Scribd
Upload
78 views70 pages

Law Course

Uploaded by

damnsanskari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
78 views70 pages

Law Course

Uploaded by

damnsanskari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 70

OSINT TECHNIQUES

FOR INVESTIGATING
PEOPLE
BY
MANJESH SHETTY, GCIH, GCFA
DATA SECURITY COUNCIL OF INDIA
OSINT

e tty
Data is new oil, large amount of data is posted z sh online
M o
about people, and it is up 24x7x365 days.
ly @
s o n
o se
ur p
al p
Open-source intelligence (OSINT) the process of searching,
t io n
gathering c
u a
and analysing information collected from public
r ed
Fo
sources from the Internet. Information can be collected
manually or using OSINT Tools by the analyst.
OSINT can be used by for different purposes:

etty
Sentiment analysis for maintenance of public ozs h
order
@M
nly
Intelligence collection
e s o
p o s
p u r
To trace and arrest offenders
n al
atio
Gathering evidence against the accused
du c
r e
Tracing of missing persons
Fo
To verify real and fake news
For background check
EMAIL ID

INVESTIGATION PEOPLE
PHONE NUMBERS

only
es
SOCIAL MEDIA

rpos
pu
USERNAME

nal
PHOTOS

atio
duc
or e
DATA LEAK

FPEOPLE CENTRIC
SEARCH API
Sock Puppet &
HUMINT
Sock Puppet is ficitious
identity used on a forum,
marketplace, social network
& other platform

This will hide your real identity, in case if you're using any OSINT Tool
Sock Puppets
Account
creation Tips
Tip #1

Use Proton Mail or Tutanato


Mail for any Account Creation
Tip #2 Use Textverified.com
Google Services
Whatsapp
Facebook, Instagram, twitter
Tip #3

Use emailondeck/33mail for


work email
EMAIL ID OSINT
Epios Tool

etty
Retrieve information linked to an email sh
z address,
M o
without notifying oits ly @
user
s n
o se
u rp
a l p
tion epios.com
u ca
r ed
Fo
Note: Register using temp-mail.org
search.0t.rocks

etty
Retries information like Full Name,Phone zsh
M o
number, IP Address, ly @
s on
o s e
urp
al p
tion
uca
r ed
Fo Note: No Registration is required
SPYCLOUD

e tty
Retrieve information like plaintextMpassword, sh
oz
phone numbers, address, ly @
location
s on
o s e
u rp
al p
tion spycloud.com
uca
r ed
Fo
Note: you need to register from an email ID of the target
HAVEIBEENPAWNED

etty
zsh
Mo
ly @
Search whether emaileIDs o n
is part of any
pos
pur
databreach
nal
atio
duc
r e
Fo
RETRIEVE PASSWORDS FROM EMAIL ID

etty
zsh
Mo
ly @
LEAKPEEK s on
ose
urp
BREACHDIRECTORY
al p
tion
uca
r ed
Fo
PHONE NUMBER OSINT
TWILLIO

etty
zsh
Mo
@
ly
s on
Twillio: VOIP Number eAnalyzer
pos
pur
nal
atio
du c
r e
Fo
CONTACT EXPLOITATION

ett y
zsh
Many applications allow (and@M o
encourage)
n ly
es
you to locate your friends' o
profiles within the
pos
pur
service by their
nalemail address or telephone
atio
duc
number
o r e
F
WHITE PAGES

etty
zsh
Mo
@
ly
Find people, contact infoe&
s n
background
o
pos
checks pur
nal
atio
duc
r e
Fo
SOCIAL MEDIA OSINT ly
s on
ose
purp
nal
atio
duc
or e
F
FACEBOOK ,INSTAGRAM & TWITTER

etty
zsh
Mo
l@
y
Inteltechniques: Social Media
s on OSINT
ose
urp
Analyzer al p
tion
uca
r ed
Fo
SNAPCHAT MAP

etty
zsh
Mo
ly @
Snapchat Map surveillances on
ose
urp
al p
tion
uca
r ed
Fo
Twitter Analysis - Spoonbill.io

etty
zsh
Mo
ly @
s on
ose
urp
al p
tion
uca
r ed
Fo
Twitter Analysis: onemilliontweetmap

etty
zsh
Mo
ly @
s on
ose
urp
al p
tion
uca
r ed
Fo
Whatsapp calls

e t ty
z s h
M o
Grab IP Address of the whatsapp/Instagram or different social media
app call users
ly @
s o n
o se
urp
a l p
tio n
uca
r ed
Fo
etty
zsh
Mo
ly @
s on
ose
urp
al p
tion
uca
r ed
Fo
etty
zsh
Mo
ly @
s on
ose
urp
al p
tion
uca
r ed
Fo
IP Grabber

