The OSINT Newsletter - March 2023 OSINT Review
An overview of research in open source intelligence from March 2023
Welcome to the first mid-month OSINT review. I’ll be publishing these every month in the middle of the month showcasing all of the interesting research and content I’ve looked into so far as part of my research into open source intelligence.
This issue is broken up into an OSINT Reads section that contains longer form content followed by OSINT Twitter which highlights the top research I’ve seen so far this month.
If there’s anything I left out that you think is worth mentioning, please let me know!
Thanks again for reading and if you haven’t already subscribed, here’s an easy way to do it.
How a Montenegrin Gang Used Open-Source Intelligence to Kill
Hitmen working for a criminal group active in Montenegro and Serbia used open-source intelligence techniques, poring over apartment listing sites, satellite images, and tourist photos posted online, to track down and kill the leader of a rival clan as he hid out in Greece. Read more
A Private Company Is Using Social Media to Track Down Russian Soldiers
Open-source investigations were once potent journalistic tools, but in Ukraine, they’re being used on the battlefield. Read more
It took a TikToker barely 30 minutes to doxx me
Kristen Sotakoun found out way too much about me in a consensual test of my online security. Read more
Tactical OSINT Analyst writes about confirming Google Groups and email addresses with Gmail accounts exist using existing functionality in Google Chat.
I write about using ChatGPT for writing and reading regex for OSINT use cases.
I also used ChatGPT to write a bookmarklet that extracts all email addresses on your active web page and saves them to a CSV including the source domain they were found on.
Ivano Somaini writes about using password recovery methods to disclose partial mobile phone number and credit card information from a PayPal account.
On the note of password recovery methodology, remember that this is a grey area and should be used carefully and ethically.
I write about using the Bitmoji API to verify if a Snapchat, or any other Bitmoji-enabled account, is associated with an email address.
Nuclei creates a username module of their open source application.
Cyb_detective shares a method for finding sites that allow you to use ChatGPT without registration.