Building a Keyword Monitoring Pipeline with Python, Pastebin and Searx

Having an early warning system is an incredibly useful tool in the OSINT world. Being able to monitor search engines and other sites for keywords, IP addresses, document names, or email addresses is extremely useful. This can tell you if an adversary, competitor or a friendly ally is talking about you online.  In this blog […]

Vacuuming Image Metadata from The Wayback Machine

Not long ago I was intrigued by the Oct282011.com Internet mystery (if you haven’t heard of it check out this podcast). Friends of the Hunchly mailing list and myself embarked on a brief journey to see if we could root out any additional clues or, of course, solve the mystery. One of the major sources […]

Dark Web OSINT Part Four: Using Scikit-Learn to Find Hidden Service Clones

Welcome back to the fourth and final instalment in this series. If you haven’t read part one, two or three definitely feel free to go and do so. This will be much shorter than the others The original inspiration for this post was from a @krypti3a blog post called: Counterfeiting on the Darknet: USD4U. If you […]

Expanding Skype Forensics with OSINT: Email Accounts

I will be the first to tell you that I know little about forensics compared to most law enforcement or private forensic examiners. One thing that I always found amazing was looking at the result of a forensic acquisition and seeing all of that magical data flowing out from it. Email addresses, phone numbers, usernames, social […]

Gangs of Detroit: OSINT and Indictment Documents

VICE News ran a story about a gang in Detroit, Michigan that was nabbed partly due to their use of social media. This of course caught my attention so I clicked the link to the indictment papers and began to have a read. I find court documents completely fascinating. It’s a weird hobby I will admit. However, […]

Follow the Money with Python

Lots of OSINT investigations involve looking at companies, their structure, and of course their directors. Just yesterday, CBC News here in Canada did a story about a wealthy family allegedly using tax havens as a means to avoid paying taxes. As part of the news story the reporters at CBC posted some court documents and […]

Automatically Discover Website Connections Through Tracking Codes

Fellow Bellingcat contributor Lawrence Alexander did some really interesting OSINT work on analyzing the hidden links between websites using tracking and analytics codes. In his how-to titled “Unveiling Hidden Connections With Google Analytics IDs” he shows how you can begin to see how websites are connected to one another using only the shared tracking code […]

Gaming Meets OSINT: Using Python to Help Solve Her Story

There is a very cool game called Her Story. The premise is that you are a cop sitting in front of a 1990s-era computer system that enables you to punch keywords in to view videos about a murder case. When you punch in a keyword, there are only 5 videos that can be shown, so […]

Analyze Bin Ladin’s Bookshelf in a Snap with Python Part 2: Concepts and Categories

After running the first part of this series I had a question come in from Charles Cameron (@hipbonegamer) a well known author and terrorism researcher: Charles Cameron (hipbone) – May 26th, 2015 So — did you draw any conclusions from the use of this technique on the trove of OBL documents? What was your analysis […]

Analyze Bin Ladin’s Bookshelf in a Snap with Python

On May 20, 2015 the ODNI released a trove of documents called “Bin Ladin’s Bookshelf“. This included all kinds of materials including letters he had written, books he was reading and other various bits of information. This document released piqued my interest primarily because I was interested to see what the most common thing was […]