The OSINT Newsletter - Issue #28
Learn how to download followers and following lists from Twitter/X accounts without scraping
👋 Welcome to the 28th issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. My goal with this newsletter is to help promote the OSINT industry, develop better investigators, and raise awareness of ethical use cases for open source intelligence.
🙏 I wanted to say thank you for your continued support. The OSINT Newsletter has close to 7000 total subscribers and is on track to 3x the total subscriber count since the relaunch in March. If this trend continues, the newsletter will have ~10,000 subscribers by the end of March.
I also want to thank all the publications actively recommending The OSINT Newsletter. Those recommendations have provided over 700 new subscribers to the publication. The OSINT Newsletter has also supplied over 3000 new subscribers to newsletters in the community via Substack recommendations. Let’s keep it up!
🚨 I’m considering bringing The OSINT Newsletter to print with a monthly issue. I’ll be spending a good chunk of the rest of this year getting cover art designed, a high-quality design for the inside, and finding the right partner to print production-ready content. I will be avoiding Amazon and third-party marketplaces entirely; however, this means I’ll have to pick and pack all of the books myself. I’ll share updates in future issues as this develops.
🏆 Geolocation challenge
In what city was this image taken? What are the specific coordinates?
The first person to provide the correct city gets 1 month of paid access to The OSINT Newsletter for free. The person with the closest coordinates to where the image was taken from will also get 1 month of paid access.
Bonus: the person who provides the best write-up for how they geolocated the image (with the right location) will also get 1 month of free access and will have their write-up featured in the next newsletter issue.
🙋 Reply to this email with your answer; winners will be announced on Friday (or Saturday). Announcements will be sent directly to the winners and the identity of those winners will not be revealed unless specifically requested. If you do not hear back from me, you did not win the challenge.
For those of you reading this on Substack or for those who subscribed after this issue was released, use the Substack comment section instead.
🪃 If you missed previous newsletters, here are a few links to catch up.
Let’s get started. ⬇️
OSINT News
📰 Researchers Just Found Something Terrifying About Talking to AI Chatbots
AI chatbots are able to guesstimate which region a Reddit user is from based on their diction. This has OSINT and OPSEC considerations.
📰 Operational Information Gathering Methodologies of an Analyst
This article is an excellent example of providing high-level intelligence-related content without it being so broad it’s just a curation of Google searches. Explore several applications of the intelligence lifecycle across different disciplines, including open source intelligence.
📰 ‘Verified’ OSINT Accounts Are Destroying the Israel-Palestine Information Ecosystem
The change in Twitter verification happened after the Ukraine/Russian War happened. Now that Israel/Hamas has kicked off, we’re seeing the impacts of the loose verification progress in real-time. 404 Media discusses this concern at length.
📰 Cambodia's New Cabinet is Steeped in Nepotism
Follow this intricate investigation into the members of the Cambodian cabinet. Not only is this a visually stunning representation of an investigation, it’s also an amazing case study. Thanks to Ben Strick for bringing this to my attention.
📰 Watchdogs Against Hate: A Reporter’s Toolbox for Tracking Political Extremism
GIJN shares a list of resources that investigators can use for tracking and reporting on political extremism. These tools are not exclusive to this use case; so, don’t skip out even if you’re not looking into political actors.
OSINT Community
📺 Uncovering LE Activities: Darknet Vendor OSINT Perspectives - SANS Summit 2023
Sam Bent shares his insights for open-source intelligence applications across various platforms, from data leaks to Strava profiles. As a former darknet market admin, vendor, and buyer, Sam’s perspective is a unique lens you won’t find elsewhere online in this context.
🐦 Using Stable Diffusion for next generation sock puppets
This is an incredible example of the future of sock puppet content creation. Soon, you’ll be able to create a sock puppet and then use AI to generate original content, making the fake account seem real. This will also greatly impact disinformation research.
🐦 Getting an Instagram profile by phone number
Soxoj shares some interesting thoughts and methods for investigating on Instagram. They go through methods for bypassing the changes to the Instagram contact import method, allowing you to still match phone numbers to accounts.
🎤 Chasing the Ghosts Haunting Far-Right Extremism with Nick Backovic
The Cloak and Dagger podcast discusses topics ranging from QAnon to COVID conspiracies. Nick Backovic, an OSINT analyst from Logically AI, tells the story from his perspective.
🐦 Geolocating a 5G base from a Picture
Ron Kaminsky shares another tutorial for how he successfully geolocated a 5G tower based on a geolocation challenge from Gordon Ferrer. This write-up uses a combination of image recognition methods and general OSINT tips.
OSINT Tools
🔎 Archer
Archer is another OSINT multi-tool. The most interesting feature of this tool is the Ukraine car and plane lookup method which uses a database from the traffic police. There’s also a scraper for Replit built in.
🖥️ Forensic OSINT
Ritu Gill is working on bringing a new tool to market called Forensic OSINT. The details are a bit thin at the moment; however, it’s supposed to be an online content-capturing tool. I’ll be interested to see how it differentiates itself from Hunchly.
🖥️ DNS Dumpster
DNS Dumpster is a free domain research tool that can discover hosts related to a domain. Finding visible hosts from the attacker’s perspective is an important part of the security assessment process.
🔎 MineSight
MineSight is an awesome OSINT tool to add to your gaming profile toolkit. With this tool, you can enter a username found on Minecraft and see when the account was last active, what their historical usernames are, and whatever other data is set to publicly visible for that account ranging from language to social media profiles.
✅ That’s it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, you’ll get access to the following:
🥷 Learn how to get the unique userID of a Twitter profile. Then, learn how to download the followers/followings of any Twitter/X account using an internal API.
👀 You get access to all paid posts in the archive. Go back and see what you’ve missed!
🚀 If you don’t have a paid subscription already, don’t worry there’s a 7-day free trial. If you like what you’re reading, upgrade your subscription. If you can’t, I totally understand. Stay tuned for the geolocation challenge in next week’s issue to get a shot at free access.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.