The OSINT Newsletter - Issue #33
Pivoting from one email address to many with automatic email enumeration and verification
👋 Welcome to the 33rd issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. This issue has a little bit for everyone. Conflict, hackers, drugs, data, and more. There’s more content around document search than normal. Pay attention to the tool section if you’re handling PDFs, Word Docs, or any other document.
🙏 If you think I’ve run out of thank yous for the OSINT community, think again. I think I’ve done a good job giving a hat tip (H/T) to the creators of all the resources I mention in this newsletter; however, I haven’t given them credit within the newsletter itself. Now and in future issues, I’ll be giving credit to where it’s due whether it’s the author of the content or the person who brought it to my attention. Thanks again. 🎩
🚨 Thanks to the Black Friday sale, The OSINT Newsletter now has over 300 paid subscribers. That’s incredible. The print version of The OSINT Newsletter also has over 110 pre-orders. For a quick update on the print issue progress, I’m about 70% done with the first draft. The hardest part is behind me, I believe. I’ll be chipping away at it on the weekends with the hope of shipping in early January. I fell behind with the holiday (Thanksgiving) and was sick all last week.
It’s not too late to pre-order, I’m printing twice as many copies as the pre-order count once it’s ready.
🏆 Object Recognition Challenge
Let’s do something a bit different this time. We’re going to do an object recognition challenge. Let’s see if you can identify an object in this image. Remember, this is for educational purposes only.
What is the make and model of the landline phone in this image?
Bonus: Can anyone unblur the document in this image and identify any text?
🙋 Reply to this email with your answer; winners will be announced on Friday (or Saturday).
For those of you reading this on Substack or for those who subscribed after this issue was released, use the Substack comment section instead.
🪃 If you missed the last newsletter, here’s a link to catch up.
Let’s get started. ⬇️
📰 Open-Source Intelligence (OSINT): A Complete Guide for Beginners
A lot of my readers are beginners to open source intelligence. I tend to lean more towards intermediate to advanced OSINT practitioners. This article is a great place to start if you’re new to OSINT to understand all the terminology, set up and configuration, and basic tooling.
🎩 H/T: Cyber Hub Intelligence
📰 Europol Launches OSINT Task Force to Hunt For Russian War Crimes
As open source intelligence becomes more mainstream and publicly available information grows in size, scope, and value, organizations like Europol have demonstrated how serious they are about OSINT. So much so that they’re standing up an OSINT task force specifically for tracking war crimes in the Ukraine/Russian War.
🎩 H/T: Phil Muncaster
📰 Inside Job: How a Hacker Helped Cocaine Traffickers Infiltrate Europe’s Biggest Ports
OSINT isn’t just about tools and techniques, it’s also about having the proper context to solve problems with publicly available information. Here’s a case study of an investigation where cyber meets physical. A hacker helps a drug trafficker and law enforcement tries to keep up.
🎩 H/T: Paul May
📰 Piecing Together the Evidence: Open-Source Intelligence in Israel’s Gaza War
Eliot Higgins from Bellingcat sits down with Henry Carnell to discuss open source investigations through the lens of the Israel/Hamas War. They talk shop about investigating conflict, defeating disinformation, and how investigations come to a close.
🎩 H/T: Henry Carnell, Eliot Higgins
DocumentCloud is an open-source software as a service platform that allows users to upload, analyze, annotate, collaborate on, and publish primary source documents. They have a search engine that allows you to search for documents. Aimed at helping journalists uncover primary sources, this tool is an excellent addition to your toolbelt for document research.
🎩 H/T: Techjournalisto, DocumentCloud
NAMINT is a web app that generates different combinations of a first, middle, and last name to help investigators find leads via username and email search. This is a high volume, low fidelity tool—meaning it’s not going to give you the smoking gun but it’ll help generate paths to pivot if you only have a name.
🎩 H/T: Cyber Detective, SEINT_pl
🥸 🔎 DeepFaceLive
Sock puppets are about to get a lot more interesting. Because of the large scale of fake accounts, stricter security measures have been put in place to prevent people from using fake accounts to gain access to sensitive areas. Many sites require video or identification verification to access. If you’re still looking to use sock puppet accounts to gain access, research the technology behind this tool. It allows you to face-swap with video content.
🎩 H/T: iperov
🖥️ 🔎 OpenResume
Resumes can often be a goldmine of open source information. As mentioned in a previous issue of The OSINT Newsletter, From Curiosity to Critical Infrastructure with Open Source Intelligence, resumes can often be an excellent source of information when researching a company, organization, or group. OpenResume is a tool that helps you parse resumes and turn them into structured data.
🎩 H/T: GONZO, Xitang Zhao
📺 OSINT Training: YouTube Transcripts
Explore a browser extension that helps you search for anything verbally spoken in videos found on YouTube. By parsing the transcripts generated by YouTube for videos on a search page, YouTube Transcript Search helps you save time. The Skip Tracer steps through this tool in a recent tutorial.
🎩 H/T: The Skip Tracer
🐦 Open Source Munitions Portal
There are a lot of images and videos related to the ongoing conflicts on the planet. Those images and videos sometimes contain munitions used by militaries on all sides of the conflict. Identifying these munitions is a key step in verification. Use the Open Source Munitions Portal to help identify these munitions.
🎩 H/T: AirWars, Benjamin Strick
🐦 Claromes makes tools
Claromes is a tool developer who recently participated in the Bellingcat Hackathon. While all of their tools are not OSINT-related, many of them are. From searching tweets in the Wayback Machine to creating a web interface for the Telegram API, Claromes is a developer I’m keeping an eye on for the latest and greatest technology in open source intelligence.
🎩 H/T: Claromes
✅ That’s it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, you’ll get access to the following:
⚡ Pivoting from one email address to many with automatic email enumeration and verification
You’ll learn how to go from one email address to many verified emails by enumerating the username and combining it with several OSINT methods to expand the scope of your investigation.
👀 You get access to all paid posts in the archive. Go back and see what you’ve missed!
🚀 If you don’t have a paid subscription already, don’t worry there’s a 7-day free trial. If you like what you’re reading, upgrade your subscription. If you can’t, I totally understand. Stay tuned for the geolocation challenge in next week’s issue to get a shot at free access.