An excellent demonstration of how Maltego can be used to analyze mobile operator detail data as part of a police investigation.
▶️ https://youtu.be/cjCQBYld_wM

Useful for this kind of work:
1️⃣ Maltego software package
2️⃣ Google Earth service (Google Maps or Yandex Maps)
3️⃣ Map Developers service (obtaining GPS coordinates of places)
4️⃣ Xinit service (mass binding of numbers to the operator and region)

https://osintops.com/how-to-use-google-for-osint-on-maltego/

Free Google transform for OSINT on Maltego... with a link to the author @Osintlatestnews

1️⃣ Run Maltego and add your transform set as shown in the picture
https://cetas.paterva.com/TDS/runner/showseed/fastCSEs
2️⃣ Install the new kit in your version of Maltego... that's it, you can use

Open-Source Intelligence (OSINT) in 5 Hours - Full Course - Learn OSINT!
https://www.youtube.com/watch?v=qwA6MmbeGNo

All Course Resources/Links https://github.com/TCM-Course-Resources/Open-Source-Intellingence-Resources

Natural Hazards Map (worldwide)

Enter location and assess the risk of flooding, earthquakes and hail in this place on the map.

https://fmglobal.com/research-and-resources/nathaz-toolkit/flood-map

#geoint #osint

How to Set up a Raspberry Pi ADS-B Flight Tracker for OSINT Investigation
This week I finally got some time to add an ADS-B Flight Tracker to my Maritime AIS Pi to facilitate the tracking of both aircraft and sea vessels. This may seem strange to have both trackers on one Pi (bear with me I promise this won’t be all about ships) but there are actually quite a few crossovers between maritime and flight tracking.

Due to the nature of the maritime industry, vessels often employ obfuscation techniques to hide their location. When a vessel turns off its AIS or “goes dark” it can’t be seen by AIS trackers such as MarineTraffic or Vessel Finder. This lack of AIS signal poses a problem for analysts who must now rely on alternative sources to piece together the location of a ship.

https://wondersmithrae.medium.com/how-to-set-up-a-raspberry-pi-ads-b-flight-tracker-for-osint-investigation-927f9ad857f9

GORIS

Command line tool for Google reverse image search automation. It can find links to similar pictures by URL or by file.

Written in #go. Very fast.

https://github.com/tanaikech/goris

#opensource #osint #google

GVNG Search

Command line toolkit for gathering information about person (nickname search, validate email, geolocate ip) and domain (traceroute, dns lookup, tcp port scan etc).

https://github.com/ByDog3r/GvngSearch

#python #opensource #osint

The first place where you can get information about the sender of an e-mail is in service headers. They are retrieved from the properties of the email and then parsed in the public software heap: https://toolbox.googleapps.com/apps/messageheader/analyzeheader, https://mailheader.org/, https://mxtoolbox.com/EmailHeaders .aspx, http://ru.smart-ip.net/trace-email, https://www.iptrackeronline.com/email-header-analysis.php, https://mha.azurewebsites.net/, https: //suip.biz/en/?act=email etc.

Next, I suggest checking the activity of the email inbox, i.e. its actual existence on the mail server. This is done by sending an invisible SMTP request to an email address in one of the following services: https://www.zerobounce.net/, https://ipinfo.io/, https://mailboxlayer.com/, https: //2ip.ru/mail-checker/, https://ivit.pro/services/email-valid/, https://htmlweb.ru/service/email_verification.php, http://ru.smart-ip. net/check-email/.

Link in the Telegram search engines like Telegago and Google

https://cse.google.com/cse?q=+&cx=006368593537057042503:efxu7xprihg#gsc.tab=0&gsc.q=%20&gsc.page=1

Cobalt Strike persistence kit (StayKit)

StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the SharpStay .NET assembly. The aggressor script handles payload creation by reading the template files for a specific execution type.

https://github.com/0xthirteen/StayKit

#статьи_ссылки_scripts

SpoolSystem

SpoolSystem is a CNA script for Cobalt Strike which uses the Print Spooler named pipe impersonation trick to gain SYSTEM privileges.

It uses internal Cobalt Strike APIs not usually exposed to aggressor scripting to achieve seamless execution as SYSTEM without creating any new process or relying on shellcode injection.

https://github.com/itm4n/PrintSpoofer

DumpsterDiver

Tool can analyze big volumes of data and find some "secrets" in the files (passwords and hardcoded password, SSH, Azure and AWS keys etc)

Uncompress archived files, support regular expressions and advanced search rules.

https://github.com/securing/DumpsterDiver