The OSINT Newsletter - Issue #32
Manipulating website registration forms to collect open source information about an email address
π Welcome to the 32nd issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. This issue is very OPSEC-heavy. Operational Security (OPSEC) is an essential tradecraft every investigator must learn in order to stay safe while investigating online.
π¨ Over 100 people have pre-ordered the print issue of The OSINT Newsletter. Thatβs an amazing milestone. By the time this newsletter is published, I will have completed the initial draft of the community portion of the print issue. What remains is the category-specific workflows that I will add that are print exclusives.
π Geolocation challenge
In what city was this image taken? What are the specific coordinates?
The first person to provide the correct city gets 1 month of paid access to The OSINT Newsletter for free. The person with the closest coordinates to where the image was taken from will also get 1 month of paid access.
π Reply to this email with your answer; winners will be announced on Friday (or Saturday).
For those of you reading this on Substack or for those who subscribed after this issue was released, use the Substack comment section instead.
πͺ If you missed the last newsletter, hereβs a link to catch up.
Letβs get started. β¬οΈ
OSINT News
π° π₯Έ Access Location, Camera & Microphone of any Device
Be careful out there. There are a lot of tools that exist to unmask your identity online. You can use these as an investigator if the situation warrants it; however, in most scenarios, these tools will be used against you. This article is about Storm-Breaker, a powerful social engineering tool that allows hackers to access the victimβs location, camera, microphone, and IP address.
π° π₯Έ How to Track Realtime Location of ANY Telegram User β 2 Methods
Telegram is a very popular messaging app. It has many features aimed at providing a better user experience for their users. Those features, though, sometimes come at a cost. This article talks about the βFind People Nearbyβ feature, the risks it presents, and how an investigator can use it to track the location of any user. It also offers you a defensive plan to avoid this exposure from impacting you.
π° π₯Έ Debunking the Myth of βAnonymousβ Data
This article is an interesting read from a digital privacy and OSINT perspective. Not only does it go through and define several different data points and how easily accessible that information is, but it also talks about how that information is accessed and by whom. How is personally identifiable information (PII) stored? How is it accessed? Whatβs the catch?
Read on Electronic Frontier Foundationβ¦
π° The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story
This is a very long article, so strap in. It tells the story of the 2016 internet outages of Netflix, Spotify, Twitter, PayPal, Slack, and more as well as the people behind it. If youβre a fan of Darknet Diaries, this will be an entertaining read. But why in The OSINT Newsletter?
The journey of how cybercriminals go from zero to criminal is important context when doing investigations into eCrime or similar. That context is what gives you the power to pivot when others canβt.
ποΈ Wired paywalled the post. Iβve added a Wayback Machine link below.
π° π₯Έ An Ultimate List of Rules Net Survivors Should Follow to Stay Safe!
If youβre new to OSINT or have found yourself slipping in your OPSEC compliance, give this article a read. Itβs a great refresher on how to set up the proper environment to stay safe online and in public. It even extends into cryptocurrency.
OSINT Tools
π TikTokPy
This tool allows you to extract data from TikTok without needing any login information or API keys. Think of it like an unofficial API for TikTok. You can fetch video information, creator information, download video libraries, etc.
π₯Έ Your Social Media Fingerprint
This is not only a tool you can use to improve your OPSEC, but it also presents an interesting idea. In a nutshell, websites behave differently depending on whether or not youβre logged in to them. This is especially true for the redirect process. Give this tool a try to learn more about a variety of topics.
π₯οΈ Alfred 5
Alfred is a research powerhouse. It does automation, Google Fu, expands the clipboard functionality (clipboard history), keyboard shortcuts, enhances file management, runs terminal, and more. Iβm likely going to add their Workflowβs functionality to my terminal tools to run multiple Python scripts on a certain data point, for example.
π° This is a paid tool; however, it offers a one-time purchase price.
π₯Έ Extension Detector
Similar to Your Social Media Fingerprint, Extension Detector uses your online digital fingerprint to detect which browser extensions you have installed. Both of these tools had me thinking about what could be accomplished with a spoofed digital fingerprint. Use this for OPSEC and to kick off some research around digital fingerprinting.
π₯οΈ π₯Έ Telex
The final OPSEC-related tool in this issue is Telex. Think of Telex like a honeypot generator. If youβve seen tools like Bitly, this is similar; however, Telex is specifically designed for threat intelligence research. Plant one of these seeds (ethically) in a place where a certain audience will find it and see what happens. Alternatively, study whatβs possible to improve your own OPSEC.
OSINT Community
πΊ OSINT at Home #22: How To Measure Areas Using Free Satellite Tools
This is an amazing video. Ben shows you how you can use certain tools to measure satellite imagery. From calculating the area of wildfire damage to measuring the length of a ship, you can use built-in tools to gather open source information manually.
π Detection Engineering Weekly
Detection Engineering Weekly is an OSINT Newsletter recommended read. If youβre in the world of cyber threat intelligence, asset identification, or detection engineering, this is a great publication to subscribe to. Check out their latest issue.
π¦ How to verify leak data
Thereβs a lot of leaked data out there for free and for sale. When thereβs financial gain involved, thereβs always the possibility of fraud. In this article, Techjournalist shows you how you can investigate leaked data to ensure itβs the real deal.
π Bullsh*t Hunting
In this issue of Bullsh*t Hunting, Justin shows how you can scrape SSL certs using Google Sheets. This is a great introduction to how you can build a no-code web scraper for small scraping tasks.
π¦ MetaOSINT will push a major update
MetaOSINT is a huge directory of resources for open source intelligence. Itβs been a while since itβs been updated but a major update is coming soon. Make sure to bookmark the page and look out for the update when it comes out.
β Thatβs it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, youβll get access to the following:
β‘Manipulating website registration forms to collect open source information about an email address
Weβll look at three examples that target three use cases:
Discord
OnlyFans
NameCheap
π΄ Objective: Determine if an email address is registered on either of these websites to confirm other information we already know (chat activity, potential infidelity, WHOIS data, etc.).
π You get access to all paid posts in the archive. Go back and see what youβve missed!
π If you donβt have a paid subscription already, donβt worry thereβs a 7-day free trial. If you like what youβre reading, upgrade your subscription. If you canβt, I totally understand. Stay tuned for the geolocation challenge in next weekβs issue to get a shot at free access.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.