MW-OSINT
@plosint.com
#OSINT enthusiast, started OSINTing when Usenet was still big, اوسینت
Quiztime!
Look at the image & complete the following tasks:
1. Which unit is stationed here?
2. How did the compound change over the past 3 years? Was anything new built?
3. Find images from after 2000 that show the main ops building (both in/outsidee).
4. Name the commander in the year 2000.
Look at the image & complete the following tasks:
1. Which unit is stationed here?
2. How did the compound change over the past 3 years? Was anything new built?
3. Find images from after 2000 that show the main ops building (both in/outsidee).
4. Name the commander in the year 2000.
July 23, 2025 at 6:40 PM
Quiztime!
Look at the image & complete the following tasks:
1. Which unit is stationed here?
2. How did the compound change over the past 3 years? Was anything new built?
3. Find images from after 2000 that show the main ops building (both in/outsidee).
4. Name the commander in the year 2000.
Look at the image & complete the following tasks:
1. Which unit is stationed here?
2. How did the compound change over the past 3 years? Was anything new built?
3. Find images from after 2000 that show the main ops building (both in/outsidee).
4. Name the commander in the year 2000.
A little #Python with the help of #ChatGPT & 30min later a Bluesky account scraper is up & running, including a search/filter function on the data. Next up, I'll add media preview & have the JSON routed to a local #AI #RAG for a quick summary & analysis of the account.
#OSINT #SOCMINT
#OSINT #SOCMINT
May 22, 2025 at 8:05 PM
How do you judge the reliability of a source in #OSINT investigations? And what about the credibility of the information you find?
My newest article dives into the Admiralty Code and why this principle could be useful in your daily OSINT work.
tinyurl.com/2rx7hmfj
My newest article dives into the Admiralty Code and why this principle could be useful in your daily OSINT work.
tinyurl.com/2rx7hmfj
May 15, 2025 at 1:38 PM
How do you judge the reliability of a source in #OSINT investigations? And what about the credibility of the information you find?
My newest article dives into the Admiralty Code and why this principle could be useful in your daily OSINT work.
tinyurl.com/2rx7hmfj
My newest article dives into the Admiralty Code and why this principle could be useful in your daily OSINT work.
tinyurl.com/2rx7hmfj
Time for a #geolocation quiz.
Which famous movie was shot at this location?
Add your solution to the replies after the spoiler break and please describe how you got there.
#OSINT
Which famous movie was shot at this location?
Add your solution to the replies after the spoiler break and please describe how you got there.
#OSINT
May 15, 2025 at 5:49 AM
Time for a #geolocation quiz.
Which famous movie was shot at this location?
Add your solution to the replies after the spoiler break and please describe how you got there.
#OSINT
Which famous movie was shot at this location?
Add your solution to the replies after the spoiler break and please describe how you got there.
#OSINT
Final version of this little test. Downloads from Google, Bing & Yandex now. Filetypes can be chosen with check boxes. Download errors are shown and a double click opens the URL in the browser. Upon request, metadata can be extracted. Not bad for basically no coding abilities and 30 min in #ChatGPT
April 26, 2025 at 2:59 PM
Final version of this little test. Downloads from Google, Bing & Yandex now. Filetypes can be chosen with check boxes. Download errors are shown and a double click opens the URL in the browser. Upon request, metadata can be extracted. Not bad for basically no coding abilities and 30 min in #ChatGPT
Version 2 is a GUI that searches Google for a specific query & specific filetypes. Lists all the results as a preview & allows bulk or selected download & where to download. Reminds me of the very early version of FOCA from around 2010-2011. And all of this without in-depth knowledge of coding
April 26, 2025 at 8:11 AM
Version 2 is a GUI that searches Google for a specific query & specific filetypes. Lists all the results as a preview & allows bulk or selected download & where to download. Reminds me of the very early version of FOCA from around 2010-2011. And all of this without in-depth knowledge of coding
Never liked coding my own #OSINT tools. Now #AI does this. Wanted a GUI version as a Windows exe for a file downloader I wrote. 5min chatting with a #GPT & it's done. While AIs can only replicate roughly 75% of what I find manually in my research, they can do 100% of the #Python coding from now on.
April 26, 2025 at 6:44 AM
Turns out that all the "leaked" docs could've been found & downloaded by simply searching for PDFs (or other filetypes) on the websites. Now I'm pretty sure the "hackers" didn't do this manually & probably did a bulk download across websites. Next to the website scan, that's the most tech it'll get.
April 17, 2025 at 9:00 AM
Turns out that all the "leaked" docs could've been found & downloaded by simply searching for PDFs (or other filetypes) on the websites. Now I'm pretty sure the "hackers" didn't do this manually & probably did a bulk download across websites. Next to the website scan, that's the most tech it'll get.
