Threads.net Is Hiding Some OSINT Secrets You Definitely Need To Know
Threads, you say? The Dane Cook of social media??? (Shout out to the Archer fans out there who got that obscure joke) If you’ve been on Instagram over the past year, you’ve no doubt seen some profiles sporting that strange, extra squiggly looking @ symbol and perhaps you’ve even accidentally waded into Meta’s head-scratching approach to microblogging (think Twitter. yes I know it’s X, no one cares). That little symbol on a persons Insta serves as a gateway to Threads.net and while you may have ignored it in the past, I’m going to tell you several really important reasons you’ll…
OSINT Quick Tips: That CashApp QR Code on The Web Might Actually Be Hiding a Profile Photo!
If you do a lot of web-based OSINT research like I do, you’ve most likely conducted username searches using a powerful tool like https://whatsmyname.app that scurry out onto hundreds of websites in search of profiles bearing the username you’re interested in. In doing so, you may have come across CashApp user pages that usually bear a few common things: a cashtag (username), a display name, and most of the time… a seemingly useless QR code. Or is it? You see, while it is the case sometimes that the account holder hasn’t actually populated a profile photo, and therefore just displays…
OSINT Quick Tips: 2 Simple Methods of Getting Around Twitter’s Annoying Login Wall
Based on how often Twitter, oh sorry… I mean X, is changing these days, there’s a pretty good chance this blog will be obsolete by the time you read it but here goes anyway… Have you recently found yourself trying to visit a Twitter profile (when not logged in), and while it may initially load on the page, instantly you’re met with an annoying pop up after being redirected to a login prompt? Without a sock puppet account (which is getting harder to create and hang onto), you’re unable to get beyond that unexpected barrier. ANNOYING. Annoying, but not impossible.…
OSINT Quick Tips: Beyond WHOIS
In this Quick Tips blog post (yep, that’s a thing now), I’ll be showing you a couple additional (and quite useful) functions of my favorite WHOIS Lookup site, and hopefully adding a little something new to your ever-growing OSINT methodology. Much like my desire to stay in college, this blog is going to be over just about as soon as it starts. Disclaimer/Warning: WHOIS records can be falsified, outdated, and in the case of things like common names they may not even be same person you’re investigating. Stop saying “I learned it from the internet” when you get in trouble…
A Veteran’s Day Plea: How OSINT Reunited 2 Long-Lost Soldiers.
The faces and names shown in this blog are real, and are being used with their permission. Some details have been redacted or obscured to…
An Overseas Businessman Died and Left Me $4.6M, So I Used OSINT & Social Engineering to Scam a Scammer.
I received this email to my business back in 2022, and it landed directly in my spam folder, exactly as it should have… It’s a…
A Snapchat OSINT Tip: Viewing Bitmoji Changes
In today’s episode of “Blogs That Should Have Been a Tweet”, I want to give you a tip about Snapchat. More specifically, a tip about…
Telegram OSINT Basics: 5 Tips Anyone Can Do Right Now
A while back I posted a companion blog that was mostly a list of links from a talk I did on Telegram OSINT at the…
Telegram OSINT From The Outside
This blog is simply a placeholder for the links and related content for a talk of mine at the 2022 National Child Protection Task Force…
Advanced OSINT: The Art of Pivoting
This blog serves as a companion post to my talk at the 2022 National Cyber Crimes Conference called “Advanced OSINT: The Art of Pivoting”The conference…
A Scam Study: Too-Good-To-Be-True Deal Sites Lurking in Your Social Media
If you don’t spend much time in the r/Scams subReddit, you really are missing out. Aside from the never-ending landslide of scam examples to learn…
LinkedIn Fakes: A Wolf in Business Casual Clothing
Nobody wants to believe they’ll fall for a scam. Especially not any of you, my intelligent, savvy, and OPSEC-conscious friends! Your radar is always on…
Solving an Image Geolocation Challenge
In this world, there are just 2 things that will always make me instantly drop whatever I’m doing and snap to attention… someone asking “who…
4 Simple & Useful OSINT Search Bookmarklets
Welcome to the 18th most interesting OSINT blog about bookmarkets of 2021. A very quick DIY “tool” share here, guaranteed* to contain at least 40%…
Ethically Controversial Practices in OSINT
Legality, morals, and ethics while conducting online investigations. There, I said it! Feels about as comfortable as being called on by the teacher to read…
My 3 Favorite Facebook OSINT Tips & Tricks
You’d be hard pressed to find an information rich source as robust as Facebook. With over 2.7 Billion active users (including my own grandma), it…
New LinkedIn Search Features Mean New OSINT Opportunities!
Let me start with a quick note of apology for my long hiatus. I know you all come here every day just constantly hitting refresh,…
Mining OSINT Gold… From Video Game Forums
When a child is missing, every single minute counts. If you’re someone who practices #OSINTforgood (I’m looking at you, Trace Labs CTF participants), you know…
Think Private Facebook Profiles Pages Are A Dead End? Think Again!
As the old saying goes… Facebook giveth, and Facebook taketh away (RIP graph search #neverforget). Well, in late 2019, Facebook did a little bit (a…