can be goldmines of revelations in the public interest— if you know how to access and analyze them. For investigative journalists, hacktivists, and amateur researchers alike, this book provides the technical expertise needed to find and transform unintelligible files into groundbreaking reports.
🎤 OSINT, Curiosity, Creativity, & Career Pivots: A Conversation with Rae Baker
Rae Baker talks on the 8th Layer Insights podcast about open source intelligence and her experience in the career field.
🐦 Learn how to use regex to counter phishing campaigns
Jane shows you how to use regular expressions to identify suspicious domain names including an example. There are also some interesting tools she uses to demonstrate her point.
🐦 Use the filetype operator to search for CSV files
Aleksandra shares that it’s not possible to search for filetype:csv instead of having to find it in the URL or only search for Excel files.
✅ That’s it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, you’ll get access to the following:
🌎 Updates to ongoing geolocation research
🥷 A detailed guide on researching exposed datasets for OSINT
🖥️ 2 OSINT web apps for Reddit and Telegram collection and analysis
🔎 3 OSINT scripts for cyber threat intelligence, people search, and license plate lookups
👀 You get access to all paid posts in the archive. Go back and see what you’ve missed!
🚀 If you don’t have a paid subscription already, don’t worry there’s a 7-day free trial. If you like what you’re reading, upgrade your subscription. If you can’t, I totally understand. Stay tuned for the geolocation challenge in next week’s issue to get a shot at free access.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.