e tty
h to do a
Scenario 1: One person was harassing and blackmailingzasgirl
M o
video call with him in the telegram app.
ly @
s o n
os e
rp
Scenario 2: Smuggler who is active
u only in WhatsApp with VOIP
al p
Number.
tio n
u c a
r e d
Fo
IP Grabber Tools

etty
zsh
Grabify.link
Mo
ly @
s on
IP Logger
o se
ur p
al p
tio n
https://t.me/Trackdownpeoplebot
u c a
r e d
Fo
etty
zsh
Mo
ly @
s on
ose
urp
al p
tion
uca
r ed
Fo
IP Grabber - Advanced Method

etty
zsh
Mo
ly @
s on
ose
urp
al p
tion
uca
r ed
Fo
Domain Name: Bengalurunews.com
y
USERNAME OSINT ozsh ly ett
M
s o n
n ly
o
@
se
o se
p
s
u
o
rp
pu
n
rp
a l
ia
onti
al
o
d
uucac
t
oorr e
ed
F
F
USERNAME FINDER

etty
zsh
namecheckr.com
Mo
Namevine.com
ly @
s on
ose
urp
al p
tion
uca
r ed
Fo
y
PHOTOS OSINT o
et
z nly
sh
t
@M o
es
s on
rp
ly
os
rpo
l
se
p u
i
al
opu
n a
ucac
tia
ont
rr e
edd
u
o
F
Fo
EXIF VIEWER

ONLINE TOOLS etty


zsh
Extract Metadata (extractmetadata.com) Mo
ly @
es on
Jeffrey’s Viewer (exif.regex.info/exif.cgi)
Exifinfo (exifinfo.org) pos
pur
na l
Get Metadata (get-metadata.com)
a tio
d u c
o r e
F
OFFLINE TOOLS
ExifTool by Phil Harvey
EXIF INFORMATION

GPS (Lat, Long) etty


zsh
Make, Model Mo
ly @
Owner Information
s on
ose
Timestamp Information
u rp
a l p
tion
Thumbnail (Preview) Image
uc a
r e d
F o
REDDIT TOOLS

et
Reddit.com/r/picrequests: Free Photo Enchacement ty
and
zsh
M o
editing service
ly @
s o n
o se
Reddit.com/r/whatisthisthing: For the identification
ur p
of mysterious objectsal p
tion
u c a
r ed
F o
IMAGE REVERSE SEARCH

etty
zsh
Mo
ly @
s on
ose
urp
al p
tion
uca
r ed
Fo
y
People Centric Search o
et
z nly
sh
t
@M
e s o
API s on
rp
ly
o s
rpo
l
se
p u
i
al
opu
n a
ucac
tia
ont
rr e
edd
u
o
F
Fo
PEOPLEDATALABS

et ty
People data" collection company offers 1,000 free queries
zs h
M o
ly @
of their premium data sets to anyone, and they accept
s on
masked email addresses such as
o se33mail, Anonaddy, and
urp
Simple Login. a l p
tion
uca
r ed
F o
etty
h
OSINT INVESTIGATION y @Mozs
onl
WITH OS-BASED rposes
l pu
FRAMEWORKS
ucationa
r ed
Fo
There are 3 types of OSINT

etty
zsh
Passive Collection
Mo
ly @
Semi-passive Collection
s on
ose
Active Collection u rp
al p
tio n
u c a
r e d
Fo
Passive Collection

e tt y
zsh
This is the most used type when collecting OSINTointelligence,
@ M
nly
by default most OSINT gathering methods
e s o should use passive
p o s
collection because the main
pur aim of OSINT gathering is to
n a l
a ti
collect informationo about the target via publicly available
d uc
r
resources.
o e
F
Semi-passive Collection

e tty
In this way, you are not implementing in-depth o zsh
investigation
@ M
nl y
es o
of the target’s online resources, but only investigating lightly
po s
without launching any alarm
pur within the group you are
na l
investigating.
atio
du c
r e
Fo
Active Collection

etty
zs h
You interact directly with the system to gather intelligence
M o
about it, but the target can become
ly @ aware of the
o n
s person/entity collecting
reconnaissance process since sthe
o e
ur p
l p
information will use advanced
a techniques to harvest technical
tion
u c
data about thea target IT infrastructure such as accessing open
r ed
Fo scanning vulnerabilities (unpatched Windows systems),
ports,
scanning web server applications, and more.
etty
zsh
CLI & Linux Based nly @Mo
s o
Applicationpurpose
nal
atio
duc
r e
Fo
etty
zsh
Trace Labs ly @Mo
s on
VM purpose
nal
atio
d uc
o r e
F
Tracelab.org
whois

e tty
sh
z identifies
o
'Whois' is a widely used Internet record listing that
M
ly @
who owns a domain/IP and how to geto inncontact with them.
se s
rp o
l p u
io na
c at
e d u
Fo r
To get 'whois' information for site, type in
y
ett
sh
Linux terminal 'whois' followed byozdomain
@M
name only
ses
rpo
l pu
ona
> whoisucagopcsoft.com
ti
r ed
Fo
whois

