Set Your OSINT Environment

Dear Readers,

Welcome to our newest issue! We have dedicated it to the topic of OSINT. As you know we have a lot of materials regarding open source intelligence on our website, but there is still so much to say about it we just couldn’t resist.

The edition opens up with an article by Matthew Kafami, “Setting Up Your OSINT Environment”. Then we go with the article by Rhonda Johnson in which the author writes about possible means of deception when interpreting intelligence gathered from OSINT tools. 

Further we dive into the topic of SOCMINT. Social media intelligence refers to gathering and processing information available on social media platforms. Maciej Makowski prepared for you the article entitled “Online Intel Recon with SOCMINT”. Then we go into some OSINT techniques and by this I mean - subdomain enumeration, Google dorking, credential harvesting, and also SOCMINT - all this in “How to conduct an OSINT Company Risk Assessment” by Adrian Podgorski. 

What else is in the issue? Josh Richards is going to show you a piece of software called Lampyre, which actually allows you to obtain data from sources that aren’t seen in many other software solutions. 

That’s not all, of course! You will also read about OSINT from Online Public Reviews, Photo OSINT, Forensic Impact of Shred Command on EXT4 File System, and Methods for Getting Data From Damaged Mobile Phones.

We hope you enjoy reading this issue! As always, huge thanks to all the authors, reviewers, to our amazing proofreaders, and of course you, our readers, for staying with us! :)

Have a nice read!

Regards,

Dominika Zdrodowska

and the eForensics Magazine Editorial Team

---

Download free preview

---

TABLE OF CONTENTS

---

Setting Up Your OSINT Environment 

by Matthew Kafami

The key to being able to conduct an effective OSINT investigation relies on maintaining the proper set of tools for interacting with the type of data you want to discover. Many OSINT tools are open source tools written, published, and maintained by individuals, which means these tools can be free and often invaluable assets to your toolkit. One unfortunate side effect of using open source tools is that once a tool breaks, usually due to how it interacts with another site’s API, there is no dedicated support. You can wait and see if the tool’s creator fixes it, you could try to modify it yourself, or you can find a new tool. Most of these tools are publicly available on GitHub. Additionally, there are several podcasts dedicated to both conducting an OSINT investigation and maintaining your own privacy online. 

Considering the possibilities of deception in utilizing OSINT tools in digital forensic investigations

by Rhonda Johnson

Introduction: As digital forensic investigators continue to incorporate the use of OSINT tools during criminal investigations, the need to consider possible means of deception when interpreting intelligence gathered from OSINT tools has increased significantly. With the public availability of OSINT tools, there is the possibility that those same OSINT tools can also be used by malicious actors to carry out deception. When digital forensic investigators use OSINT tools to gather intelligence, there is the inherent risk that things may not be what they appear. The following article will briefly describe several methods of deception that could be potentially used during a Social Media Forensics investigation. These methods of deception could cast significant doubt on the reliability of intelligence gathered on social media platforms that digital forensic investigations may use during an investigation.

Online Intel Recon with SOCMINT

by Maciej Makowski

Social media intelligence refers to gathering and processing information available on social media platforms. By “available”, I mean that it’s either open to the public, or resides in private groups or chat rooms where prior access is required. SOCMINT also relates to private information, like direct messages or posts shared privately with friends that for some reason are discovered and mined for data. 

How to conduct an OSINT Company Risk Assessment 

by Adrian Podgorski

The purpose of this article is to explain the processes, methods and techniques used to passively capture information on a company or organization. Attention must be brought to the passive nature of this article; OSINT is not an active activity and as such no active exploitation techniques will be discussed within. Some techniques mentioned in this article may be translated into other types of investigations, such as person-based digital footprint assessments, however, these will be only lightly touched on. Techniques you can expect to see below include; subdomain enumeration, Google dorking, credential harvesting and social media intelligence (SOCMINT)

Lampyre - How to discover new data points and links between them

by Josh Richards

This article is going to showcase a piece of software called Lampyre. They allow you to obtain data from sources that aren’t seen in many other software solutions. Another benefit is that it gathers most of the data without asking you to enter your own API keys, which means you don’t have to sign up to lots of the source websites, you only have to sign up for Lampyre. All data can be added as entities into a graph where you can perform link analysis, similar to a popular piece of software called Maltego. You can view the data in other forms like on a map if it includes location data or you can view it all in a raw table

OSINT from Online Public Reviews

by Tokyo_v2

Public reviews are a great source of information for OSINT investigators. Why? Because it gives us a lot of information we didn’t have before. Current and previous locations, names of people we have interacted with and dates and times of those interactions. These reviews and ratings can reveal a variety of things about a person and can potentially and ultimately lead to someone’s identity. (...) Reviews can be real or fake, positive or negative but they are all important. (...) Whether real or fake, I will be looking at online public written reviews that can lead to holiday plans, home addresses and medical histories as well as managing to find someone who reviewed the company they were working for

Photo OSINT 

by Jeff Minakata

In this article, we will be looking at photo OSINT (Open Source Intelligence) investigations, more specifically taking various photos that we may find during our forensic or OSINT investigations and analyzing them. We will be using various tools and techniques to achieve this goal in order to unmask the information that these photos contain. During this article, we will be using various online tools to achieve this goal, all links will be provided at the end of the article under the On the web section

Forensic Impact of Shred Command on EXT4 File System

by Divya Lakshmanan

The paper-shredder finds its place in every office – efficiently slicing away confidential documents, rendering craft-worthy paper strips. What if you have a file on your computer that you wish to shred? If you are using a Linux system, there is a shell command called shred that can perform this task. Let me quickly show you how shred works.

NIST Tests Forensic Methods for Getting Data From Damaged Mobile Phones

Interview with Barbara Guttman, Rick Ayers, and Jenise Reyes-Rodriguez