The Privacy, Security, & OSINT Show – Episode 119

Posted on April 12th, 2019

EPISODE 119-How to Find Hidden Recording Devices

This week, my guest is Tom Gibbons, and he will explain the best ways to locate hidden recording devices such as microphones and cameras. Also, I have a slew of recent privacy news and a new OSINT tip to discuss.

Support for this show comes directly from the IntelTechniques online OSINT & Privacy video training. We now have over 85 hours of content, with more added every month. Listeners of this show always receive a 25% discount at https://inteltechniques.com/25.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify

SHOW NOTES:

INTRO:

Apple Update
https://www.forbes.com/sites/thomasbrewster/2019/04/10/what-happened-when-the-dea-demanded-passwords-from-lastpass/#10f93bdb7ebe
https://www.zdnet.com/article/cybercrime-market-selling-full-digital-fingerprints-of-over-60000-users/
https://www.bombitup.net/
https://www.foxnews.com/tech/thousands-of-amazon-workers-listening-to-alexa-recordings-hear-personal-information-even-potential-crimes-report
https://news.sky.com/story/family-discovers-hidden-camera-livestreaming-in-airbnb-11684049

HOW TO FIND HIDDEN RECORDING DEVICES:

Tom Gibbons
http://www.tscmnet.com/

Thermal Imaging Camera: https://amzn.to/2UJF70w

Network Scanning Apps:

https://itunes.apple.com/us/app/blue-hound/id1067368392?mt=8

https://play.google.com/store/apps/details?id=com.overlook.android.fing&hl=en_US

OSINT:

https://www.carvana.com/trades/new?licenseplate=HACKER&state=CA

Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
ProtonVPN: https://protonvpn.net?aid=IntelTechniques
Amazon: http://amzn.to/2IAyNzm
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques

Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 119

New Online Investigation (OSINT) Resources

Posted on April 9th, 2019

It has been a while since I posted a collection of new OSINT resources, so this one is lengthy. The following were recently added to the online search tools, live training curriculum, and online training courses.

Trumail API (https://api.trumail.io/v2/lookups/json?email=test@inteltechniques.com): This API was demonstrated in my recent webinar about email search. It serves as a verification option to identify legitimate email addresses and filter burner accounts. It also explicitly identifies disposable and free email services, while announcing whether an account is a catch-all.

Spycloud (https://portal.spycloud.com/endpoint/enriched-stats/test@test.com): This API provides a positive or negative indicator for an email address present in the Spycloud collection of data breaches. While the information is minimal, no API key is required. It also identifies the number of breached email records for the domain.

VIN-NHTSA (https://vpic.nhtsa.dot.gov/api/vehicles/decodevinextended/3GTEK13Y87G527460?format=json): This is an official government VIN search for vehicle make/model details. The output is very detailed, and below is a portion.

“Message”: “Results returned successfully”,
“SearchCriteria”: “VIN:3GTEK13Y87G527460”,
“Value”: “GENERAL MOTORS LLC”,
“Value”: “Sierra”,
“Value”: “2007”,
“Value”: “1500 (1/2 ton)”,
“Value”: “TRUCK “,

FAXVIN (https://www.faxvin.com/): This alternative option allows you to enter a VIN to identify full details about the vehicle (but no owner information).

Vehicle History (https://www.vehiclehistory.com/): Vehicle search by VIN which provides details about the make/model/recalls/thefts/etc.

O’Reilly License (https://www.oreillyauto.com/): This option allows you to enter a VIN or license plate to identify full details about the vehicle (but no owner information).

Carvana (https://www.carvana.com): This alternative option allows you to enter a VIN or license plate to identify full details about the vehicle (but no owner information).

Facebook Live (https://www.facebook.com/search/str/Live/videos-live): A less powerful replacement for the Facebook Live Video Map, which was eliminated earlier this year.

Facebook Intersect Search Tool (https://www.osintcombine.com/facebook-intersect-search-tool): Graphical option for Facebook intersect searching.

Carbon Dating The Web (http://carbondate.cs.odu.edu): This service uses public archives of a domain to estimate the creation date. The following demo of my own site was only off by two months.

DomainBigData ( https://domainbigdata.com): This is a typical Whois lookup site, but contains a free historic record, as seen below. This can identify the owner of a website which currently possesses a private registration.

URLScan (https://urlscan.io/): This resource provides an additional screen capture of the target address, which is often dated prior to undesired website changes or deletions. This is a small supplement to archive sites.

Website Informer (https://website.informer.com):This offers yet another unique historical view of a domain.

DomainIQ – Hosting Research (https://www.domainiq.com/hosting_research): The screen capture archive of this resource has been extremely helpful in the past. It is currently down, but will hopefully return. When working, the following screen would be full of archived screen captures of a website.

FluidDATA Podcast Search Engine (https://fluiddata.com): This resource allows you to search the spoken text of many podcasts. Useful for searching email addresses such as mike at gmail dot com.

BitcoinAbuse (https://www.bitcoinabuse.com): This Bitcoin service identifies incidents of malicious use of cryptocurrencies. Great for tracking the use of Bitcoin in email scams.