Some of the documents where quite long and since my Russian is a bit rusted, I again used ChatGPT to translate and summarize some of them. Most of the documents I encountered weren't that secret and I was pretty sure to find them on the company websites. So, off to Google for for Google Dorking
April 17, 2025 at 9:00 AM
Some of the documents where quite long and since my Russian is a bit rusted, I again used ChatGPT to translate and summarize some of them. Most of the documents I encountered weren't that secret and I was pretty sure to find them on the company websites. So, off to Google for for Google Dorking
Uploaded the txt files to ChatGPT, I asked which tool they could originate from. So apparently, each companies website was simply scanned using one or more of the following tools: #WPScan, #Nitko, #WhatWeb and of course Nmap. Next up I wanted to figure out what was in the "leaked documents" folder.
April 17, 2025 at 9:00 AM
Each company folder in the leak contains subfolders with "leaked dokuments" and "vulnerabilities". The vulnerabilities contain a simple txt file named "fetched data". To me, this looks like someone scanned the website with some sort of tool (like #nmap). Not my area of expertise, so I asked ChatGPT
April 17, 2025 at 9:00 AM
Each company folder in the leak contains subfolders with "leaked dokuments" and "vulnerabilities". The vulnerabilities contain a simple txt file named "fetched data". To me, this looks like someone scanned the website with some sort of tool (like #nmap). Not my area of expertise, so I asked ChatGPT
Reminds of my April Fools joke over on LinkedIn. Although, seeing the craziness every day, I'm still waiting for the rebranding of #intelligence to actual happen!
Say goodbye to #SIGINT #OSINT #GEOINT and #HUMINT - here come the "Trump Thoughts" 🤣
Say goodbye to #SIGINT #OSINT #GEOINT and #HUMINT - here come the "Trump Thoughts" 🤣
April 14, 2025 at 2:03 PM
Reminds of my April Fools joke over on LinkedIn. Although, seeing the craziness every day, I'm still waiting for the rebranding of #intelligence to actual happen!
Say goodbye to #SIGINT #OSINT #GEOINT and #HUMINT - here come the "Trump Thoughts" 🤣
Say goodbye to #SIGINT #OSINT #GEOINT and #HUMINT - here come the "Trump Thoughts" 🤣
Trump rebrands #intelligence as “Trump Thoughts”
Goodbye #OSINT, #SIGINT and #HUMINT - say hello to OSTT, SITT, HUMTT
Goodbye #OSINT, #SIGINT and #HUMINT - say hello to OSTT, SITT, HUMTT
April 1, 2025 at 6:58 AM
Trump rebrands #intelligence as “Trump Thoughts”
Goodbye #OSINT, #SIGINT and #HUMINT - say hello to OSTT, SITT, HUMTT
Goodbye #OSINT, #SIGINT and #HUMINT - say hello to OSTT, SITT, HUMTT
Doomscrolling isn’t healthy. Here’s a reminder that you can define what to see on BSky via the content moderation.
Don’t wanna see posts about the orange asshole in the White House or his Nazi sidekick? You can mute keywords temporarily or even permanently without unfollowing accounts.
#mentalhealth
Don’t wanna see posts about the orange asshole in the White House or his Nazi sidekick? You can mute keywords temporarily or even permanently without unfollowing accounts.
#mentalhealth
March 18, 2025 at 4:20 PM
Doomscrolling isn’t healthy. Here’s a reminder that you can define what to see on BSky via the content moderation.
Don’t wanna see posts about the orange asshole in the White House or his Nazi sidekick? You can mute keywords temporarily or even permanently without unfollowing accounts.
#mentalhealth
Don’t wanna see posts about the orange asshole in the White House or his Nazi sidekick? You can mute keywords temporarily or even permanently without unfollowing accounts.
#mentalhealth
Here I not only receive the timestamp of the post (which of course can be looked up in the post itself), but also the exact date and time the account was created.
Pretty cool, isn't it? Do you have any good examples in which Unfurl unravels interesting information from a URL?
Pretty cool, isn't it? Do you have any good examples in which Unfurl unravels interesting information from a URL?
March 11, 2025 at 7:40 PM
Here I not only receive the timestamp of the post (which of course can be looked up in the post itself), but also the exact date and time the account was created.
Pretty cool, isn't it? Do you have any good examples in which Unfurl unravels interesting information from a URL?
Pretty cool, isn't it? Do you have any good examples in which Unfurl unravels interesting information from a URL?
Taking the URL and looking it up in Unfurl reveals the exact timestamp. Not just two days ago, but at exactly 12:00 UTC.
Whenever I can, I run URLs through Unfurl. In the next example I did the same with a Bluesky post.
Whenever I can, I run URLs through Unfurl. In the next example I did the same with a Bluesky post.
March 11, 2025 at 7:40 PM
Taking the URL and looking it up in Unfurl reveals the exact timestamp. Not just two days ago, but at exactly 12:00 UTC.
Whenever I can, I run URLs through Unfurl. In the next example I did the same with a Bluesky post.
