👋 Welcome to the 79th issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. Here’s a quick summary of what’s in this issue:
Investigating botnets
A study of the OSINT tradecraft
OSINT for bad
VSCO browser extension
CLI tools for Shodan
Using SERP APIs and Apify for OSINT tools
🚨 We’re planning to expand The OSINT Newsletter to include more than 2 issues per month. This is partly in response to the demand of more beginner-friendly content. Over the next quarter or so, you’ll begin to see more free and possibly paid content for new investigators.
🪃 If you missed the last newsletter, here’s a link to catch up.
⚡ Search in a Post-AI World
🎙️ If you prefer to listen, here’s a link to the podcast instead.
Let’s get started. ⬇️
OSINT News
📰 How we found the people behind a bot network
Benjamin Strick walks through how Jakarta-based firm InsightID ran a 2019 influence operation on West Papua, showing both how online opinion can be manipulated and how free tools can expose disinformation networks.
OSINT Techniques used: WHOIS lookups, reverse image search, and social network analysis
🎩 H/T: Benjamin Strick
📰 The Analytical Hierarchy of Open Source Intelligence
OSINT without a structured process can quickly get chaotic. It’s not just data collection or data transformation. You have to fulfill intelligence requirements with high confidence analysis. This post is a deep dive into how to do just that conceptually.
To realize the full potential of open-source intelligence and shed light on possible future events before they unfold, practitioners must adopt methods that quantify judgment, embrace feedback, and hold themselves publicly accountable.🎩 H/T: VEEXH
📰 Malicious Uses of OSINT by Cybercriminals and Hackers
This article is extensive. It covers several tools, tactics, and techniques that can be used ethically or unethically to collect information at scale. This includes case studies like the Sony Pictures attack in 2014, the U.S. CENTCOM social media takeover in 2015. Some of these are a bit of a stretch to classify them as OSINT; however, they illustrate the power of OSINT as an augmentation to other intelligence sources.
Alarmingly, intelligence agencies estimate 80–90% of all actionable intelligence comes from open sources, showing how much sensitive data lies exposed.🎩 H/T: David Sehyeon Baek
OSINT Tools
🔎 VSCO SPY
This tool lets you geolocate VSCO images if the data is available. It also gives you the make and model of the phone if the photo was taken with a phone. It’s fast and easy to use. You’ll see a new icon appear next to a VSCO image and it’ll generate a pop up modal for you to investigate further.
🎩 H/T: Colin Crowden
🔎 shodan-hash
Shodan is a staple if you’re doing technical intelligence. There are several command line tools offered by Shodan, shodan-hash is my favorite. Many OSINT tools were developed to create this method years ago. Now Shodan gives you some of that functionality out of the box.
🔎 TikSpyder
This is another creative example of an OSINT tool that’s right up my alley. If you’re not familiar with SERP API, it’s essentially a search engine scraper. It allows you to take your Google Dorks and integrate them into a tool easily or create your own. Additionally, there’s an API marketplace called Apify that has a lot of data sources and methods you can implement for cheap. This tool combines the two of those together to explore TikTok more closely.
🎩 H/T: Esteban Ponce de Leon
✅ That’s it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, you’ll get access to the following:
⚡ Supercharging OSINT: Collecting Data at Scale with Proxies
To run an OSINT program, you need to collect data. A lot of data. If you’re doing it from your local machine, you’re putting yourself at risk of detection. Additionally, you’ll eventually be blocked by the source and will lose your data feed. This issue talks about proxies. What they are, how to use them, where to get started, and when to know it’s time to scale.
👀 All paid posts in the archive. Go back and see what you’ve missed!
🚀 If you don’t have a paid subscription already, don’t worry there’s a 7-day free trial. If you like what you’re reading, upgrade your subscription. If you can’t, I totally understand. Be on the lookout for promotions throughout the year.
🚨 The OSINT Newsletter offers a free premium subscription to all members of law enforcement. To upgrade your subscription, please reach out to LEA@osint.news from your official law enforcement email address.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.