Google: This Google Search operator will find practically any type of file publicly linked, using the word Book as an example.

AIOSearch (http://www.aiosearch.com): This service searches the most popular file sharing hosts.

The following three background removal services will attempt to remove any undesired content from an image. This can lead to better results when conducting a reverse image search in attempts to identify a person or object.

Remove.bg (https://www.remove.bg/)
Clipping Magic (https://clippingmagic.com/)
Background Burner (https://burner.bonanza.com/)

Filed under OSINT | Comments Off on New Online Investigation (OSINT) Resources

The Privacy, Security, & OSINT Show – Episode 118

Posted on April 5th, 2019

EPISODE 118-How Neighborhood Watch Watches You

This week I call a company which provides neighborhoods with license plate readers, plus a new email breach notification API in the OSINT segment.

Support for this show comes directly from the IntelTechniques online OSINT & Privacy video training. We now have over 85 hours of content, with more added every month. Listeners of this show always receive a 25% discount at https://inteltechniques.com/25.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify

SHOW NOTES:

INTRO:

New (Cheaper) Silent Pocket Faraday Bags:
https://silent-pocket.com/discount/IntelTechniques

Webinar now offline

HOW NEIGHBORHOOD WATCH WATCHES YOU:

Discussion & Call

OSINT:

https://portal.spycloud.com/endpoint/enriched-stats/test@test.com

Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: http://amzn.to/2IAyNzm
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques

Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 118

The Privacy, Security, & OSINT Show – Episode 117

Posted on March 29th, 2019

EPISODE 117-This Week In Privacy

This week I discuss the latest privacy news and threats including the new Apple credit card, more spy cameras in hotels & Airbnbs, another family tracking DB leak, and how to make $122M sending out bogus invoices. Plus, an “Offense/Defense” style of the OSINT section returns with nextdoor.com. Finally, Listener questions tackle Walmart surveillance video and the removal of sponsors for the show.

Support for this show comes directly from the IntelTechniques online OSINT & Privacy video training. We now have over 85 hours of content, with more added every month. Today, I posted the video from yesterday’s webinar about email address investigations. Listeners of this show always receive a 25% discount at https://inteltechniques.com/25.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify

SHOW NOTES:

INTRO:

Ron Swanson
Webinar Catastrophe (part II)
https://inteltechniques.com/webinar.html

THIS WEEK IN PRIVACY:

https://gizmodo.com/the-apple-card-is-great-at-privacy-but-mediocre-overall-1833582689
https://www.theatlantic.com/technology/archive/2019/03/what-happens-when-you-find-cameras-your-airbnb/585007/
https://www.cnn.com/2019/03/20/asia/south-korea-hotel-spy-cam-intl/index.html
https://boingboing.net/2019/03/24/evaldas-rimasauskas.html
https://techcrunch.com/2019/03/23/family-tracking-location-leak/
https://amzn.to/2ASCmPs

OSINT:

https://nextdoor.com/

LISTENER QUESTIONS:

Q: The self checkout at Walmart displays video of customer. Is this recorded and kept?
Q: I don’t hear you recommending Privacy.com any more, should I read more into this? Should we be concerned?

Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

PIA (Affiliate):
https://privateinternetaccess.com/pages/buy-vpn/crimeinfo

Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 117

The Privacy, Security, & OSINT Show – Episode 116

Posted on March 22nd, 2019

EPISODE 116-OSINT Basics & Careers

This week long-time guests Justin Seitz and Jason join me to talk about Open Source Intelligence (OSINT) basics and careers. We start from the beginning and work our way through a potential career for you in the growing OSINT community.  Support for this podcast comes directly from my online training. Listeners always receive a 25% discount at https://inteltechniques.com/25

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify

SHOW NOTES:

INTRO:

Ron Swanson

OSINT BASICS & CAREERS:

Jason

Justin Seitz
https://hunch.ly

Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

PIA:
https://privateinternetaccess.com/pages/buy-vpn/crimeinfo

Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 116

The Privacy, Security, & OSINT Show – Episode 114

Posted on March 8th, 2019

EPISODE 114: Fallout from the Previous Show

This week I discuss the aftermath of last weeks show about the data which Apple stores about us, and present ten new sources for downloading your data from the biggest online companies. Whether you are a casual surfer, online investigator, or extreme privacy enthusiast, you should see what is being shared about you! I also bring back the Listener Questions segment, and this week is all about OSINT.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify

SHOW NOTES:

INTRO:

Free OSINT Webinar:
https://www.bigmarker.com/pipl-search/OSINT-MB?utm_bmcr_source=MBN

New HFTI Workbook:
https://inteltechniques.com/data/workbook.pdf

FALLOUT FROM THE PREVIOUS SHOW:

Amazon:
https://www.amazon.com/gp/help/customer/display.html?nodeId=201983330

Alexa Recordings –
https://www.amazon.com/gp/help/customer/display.html?nodeId=201602040

Apple:
https://privacy.apple.com/account

Facebook:
https://www.facebook.com/help/1701730696756992

Google:
https://myaccount.google.com/privacy#takeout

Instagram:
https://www.instagram.com/download/request/

LinkedIn:
https://www.linkedin.com/psettings/member-data

Reddit:
https://www.reddithelp.com/en/categories/using-reddit/your-reddit-account/accessing-your-reddit-data

Snapchat:
https://accounts.snapchat.com/accounts/downloadmydata

Tinder:
https://account.gotinder.com/data

Twitter:
https://help.twitter.com/en/managing-your-account/how-to-download-your-twitter-archive

LISTENER QUESTIONS:

Q: Since Backpage has shut down, our abilities to investigate sex trafficking are minimal. Where should we be looking?

