We hope you enjoyed the article we wrote about OSINT a while back, which explored the meaning of the term, the history behind the concept and the ease with which one can use it — even without knowing too much about it.
They can reveal useful information about individuals, what they look for, how they do it, what they like and many other personal details. NetBootCamp is a great tool for searching different strings within Facebook. It allows you to generate requests inside Facebook from a simple web-based interface. It will build the query URL for you so you can examine all the details. In the following examples, we launched a couple of queries using their web interface, which is just a simple front end for common Facebook operations but simplified to help you choose your search without any complications.
For most requests, you need to have a fully activated Facebook account. You can also choose to search for details about the profile, photos, videos and much more. This excellent software will show you how exposed you are on the Internet.
Maltego can easily help you correlate and find links between individuals, organizations, geolocations, addresses, emails and phone numbers. Java 1. FB People Directory is a native tool built by Facebook so you can, as its name suggests, search their people directory. The directory will show you the full list of Facebook members worldwide, where you can filter the results by first or last name. Search is Back is a similar tool to NetBootCamp, as it allows you to search for people and events on Facebook — but it also lets you search by location, relationships, gender, job title, language spoken, and other details.
StalkScan follows on the same line as the tools listed previously but has a nice, wide interface with a lot of options. The bad thing is, most of the queries use old Facebook URLs that no longer work. Then we ran some tests, and some of the functions were working as expected. Facebook Live Map is an interactive global map function that comes with Facebook by default.
Using the URL gives you the ability to watch live streaming videos from anywhere in the world. In this case, we were able to grab some locations where live transmissions are being streamed right now. The resulting URL will be something like:.
You can replace this with any email you know to confirm whether it belongs to the person you suspect. For example, we searched for the email address morrison pucc. A Facebook page associated with that email appears as the first result.
New OSINT Guide
Facebook Sleep Stats is an interesting app that was built not to fetch email, location or other common details, but to exploit a Facebook security flaw that lets you keep track of any online or offline profile status. This application makes it possible to get a full list of Facebook users IDs, along with timestamps of their most recent online activity:. While all these tools can be helpful for gathering details about social profiles from individuals, there is much more to gathering OSINT Facebook data.
Our passive DNS technology allows you to investigate everything you can imagine about any organization or company in the world, way beyond a simple citizen profile. But our intel information about Facebook. SecurityTrails technology lets you explore the entire list of Facebook subdomains from the same web interface:. Furthermore, our recently launched SurfaceBrowser product enables you to integrate all these great tools into one single powerful interface, now one of the best sources available for your OSINT Facebook investigation.
No company is immune from getting spied on or analyzed, and the fact that Facebook is one of the most popular social networks in use makes it an easy target in the infosec market.New tools are being published weekly. If you would like to join us in the future, then please see the details here:.
Videos of previous webcasts are posted on our channel on YouTubewhile audio can be found in podcast formats on:. This is a list of all webcasts of the past.
For each web cast there is an extract of topics, to help you find that one particular webcast you might be looking for.
Click on the date to go to the dedicated page for the webcast, with more information, all the sources mentioned during the recording and of course a link to the webcast itself. Guest: Jan Tegze JanTegze. Guest: Roelof Temmingh VortimoTech. Guest: Chris Kubecka SecEvangelism. If you would like to join us in the future, then please see the details here: Join us on the Webcast!
Podcasts Videos of previous webcasts are posted on our channel on YouTubewhile audio can be found in podcast formats on: Anchor.
Top 9 Popular OSINT Facebook Tools
Past Webcasts This is a list of all webcasts of the past. Like this: Like Loading Post was not sent - check your email addresses! Sorry, your blog cannot share posts by email.Open Source Intelligence, often abbreviated as OSINT, is data and information that is collected legally from open and publicly available resources. The raw data is collected and then analyzed to help understand something more clearly. The OSINT framework supports decision making, assess public perceptions, forecast changes and much more.
Technically, anyone who knows how to use the tools and techniques to access the information is said to have used the process. However, the process is used formally by the United States intelligence community, the militarylaw enforcement, IT security professionals, private businesses and private investigators.
Open source data and information is available in a variety of places, most of which are accessible via the internet. Examples include:. The tools and techniques used in Open Source Intelligence searching go much further than a simple Google search. Following is a list of helpful, time-saving open-source intelligence tools. Note: most are free, although some have advanced features available for a fee.
This is one of my favorite open source intelligence tools because anyone can use it. Have I Been Pawned? Just enter an email address and it will tell you which breaches the email was affected by.
In addition, it gives a brief overview of the breach. Hoaxy — Hoaxy is an open-source search tool that visualizes the spread of articles online. Media Bugs — A media bug is something in the media e. The site can be used in identifying fake or incorrect news, and to also look for corrected versions.
PolitiFact — Politifact is focused on fact-checking journalism. Politifact uses a helpful rating scale to rate statement made by journalists, political figures and others. The scale runs from True to Full Flop and is a helpful way to know who is telling the truth and who is lying. The company won a Pulitzer Prize for its work. SciCheck evaluates such claims and explains whether or not they are true.
Snopes — Snopes. The free site researches everything from urban legends, rumors, myths, questionable photos and videos, articles and claims made by public figures.