Whenever I can, I run URLs through Unfurl. In the next example I did the same with a Bluesky post.
URLs to social media posts often contain timestamps that give you the exact date & time the post was published. These can be found by analyzing the URL with dfir.blog/unfurl/
Take this recent LinkedIn post of mine. According to LinkedIn it was published 2 days ago. When exactly? No idea
#OSINT 🧵
Take this recent LinkedIn post of mine. According to LinkedIn it was published 2 days ago. When exactly? No idea
#OSINT 🧵
March 11, 2025 at 7:40 PM
URLs to social media posts often contain timestamps that give you the exact date & time the post was published. These can be found by analyzing the URL with dfir.blog/unfurl/
Take this recent LinkedIn post of mine. According to LinkedIn it was published 2 days ago. When exactly? No idea
#OSINT 🧵
Take this recent LinkedIn post of mine. According to LinkedIn it was published 2 days ago. When exactly? No idea
#OSINT 🧵
Next question: is he a good or a bad guy?
Aka regime-friendly & possibly works for the Iranian government or is he maybe someone we could recruit to work against #Iran.
Remember: #OSINT can help identify #HUMINT sources! So I need to know his political stance towards his home country.
Aka regime-friendly & possibly works for the Iranian government or is he maybe someone we could recruit to work against #Iran.
Remember: #OSINT can help identify #HUMINT sources! So I need to know his political stance towards his home country.
March 6, 2025 at 7:37 PM
The CSV was given to an AI for further #analysis, since I can't read #Persian:
- Are there any tweets related to #hacking?
Turns out the person tweets about #cybersecurity and #exploits. He also seems to be involved in the Iranian cybersecurity community & knows a thing or two about hacking.
- Are there any tweets related to #hacking?
Turns out the person tweets about #cybersecurity and #exploits. He also seems to be involved in the Iranian cybersecurity community & knows a thing or two about hacking.
March 6, 2025 at 7:37 PM
The CSV was given to an AI for further #analysis, since I can't read #Persian:
- Are there any tweets related to #hacking?
Turns out the person tweets about #cybersecurity and #exploits. He also seems to be involved in the Iranian cybersecurity community & knows a thing or two about hacking.
- Are there any tweets related to #hacking?
Turns out the person tweets about #cybersecurity and #exploits. He also seems to be involved in the Iranian cybersecurity community & knows a thing or two about hacking.
Next up I asked to have all the possible combinations put together in a list. Using these techniques I could easily have lists generated with any additional info, such as birth year or alternate email providers.
March 5, 2025 at 6:15 AM
Next up I asked to have all the possible combinations put together in a list. Using these techniques I could easily have lists generated with any additional info, such as birth year or alternate email providers.
#AI tools such as #ChatGPT are replacing more and more of the common #OSINT tools I’ve been using the past years. Inspired by a great @osintcombine.bsky.social blog on email research I asked ChatGPT to give me possible email permutations of certain name.
🧵
🧵
March 5, 2025 at 6:15 AM
#AI tools such as #ChatGPT are replacing more and more of the common #OSINT tools I’ve been using the past years. Inspired by a great @osintcombine.bsky.social blog on email research I asked ChatGPT to give me possible email permutations of certain name.
🧵
🧵
A glimpse into one documents found with the previous query shows a plethora of relevant information! Units, what they order, contacts with emails & phone numbers - this can then be used for further research & gives a good overview of equipment/mission and possibly state of readiness of these units.
February 28, 2025 at 3:29 PM
A glimpse into one documents found with the previous query shows a plethora of relevant information! Units, what they order, contacts with emails & phone numbers - this can then be used for further research & gives a good overview of equipment/mission and possibly state of readiness of these units.
Google dorks help as well. Most PDFs are found in a specific section of the site - So using the site-operator in combination with filetype & any given keyword will allow us to quickly browse through relevant PDFs. Of course this can also be automated, as the PDFs will not be online continuously.
February 28, 2025 at 3:29 PM
Google dorks help as well. Most PDFs are found in a specific section of the site - So using the site-operator in combination with filetype & any given keyword will allow us to quickly browse through relevant PDFs. Of course this can also be automated, as the PDFs will not be online continuously.
Most public tenders uploaded scans of the tender documents. These not only tell you what is being procured, but can also hint at activities of the ordering entity. E.g. we can see what comms - #Thuraya #ICOM - the Frontier Corp in Balochistan uses and that they have #DJI drones at their disposal.
February 28, 2025 at 3:29 PM
The site shows see current public tenders (max. 10 days from the closing date) and allows you to filter by organizations. The functionality is quite neat and gives you an overview of all entities listed in their database. Military units, government offices, state-owned enterprises - it's all there!
February 28, 2025 at 3:29 PM
The site shows see current public tenders (max. 10 days from the closing date) and allows you to filter by organizations. The functionality is quite neat and gives you an overview of all entities listed in their database. Military units, government offices, state-owned enterprises - it's all there!