Using Discord Bots for OSINT Investigations
Facial recognition, hash cracking, dark web, Shodan, reverse email address, reverse IP address, reverse username, paste search
š Welcome to a featured issue of The OSINT Newsletter. In this issue, RocketGod shows you several Discord bots you can use to enhance your investigation. From facial recognition to cracking hashes and everything in between, learn how to configure your Discord to be an OSINT-producing machine. Make sure to star these projects on GitHub and share any useful insights youāve gained by using these bots in your investigations.
š I want to thank all of the writers whoāve expressed their interest in writing for this publication. I didnāt realize how difficult and time-consuming it would be to intake and edit all contributor-submitted content; unfortunately, Iāve lagged behind a bit on getting things ready for publication. Thanks for hanging in there while I get spun up.
šØ This issue will be free for all subscribers. In anticipation of the upcoming TraceLabs OSINT CTF (sometime in November), I want to make sure everyone has as many open-source, free tools as they can get to help out in the search party to find missing persons.
šŖ In case you missed the last newsletter, hereās a quick link.
Letās get started. ā¬ļø
As I prepared for DEFCON 31, scrambling to load a bag with my HackRF, Dangerous Things xSIID and xMagic chip implants, Flipper Zero, and other necessities ā I forgot one little thing ā my laptop.
Now this wouldnāt have been too terrible if me and the crew hadnāt stumbled into the Trace Labs Search Party CTF hosted by humanDecoded. If you donāt know what that is, itās an amazing OSINT challenge to find actual missing persons.
As you can imagine, not having my laptop was now a huge problem. I made the best of it and used some of the Discord Bots I had already made to help the search such as Watson (Sherlock Discord Bot) and some other tools we use to OSINT pedophiles for various law enforcement agencies.
When all was said and done our team came in somewhere around 50/100 which we thought was decent, but I knew we couldāve done much better with the right tools.
Since then, Iāve been on a mission to create as many OSINT Discord bots as I can to make sure DEFCON 32 will be even more successful.
Benefits of Team-Based OSINT
UtilizingĀ Discord for OSINT as a team offers:
Real-time Sharing: Share data instantly.
Collaborative Analysis: Multiple perspectives offer deeper insights.
Unified Data: Keep all gathered intel in one place.
Efficient Task Distribution: Assign specific investigation areas.
Learning & Mentorship: Real-time learning and guidance for other members.
These Discord bots are all open source and available on GitHub. You can use them all on my Discord server for free.
Please feel free to contact me at any time on GitHub or Discord. PRs are always welcome if you want to help improve any of the bots.
Letās get started.
Rekognition Discord Bot
Rekognition Discord Bot leverages the power of AWS Rekognition to analyze and compare images directly from Discord. With a simple command, you can identify objects, detect emotions, recognize celebrities, read text, and even compare faces in two different images!
Object and Scene Detection: Identify thousands of objects, such as bicycles or sunglasses.
Emotion Detection: Understand the sentiment behind a face like happiness, sadness, or surprise.
Celebrity Recognition: Recognize thousands of celebrities in images.
Text Detection: Extract text from the image.
Face Comparison: Compare two faces to see if they are of the same person.
Analyzing a Photo:Ā /photos
The bot will return details about the image, such as objects detected, any celebrities recognized, emotions of faces, and more.
Comparing Faces in Two Photos:Ā /photos
The bot will compare the faces in the two images and provide a similarity score.
Shodan Discord Bot
A Discord bot to interact with the Shodan API, allowing users to fetch information about devices, services, and vulnerabilities.
Hashcat Discord Bot
Harness the power of Hashcat directly from Discord. Crack hashes with ease and efficiency using the renowned Hashcat password recovery tool, all within the convenience of your Discord server.
Commands
/hashcat - Use Hashcat to crack hashes. The command comes with various options such as:
Hash value
Hash type (e.g., MD5, SHA-1, etc.)
Attack mode (Dictionary or Bruteforce)
Wordlist (for dictionary attacks)
Password length (for brute force attacks)
Wordlists
For dictionary attacks, you can utilize various wordlists. The bot is configured with the following options:
RockYou 2021 - Ask me for this if you can't find it. It's too big to include
RockYou Strong - Ask me for this if you can't find it. It's too big to include
Crackstation - Ask me for this if you can't find it. It's too big to include
Make sure to download and place these wordlists in the main hashcat folder.
IP Hacker Discord Bot
ip-hacker is an advanced OSINT tool tailored for Discord, enabling cyber investigators, security researchers, and enthusiasts to gather in-depth data on target IP addresses. By integrating a broad spectrum of utilities into one platform, this bot provides real-time insights into an IP's geolocation, associated services, potential security threats, and more. Its foundation lies in its ability to seamlessly interact with the user, combining convenience and data-driven decision-making into one unified experience. Provide data from many sources and even provide links to possible open ports to help further your investigation.
Features:
Clickable Links: When the bot identifies open ports, it provides clickable links for quick access to the related services.
Comprehensive Data Extraction:
Geolocation: Determine an IP's geographical origin.
Tor Exit Node Check: Identify if an IP is a known TOR exit node.
Whois Data: Acquire domain or IP-related metadata.
Nmap Scans: Port scans, mainly for ports 20-80, with additional scans for specific services like IP cameras, game servers, and others.
Shodan & VirusTotal Integration: Extract device details, vulnerabilities, and extensive security reports related to the IP.
Email OSINT Discord Bot
A comprehensive Discord bot that allows you to check emails for associated social media accounts, data breaches, pastes, and more!
Social Media Account Check: Using Holehe, the bot can check for associated social media accounts linked with an email address.
Data Breach Check: Using the HaveIBeenPwned API, the bot checks if the email address has been involved in any known data breaches.
Pastes Check: The bot also checks if the email address has been listed in any public pastes.
Password Breach Check: Verify how many times a given password hash has been breached.
Paste Search Discord Bot
A Discord bot that allows users to search for terms on Pastebin.com, providing a quick and easy way to gather data from public pastes.
Dark Web Discord Bot
A Discord bot that searches the dark web for your query and returns links and screenshots of the results to your Discord channel using ahmia.fi.Ā
Watson - A Discord Bot for Sherlock
Watson is a Discord bot designed to interface with theĀ Sherlock project. It allows users to search for usernames on various social networks directly from Discord using the power of Sherlock.
There are a lot of false positivesĀ but this is a great tool regardless.
Hopefully, these tools will help find a missing child or catch a predator, but at least they should help our team at DEFCON 32.
If you know of any other tools that would be useful as a Discord bot, let me know and Iāll make it happen.
ā Thatās all for this issue of The OSINT Newsletter. Thanks for reading and supporting this publication.
š” Remember OSINT != tools. Tools help you plan and collect data but the end result of that tool is not OSINT. You must analyze, verify, receive feedback, refine, and produce a final, actionable product of value before it can be called intelligence.
Awesome write-up and an even more amazing community!