The OSINT Newsletter - Issue #66
The latest and greatest in OSINT news, tools, tactics, and techniques
👋 Welcome to the 66th issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. Thanks for reading and I hope you subscribe.
This issue includes the following:
OSINT investigation case studies
Techniques for domain investigations
Improving your online safety while conducting investigations
Beginner tools for niche information discovery
Advanced tools for FBI takedown discovery
Let’s get started. ⬇️
🪃 If you missed the last newsletter, here’s a link to catch up.
⚡ Building an Automated TraceLabs Judge for Missing Persons Investigations
OSINT News
📰 The Hunt for Malaysia's Elusive Wildlife Trafficker
Bellingcat does a deep dive into an open source investigation involving a wildlife trafficker. Read how they trace their target across several social media platforms. This is an excellent case study in OSINT for good.
🎩 H/T: Foeke Postma
📰 URL’s Manipulation 4 Reconnaissance
Often the easiest OSINT technique is URL manipulation. This is especially true with API OSINT. Read 30 ways you can manipulate URLs for additional data collection. If you want a good start, add “.json” to the end of any URL that contains profile information. Sometimes you get lucky and get everything in JSON format instead of the UI.
🎩 H/T: Snooptsz
📰 OPSEC Guide
Maintaining proper OPSEC is key to doing OSINT investigations. You don’t want your target to know you’re investigating them. This 15-section OPSEC guide will help you close any holes you have in your game.
🎩 H/T: Zyker
OSINT Tools
🔎 Custom Search Engines for OSINT
Custom search engines are always a useful tool for beginners in OSINT. So, when I find a source that offers a ton of useful ones, I try to share it. Their file and cloud search engine list is particularly interesting.
🎩 H/T: Pavel Bannikov
🔎 FBI Watchdog
If you’ve ever seen a website seized by the FBI, you’ll know why this tool is useful. It allows you to enter a list of domains of interest and be notified when they’ve been seized by law enforcement. It does this by looking for law enforcement takeovers in DNS changes (ns1.fbi.seized.gov, ns2.fbi.seized.gov, jocelyn.ns.cloudflare.com, and plato.ns.cloudflare.com). Best of all, it has several integrations into places like Discord and Telegram.
🎩 H/T: Dark Web Informer
🔎 DorkTerm
If you’re doing an investigation into a domain, consider using DorkTerm. It allows you to search for common URL patterns without having to remember a list of Google Dorks. This isn’t just useful for penetration testing. It can also help you gather information from older published pages.
🎩 H/T: Yogsec
✅ That’s it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, you’ll get access to the following:
⚡ Turning a Phone Number or Email Address into Vehicle Information
Use local service portals to passively pivot from phone number or email address to vehicle and profile information.
👀 All paid posts in the archive. Go back and see what you’ve missed!
🚀 If you don’t have a paid subscription already, don’t worry there’s a 7-day free trial. If you like what you’re reading, upgrade your subscription. If you can’t, I totally understand. Be on the lookout for promotions throughout the year.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.