Some weeks OSINT looks like spycraft. Other weeks it looks like a PDF from 2002, and somehow that’s the better week. Episode 20 covers issues 109 and 110 of The OSINT Newsletter, swinging from the dullest, most reliable corner of open source research to one of its more ethically loaded frontiers: AI-made personas.
This episode, Jake Creps walks through why public records and government databases deserve more respect than they get, then turns to how generative AI is reshaping the sock puppet game, both for building them and for spotting them.
Highlights:
📁 The Case for Boring OSINT - Why property records, court filings, business registrations, and licensing databases are some of the most reliable anchors in an investigation, and a simple three-step workflow (jurisdiction, search, cross-reference) for getting the most out of them.
🏁 CTF Corner - A look back at “The Scammer” challenge, tracing a phone number’s country and carrier, plus a preview of the newest live challenge: geolocating an intercepted image.
🤖 AI-Generated Sock Puppets - An update on how generative AI has changed sock puppet creation and detection since Jake’s original guide, covering the two paths to building a persona, why degraded image quality can now work in your favor, and how to keep a fabricated identity’s “voice” consistent over time (🔒 paid subscribers).
🕵️ OSINT Tools Roundup - Three new tools from this issue: a threat actor username checker with a clean true/false API, a Venmo OSINT tool for public profile and transaction lookups, and a 2-in-1 username/email scanner covering 240+ platforms.
If you’ve ever rolled your eyes at a government database, this one’s for you, right up until it isn’t.
Links:
Issue 109: https://osintnewsletter.com/p/109
Issue 110: https://osintnewsletter.com/p/110