Q: This week Facebook said it will shift data toward private and encrypted communications. What does this mean for me as an online investigator?

Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 114

New Domain Search Tools

Posted on March 4th, 2019

I have recently completely overhauled my Domain Name Search Tools at https://inteltechniques.com/tools. The new offering has sections split by category and many new query options including new archives and registration histories.

Filed under OSINT | Comments Off on New Domain Search Tools

Free Webinar on Email Investigation Techniques

Posted on March 4th, 2019

On March 28, 2019, I will be presenting a free webinar on email investigation techniques, hosted by Pipl.com. This live session will last about an hour, and we will have Q & A directly following. Our previous webinar had over 3,500 registered attendees, and this one is strictly limited to the first 2,000 people. Therefore, I highly encourage you to get in early, as it will not be recorded or published. I look forward to presenting several new ideas and hearing from the attendees. Use the following link to register:

https://www.bigmarker.com/pipl-search/OSINT-MB?utm_bmcr_source=MBN

Filed under OSINT | Comments Off on Free Webinar on Email Investigation Techniques

The Privacy, Security, & OSINT Show – Episode 112

Posted on February 22nd, 2019

EPISODE 112: Privacy Lessons from the Road

This week I discuss some lessons learned when attempting anonymous travel, the most recent privacy related news, Facebook’s search changes, and a site that generates photos of people who do not exist.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify

SHOW NOTES:

PRIVACY LESSONS FROM THE ROAD:

PRIVACY NEWS:

https://arstechnica.com/information-technology/2019/02/catastrophic-hack-on-email-provider-destroys-almost-two-decades-of-data/

https://www.businessinsider.com/nest-microphone-was-never-supposed-to-be-a-secret-2019-2?utm_source=reddit.com

https://www.techradar.com/news/major-security-issues-found-in-popular-password-managers

OSINT:

https://inteltechniques.com/menu.html
https://thispersondoesnotexist.com/

Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 112

New Email Search Tool for Offense & Defense

Posted on February 4th, 2019

I have always maintained an Email Search Tool as part of my set of online investigation tools at https://inteltechniques.com/menu.html. This month, a series of reports about a huge new set of data breaches emerged and created unnecessary panic. While there truly was a new public database released containing hundreds of millions of email addresses and passwords, the vast majority was old data which had surfaced several years prior. Regardless, it was a good reminder that we should be diligent about checking our own email accounts against the various online repositories that possess most of the public leaks/breaches/data dumps being abused by amateur criminals. Investigators should also take advantage of this information as part of every email investigation. Recently, I made several changes to the Email Search Tool as seen below.

In this example, I entered a test email address and chose the “Populate All” option. The following details explain the first six options, which are the most lucrative.

Breaches/Leaks: This tool queries the HIBP API and presents the results in the window to the right. In this example, you can see that the test email is present within numerous data breaches. The OFFENSE of this is to identify the various online accounts in use by your target. The DEFENSE is to identify your own accounts with exposed passwords and change them anywhere they have been used.

Pastes: This queries the HIBP Pastebin API and identifies email addresses that have appeared on pastebin.com, which is often used to store user credentials.

PSBDMP: This queries the PSBDMP collection of pastebin scrapes, which identifies email addresses that have appeared on pastebin.com, even if they have been removed or were never indexed by Google. The results display in the window to the right, and I have added the complete URL of each entry for further investigation. (Thanks to Justin Seitz for fixing my pathetic PHP attempt on this). This has been a huge help with my investigations. A sample entry with the dates of original capture is below.

Verifier: This opens a new tab and queries the address through the Trumail API. This identifies whether the email address is valid, has a full inbox, is a catch-all, is from a disposable email provider, and other interesting details.

Dehashed: This opens a new tab and queries the free version of dehashed.com, which displays any additional breaches that may not have been captured by the previous attempts. Paid memberships can see the password details.

IntelX: This premium option (with a free trial) also identifies pastebin posts that reference the email address. The free version will tell you that the data exists, the premium (or free trial) will display the content.

I encourage everyone to check their own email addresses on occasion. If you appear within any of these data sets, you know that an account has likely been compromised to some extent. Be sure to change those passwords to something secure, unique, and preferably randomly generated by a password manager (I use KeepassXC).

Filed under OSINT, Search | Comments Off on New Email Search Tool for Offense & Defense