Verification Junkie — Verification Junkie is a collection of tools designed to help verify and fact check information and assess the validity of eyewitness reports. This site has a collection of very cool tools that are worth the time to dig into. With over eight million sensors that emulate over six thousand applications. Their home page shows a live attack map with real-time information on attacks.
The following tools go beyond the typical Image Search option that is offered by most major search engines. Current Location — Current Location is a neat map search tool that allows you to select a position on the map anywhere in the world. Then, you can view photos within a certain radius of your location. It checks photos posted to Instagram, Flickr, and px. Simply drag and drop, or upload, an image into the search form and it will attempt to tell you what it is.
TinEye — TinEye is a reverse image search that allows you to search by image and find out where that image is online.Google Operators Remember we can string multiple operators together site: Limit results to those from a specific domain site:apple.
A pipe symbol is the same as OR. If no results are found, we'll try to show related results. Supported file types: pdf, doc xxls xppt xhtml dogs site:example. Invest in defining strong process. Are you signed into a live session for the platform you are querying? Start looking at page source to see what is going on behind the scenes.
Open Source Intelligence & Forensic Tools
If you only look at the gui, you are missing alot. Tenacity wins the day. Most answers are not going to fall into your lap. Patience and persistence above all else. Set up your note-taking and data collection to track your work - paper notebook, One-Note, Hunch.
List your investigative goals - full profile, locate for apprehension, identify associates, collect digital evi dence, etc. List your seed info - emails, phone numbers, names, etc. If possible get a hold of a booking or DOL photo for comparison while researching social media.
I do a quick Google search and check my people finder site of choice for that week. My typical order is email, real name, search engines, Facebook, twitter and then the rest depending on what you have to go on. I exhaust inteltechniques. Any page that is important I note any identifiers account IDs, user names, etc on my notepad and fireshot a pdf of the page.
That pdf is saved in the case directory. On a case with multiple targets create subfolders for each person of interest.
I embed any pertinent screen captures, pdfs such as lexis-nexis reports, and good photos of the targets, any vehicles and addresses. I go over that report with the case detective or agent to explain my investigation and see if they have any questions or want any additional info. My rough notes, workbooks, hunch. The exceptions are things like intel gathering for operations, events, threat assessments, etc.I updated several search options within the right-side portion of the Facebook Tools page in order to correct these issues, and added some new functionality.
The Multiple Variables option is also working again. However, there are come caveats. You Must be logged into a Facebook profile You should refresh the tools page to get the latest updates Some countries are blocked from these types of searches Change to US Some profiles are blocked from these searches Flagged accounts Some tools require a User ID instead of keyword These are marked Some can accept either a user number or user name.
I anticipate several additions to this tool in the coming weeks as new search techniques become stable. You Must be logged into a Facebook profile You should refresh the tools page to get the latest updates Some countries are blocked from these types of searches Change to US Some profiles are blocked from these searches Flagged accounts Some tools require a User ID instead of keyword These are marked Some can accept either a user number or user name I anticipate several additions to this tool in the coming weeks as new search techniques become stable.Before contacting us, please see the FAQ below for answers to the most common questions we receive.BigConnect for OSINT, Part 1: Web & Facebook Crawling
If you do not see what you need, please use the following list to contact the appropriate personnel. Q: I need help with an issue, technique, or method presented in the books or podcast.
Can you help me? A: Please note we cannot respond to requests for general or technical assistance. Q: I would like to attend a live training course, where is the schedule?
A: All of our live training sessions are conducted privately for specific groups or agencies. We typically do not offer courses with open enrollment to the public. Any open courses will be listed HERE. A: The public forum and free online tools were shut down in May of due to abuse and legal demands. Email us from your registered video training email account for the details. My weekly podcast presents ideas to help you become digitally invisible, stay secure from cyber threats, and make you a better online investigator.
Click HERE to listen or subscribe. Twitter Our Twitter feed always announces our latest updates, projects, and upcoming public events.
Contact Us Before contacting us, please see the FAQ below for answers to the most common questions we receive. Q: I would like to enroll in the online video training, where can I find it? Weekly Podcast My weekly podcast presents ideas to help you become digitally invisible, stay secure from cyber threats, and make you a better online investigator.This tool is based on the sowdust code. Disclaimer: It is your responsibility to comply with the Facebook Terms of Service.
For some searches, using a keyword is necessary. If you don't want to filter via keyword, try to leave this field blank at first. If you get no results, you can also try to add more "neutral" filters i. If it still doesn't work, try to put the name of the entity you are filtering for as a keyword. For example, if you are looking for people living in London, just use "london" as a keyword. If you do not have an account, create one here. Forgot your password? Reset it here. These tools are free to use.
General Search Engines. Google Scholar. Google Patents. Google News. Not Evil. Important: Make sure that popups are allowed. If you don't see all new tabs opened after hitting search, go back to this tab and enable popups when your browser asks Chrome: Right side in the URL bar.
Disclaimer: We are not responsible for any 3rd party services and their results. Validate Email Addresses. Use this tool to check if a list of email addresses is valid.
Each email will have the status Valid, Invalid or Trashmail. Trashmail indicates that the domain is a temporary email provider. Email Lookup. Intelligence X. Hunter Verify. Domain Lookup.