ett y
sh
zof the site,
To get detailed information about network owner
M o
ly @
s n
first you need get IP address fromohostname. In terminal
o se
ur
windows type command 'host',p 'nslookup' or 'dig' followed by
al p
hostname. tion
u ca
r ed
Fo
> host gopcsoft.com etty
zsh
Mo
ly @
on
> nslookup gopcsoft.com
poses
pur
nal
atio
duc
r e
Fo
To get authoritative DNS server(s) for
e tty
zsh
specific domain M o
l@
y
s on
ose
urp
al p
> dig gopcsoft.com NS
tion
uca
r ed
Fo
etty
zsh
To get mail server(s) for specific odomain
@M
nly
es o
os
> dig gopcsoft.com
al purp MX
tion
uca
r ed
F o
OSINT - OSRFramework

ett y
sh
z Software
Open Sources Research Framework - OSRFramework
M o
ly @
s o n
has different applications related to username checking, DNS
os e
lookups, information leaksu rp
research, deep web search, regular
a l p
ti on
expressions extraction and many others.
u ca
r ed
F o
OSRFramework' install following components

et ty
zs h
mailfy - find information about emails taken as a reference
M o
nickname or email list
ly @
o n
sa full name
e
searchfy - find profiles linkedsto
o
u rp
a l
usufy - identify socialp media profiles using a given
t ion
nickname u ca
r ed
Fo
checkfy - guesses possible emails based on a list of
candidate nicknames and a pattern
UserRecon

etty
sh
z 75 social
o
'UserRecon' allows to find usernames across over
M
ly @
networks.
s on
o se
u rp
al p
tion
u c a
r e d
Fo
Now we can start search for usernames
from social media networks. Type ettyin
zsh
following command and then enter Mo desired
ly @
on
username at 'Input Username'
s prompt
ose
urp
al p
tion
ca
> ./userrecon.s
r edu
Fo
Metdata

e tty
s h
z than the
o
Many files contain extra or even hidden data other
M
ly @
s n
visual data you see at first glance.oE-books, photographs,
ose
urp
movies, music and even documents can contain data that you
al p
ion
don’t see at first tglance.
u c a
r ed
Fo
To view 'exif' information from the image,y
ett
run 'exiftool' command followed by zshimage
Mo
name ly @
on
es
pos
pur
nal
> exiftoolat o
“FileName”
i
duc
r e
Fo
By default, 'exiftool' show GPS coordinates
in human readable format, Google maps
do not understand this format. etty
zsh
Mo
ly @
Let's print Google-maps s on
friendly GPS data
ose
from photo urp
al p
tion
uca
r ed
Fo
> exiftool -gpslatitude -gpslongitude
-n filename.jpg
> exiftool -G filename.jpg | grep h-iet-E
ty
o zs
'(Make )|(Model)|(Software)|(Device)|
ly @M
s on
(Lens)'.jpg | grep r-i
po-E
se '(Make )|
l pu
(Model)|(Software)|(Device)|(Lens)'
ationa
duc
or e
F
Spiderfoot

e tt y
sh
zautomation
SpiderFoot is an open source intelligence (OSINT)
M o
ly @
s o
tool. It integrates with just about everyn data source available
os e
u r
and utilises a range of methodsp for data analysis, making that
a l p
ion
data easy to navigate.
t
u c a
r e d
Fo
etty
zsh
Mo
@ y
>Spiderfoot -l 127.0.0.1:8001
es onl
pos
pur
nal
atio
duc
r e
Fo
etty
usage of different spiderfoot h
z API
s
Mo
ly @
s on
ose
urp
al p
tion
uca
r ed
Fo
use 33mail for signup
Sherlock

etty
s h
z Sherlock
Sherlock, a powerful command line tool providedoby
@ M
n ly
es o
Project, can be used to find usernames across many social
po s
networks.
pur
n a l
atio
d uc
o r e
F
Maltego

e tty
Maltego is a link analysis software used for o z sh
open-source
@ M
n ly
es o
intelligence, forensics and other investigations, originally
po s
developed by Paterva
pur
n al
a tio
d uc
o r e
F
WebHTTrack Website Copier

etty
sh
z from the
It allows you to download a World Wide Web site
M o
ly @
s on
Internet to a local directory, building recursively all
ose
rp
directories, getting HTML,uimages, and other files from the
al p
ion
server to your computer.
t
u ca
r e d
F o
etty
zsh
Mo
@ ly
s on
ose
urp
Tracelabs al p
Browser Bookmarks
tion
uca
r ed
Fo
only
oses
purp
nal
atio
duc
or e
F

You might also like