How to Set up a Raspberry Pi ADS-B Flight Tracker for OSINT Investigation
This week I finally got some time to add an ADS-B Flight Tracker to my Maritime AIS Pi to facilitate the tracking of both aircraft and sea vessels. This may seem strange to have both trackers on one Pi (bear with me I promise this won’t be all about ships) but there are actually quite a few crossovers between maritime and flight tracking.
Due to the nature of the maritime industry, vessels often employ obfuscation techniques to hide their location. When a vessel turns off its AIS or “goes dark” it can’t be seen by AIS trackers such as MarineTraffic or Vessel Finder. This lack of AIS signal poses a problem for analysts who must now rely on alternative sources to piece together the location of a ship.
https://wondersmithrae.medium.com/how-to-set-up-a-raspberry-pi-ads-b-flight-tracker-for-osint-investigation-927f9ad857f9
This week I finally got some time to add an ADS-B Flight Tracker to my Maritime AIS Pi to facilitate the tracking of both aircraft and sea vessels. This may seem strange to have both trackers on one Pi (bear with me I promise this won’t be all about ships) but there are actually quite a few crossovers between maritime and flight tracking.
Due to the nature of the maritime industry, vessels often employ obfuscation techniques to hide their location. When a vessel turns off its AIS or “goes dark” it can’t be seen by AIS trackers such as MarineTraffic or Vessel Finder. This lack of AIS signal poses a problem for analysts who must now rely on alternative sources to piece together the location of a ship.
https://wondersmithrae.medium.com/how-to-set-up-a-raspberry-pi-ads-b-flight-tracker-for-osint-investigation-927f9ad857f9
Medium
How to Set up a Raspberry Pi ADS-B Flight Tracker for OSINT Investigation
This guide is accurate as of 12/13/21
GORIS
Command line tool for Google reverse image search automation. It can find links to similar pictures by URL or by file.
Written in #go. Very fast.
https://github.com/tanaikech/goris
#opensource #osint #google
Command line tool for Google reverse image search automation. It can find links to similar pictures by URL or by file.
Written in #go. Very fast.
https://github.com/tanaikech/goris
#opensource #osint #google
👍4
GVNG Search
Command line toolkit for gathering information about person (nickname search, validate email, geolocate ip) and domain (traceroute, dns lookup, tcp port scan etc).
https://github.com/ByDog3r/GvngSearch
#python #opensource #osint
Command line toolkit for gathering information about person (nickname search, validate email, geolocate ip) and domain (traceroute, dns lookup, tcp port scan etc).
https://github.com/ByDog3r/GvngSearch
#python #opensource #osint
The first place where you can get information about the sender of an e-mail is in service headers. They are retrieved from the properties of the email and then parsed in the public software heap: https://toolbox.googleapps.com/apps/messageheader/analyzeheader, https://mailheader.org/, https://mxtoolbox.com/EmailHeaders .aspx, http://ru.smart-ip.net/trace-email, https://www.iptrackeronline.com/email-header-analysis.php, https://mha.azurewebsites.net/, https: //suip.biz/en/?act=email etc.
Next, I suggest checking the activity of the email inbox, i.e. its actual existence on the mail server. This is done by sending an invisible SMTP request to an email address in one of the following services: https://www.zerobounce.net/, https://ipinfo.io/, https://mailboxlayer.com/, https: //2ip.ru/mail-checker/, https://ivit.pro/services/email-valid/, https://htmlweb.ru/service/email_verification.php, http://ru.smart-ip. net/check-email/.
Next, I suggest checking the activity of the email inbox, i.e. its actual existence on the mail server. This is done by sending an invisible SMTP request to an email address in one of the following services: https://www.zerobounce.net/, https://ipinfo.io/, https://mailboxlayer.com/, https: //2ip.ru/mail-checker/, https://ivit.pro/services/email-valid/, https://htmlweb.ru/service/email_verification.php, http://ru.smart-ip. net/check-email/.
Link in the Telegram search engines like Telegago and Google
https://cse.google.com/cse?q=+&cx=006368593537057042503:efxu7xprihg#gsc.tab=0&gsc.q=%20&gsc.page=1
https://cse.google.com/cse?q=+&cx=006368593537057042503:efxu7xprihg#gsc.tab=0&gsc.q=%20&gsc.page=1
👍1
Cobalt Strike persistence kit (StayKit)
StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the SharpStay .NET assembly. The aggressor script handles payload creation by reading the template files for a specific execution type.
https://github.com/0xthirteen/StayKit
#статьи_ссылки_scripts
StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the SharpStay .NET assembly. The aggressor script handles payload creation by reading the template files for a specific execution type.
https://github.com/0xthirteen/StayKit
#статьи_ссылки_scripts
GitHub
GitHub - 0xthirteen/StayKit: Cobalt Strike kit for Persistence
Cobalt Strike kit for Persistence. Contribute to 0xthirteen/StayKit development by creating an account on GitHub.
🔥4
SpoolSystem
SpoolSystem is a CNA script for Cobalt Strike which uses the Print Spooler named pipe impersonation trick to gain SYSTEM privileges.
It uses internal Cobalt Strike APIs not usually exposed to aggressor scripting to achieve seamless execution as SYSTEM without creating any new process or relying on shellcode injection.
https://github.com/itm4n/PrintSpoofer
SpoolSystem is a CNA script for Cobalt Strike which uses the Print Spooler named pipe impersonation trick to gain SYSTEM privileges.
It uses internal Cobalt Strike APIs not usually exposed to aggressor scripting to achieve seamless execution as SYSTEM without creating any new process or relying on shellcode injection.
https://github.com/itm4n/PrintSpoofer
GitHub
GitHub - itm4n/PrintSpoofer: Abusing impersonation privileges through the "Printer Bug"
Abusing impersonation privileges through the "Printer Bug" - itm4n/PrintSpoofer
DumpsterDiver
Tool can analyze big volumes of data and find some "secrets" in the files (passwords and hardcoded password, SSH, Azure and AWS keys etc)
Uncompress archived files, support regular expressions and advanced search rules.
https://github.com/securing/DumpsterDiver
Tool can analyze big volumes of data and find some "secrets" in the files (passwords and hardcoded password, SSH, Azure and AWS keys etc)
Uncompress archived files, support regular expressions and advanced search rules.
https://github.com/securing/DumpsterDiver
Forwarded from OSIntOps News
Week in OSINT #2022- 21 - sector035 - Exif Viewers
Since Jeffrey's Exif Viewer has been offline for some time, some people needed to go look for other solutions. On Twitter Kirby Plessas asked for some tips, and got some helpful replies, especially looking for solutions when you aren't able to install any local software, like Phil Harvey's ExifTool. Even tho it's probably the best local tool out there, there are some other possibilities.
Extensions and Add-ons
InVID/WeVerify: Chrome extension
EXIF Viewer Pro: Chrome extension
Exif Viewer: Firefox add-on
Online Solutions
Exifdata.com (Tip!)
CyberChef recipe (bit buggy, doesn't always work)
Forensically (use the 'Meta Data' option)
There are of course multiple extensions, add-ons or websites, but I simply can't add them all here. Do be weary that some browser extensions only show some basic information (like Exif Viewer Classic), unless you specify the exact fields you want to view.
A small word of warning, since I want to stress that you should always be careful using third party tools. Especially when you're trying to find metadata inside images, that may not be indexed by a search engine, or are somewhat sensitive. Because you don't know whether the other party saves them, or process them in some way you don't want to. In that case, I'd strongly recommend saving or emailing the images for later examination via a local tool.
Since Jeffrey's Exif Viewer has been offline for some time, some people needed to go look for other solutions. On Twitter Kirby Plessas asked for some tips, and got some helpful replies, especially looking for solutions when you aren't able to install any local software, like Phil Harvey's ExifTool. Even tho it's probably the best local tool out there, there are some other possibilities.
Extensions and Add-ons
InVID/WeVerify: Chrome extension
EXIF Viewer Pro: Chrome extension
Exif Viewer: Firefox add-on
Online Solutions
Exifdata.com (Tip!)
CyberChef recipe (bit buggy, doesn't always work)
Forensically (use the 'Meta Data' option)
There are of course multiple extensions, add-ons or websites, but I simply can't add them all here. Do be weary that some browser extensions only show some basic information (like Exif Viewer Classic), unless you specify the exact fields you want to view.
A small word of warning, since I want to stress that you should always be careful using third party tools. Especially when you're trying to find metadata inside images, that may not be indexed by a search engine, or are somewhat sensitive. Because you don't know whether the other party saves them, or process them in some way you don't want to. In that case, I'd strongly recommend saving or emailing the images for later examination via a local tool.
Twitter
kirbstr
A new #OSINT question for you all: Jeffreys Image Metadata Viewer is down (and I get why- victim of its own popularity). Which is your next favorite go-to with a web interface? Something easy for beginners? Nothing I know was as easy, accessible, and straightforward.…
Image recognition and reverse image search products power applications that make your images searchable.
https://tineye.com/
https://tineye.com/
👍1
europol_invest_bitcoin.pdf
5.4 MB
Interpol Methodology for Investigating Cryptocurrencies (Bitcoin) EN
👍3
Guidelines to Digital Forensics First Responders_V7.pdf
3.1 MB
Interpol Methodology for digital forensics
🔥3
INTERPOL_DFL_GlobalGuidelinesDigitalForensicsLaboratory.pdf
1.5 MB
Interpol Methodology Digital Forensics Laboratory
👍3