The Privacy, Security, & OSINT Show – Episode 147
Posted on December 4th, 2019
EPISODE 147-Show Corrections, Updates, & Maintenance
This week I provide a brief update from the road and several corrections from the last show.
Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.
Listen to THIS episode at https://soundcloud.com/user-98066669/147-show-corrections-updates-maintenance
Listen to ALL episodes at https://inteltechniques.com/podcast.html
or Subscribe at:
RSS / iTunes / Stitcher / Spotify
SHOW NOTES:
INTRO:
Resort Privacy
CORRECTIONS, UPDATES, & MAINTENANCE:
Tutanota Correction
VPN Correction
EM Client Reversal
iPhone SE’s
Show Affiliates
UPCOMING SHOWS:
Mic/Cam Blocking
College Privacy
Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf
Affiliate Links:
PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Fastmail: https://ref.fm/u14547153
Privacy.com: https://privacy.com/join/ADK9W
Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 147
The Privacy, Security, & OSINT Show – Episode 146
Posted on November 29th, 2019
EPISODE 146-Who Has Your Emails?
This week, I revisit VPN concerns, discuss the importance of offline email storage, and test various online text verification services.
Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.
Listen to all episodes at https://inteltechniques.com/podcast.html
or Subscribe at:
RSS / iTunes / Stitcher / Spotify
SHOW NOTES:
INTRO:
Tim Conway Jr.
NEWS:
PIA Update
Financial Software Update
WHO HAS YOUR EMAILS?:
Thunderbird
EM Client
MailMate
(SHOW CORRECTION: I misspoke on the show Friday, stating that Tutanota did not have a functioning iOS app. I accidentally confused it with another product I am testing. My apologies.)
OSINT:
TextVerified.com
Crypton.sh
Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf
Affiliate Links:
PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Fastmail: https://ref.fm/u14547153
Privacy.com: https://privacy.com/join/ADK9W
Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 146
The Privacy, Security, & OSINT Show – Episode 145
Posted on November 22nd, 2019
EPISODE 145-Account Security Audits
This week I complain about international travel privacy invasions, weigh in on the online concerns brewing about Wire, Tutanota & PIA, explain the importance of annual account security audits, and discuss some OSINT and Privacy implications from the IronMarch leak. It’s a full show.
Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.
Listen to all episodes at https://inteltechniques.com/podcast.html
or Subscribe at:
RSS / iTunes / Stitcher / Spotify
SHOW NOTES:
INTRO:
International Travel Woes
NEWS:
Wire moving to US:
https://techcrunch.com/2019/11/13/messaging-app-wire-confirms-8-2m-raise-responds-to-privacy-concerns-after-moving-holding-company-to-the-us/
Tutanota Germany Issues:
https://www.sueddeutsche.de/digital/tutanota-verschluesselung-e-mail-ueberwachung-polizei-1.4676988
PIA Purchase:
https://www.techradar.com/news/cyberghost-owner-buys-pia-for-dollar955m-to-create-vpn-giant
ACCOUNT SECURITY AUDITS:
Discussion
OSINT:
https://inteltechniques.com/blog/2019/11/18/privacy-and-osint-lessons-from-the-ironmarch-leak/
Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf
Affiliate Links:
PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 145
Privacy and OSINT lessons from the IronMarch Leak
Posted on November 18th, 2019
Last week, an unknown “hacker” released a copy of a user database from the IronMarch forum, which was an online neo-nazi meeting place until it was shut down. An archive of the public site can be found at https://web.archive.org/web/20170509142136/http://ironmarch.org/. The dumped data includes a full copy of all content, including details such as emails, IP addresses, usernames, and private messages. I decided to dig into it a bit and see what could be gleaned. The original leak has been removed from Pastebin, but several clones appear daily. The following is a redacted version of a few entries.
Four Suited Jack:o244REDACTED@rtrtr.com:e0e501f3e4e49d6c67378d9d06763298:?ET\”e
Jamie M:jamREDACTED@live.co.uk:8ecdc4d6401055df380ab007c0c31b5b:t32hj
Ritz:ritzjREDACTED@gmail.com:159e7b09066e91fcb15008943d114b6e:vy:I0
This represents the username:email:encrypted password of each user on the forum. My first task was to parse out all of the email addresses. I saved the original leak file as Ironmarch.full.txt and executed the following command in Linux.
grep -E -o “\b[a-zA-Z0-9.-]+@[a-zA-Z0-9.-]+\.[a-zA-Z0-9.-]+\b” < Ironmarch.full.txt > Ironmarch.emails.txt
This presented a clean file containing only the email addresses of every user. I then connected to a covert Gmail account, accessed the Contacts, and exported the only contact in this account to a CSV file. This provided the template desired by Google for import. I copied and pasted the entire list of email addresses within this template and gave each of them a unique last name of 1,2,3,etc. This presented a CSV file ready for import. The following is a partial view.
I imported this CSV into my Google Contacts which now tells Google these are my “Friends”. I then launched a new Android virtual machine through Genymotion and connected to the covert Google account. This virtual mobile device now associates all of these email addresses with my own address book. I connected to the Facebook app, asked it to “Find Friends, and was immediately presented with numerous Facebook accounts which were associated with the email addresses of the Ironmarch members. Below is an example.
I then repeated this process with Twitter:
and Instagram:
OSINT Lessons Learned:
Breaches and leaks of online forums are very common. Lists of email addresses may identify interesting information about the types of members. However, identifying social network accounts of members of hate groups can be much more revealing. I quickly located numerous personal accounts registered in real names, all from the connection to an email address.
PRIVACY Lessons Learned:
I also identified many accounts which were likely used during covert investigations. When I submitted the email addresses as contacts through a foreign dating network, I observed an account connected to a police cyber-crimes investigator. This is probably due to him using a real address when registering for an account on the forum. This is sloppy, but I have been guilty of this myself many years ago. If you are tasked with investigating online hate groups, or anything else really, be sure to always use a unique email address and password, which will never be used anywhere else. Social networks and other online communities make it very easy to connect accounts with real people.
Filed under OSINT | Comments Off on Privacy and OSINT lessons from the IronMarch Leak
The Privacy, Security, & OSINT Show – Episode 142
Posted on November 1st, 2019
EPISODE 142-OSINT Extravaganza and Book Release!
This week I announce my new book and dedicate an entire show to some of the latest Open Source Intelligence (OSINT) techniques.
Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.
Listen to all episodes at https://inteltechniques.com/podcast.html
or Subscribe at:
RSS / iTunes / Stitcher / Spotify
SHOW NOTES:
BOOK:
Open Source Intelligence Techniques, 7th Edition
https://inteltechniques.com/book1.html
OSINT:
Tik Tok
https://inteltechniques.com/blog/2019/10/27/investigating-tiktok-accounts/
Twilio Caller ID
https://www.twilio.com/try-twilio
Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf
Affiliate Links:
PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Filed under OSINT, Podcast | Comments Off on The Privacy, Security, & OSINT Show – Episode 142
Investigating TikTok Accounts
Posted on October 27th, 2019
I have had several members of my online video training ask me about TikTok lately. It is extremely popular with younger users, and investigators should take note. The following is a partial excerpt from the book Open Source Intelligence Techniques, 7th Edition.
TikTok (tiktok.com)
TikTok is a social media video application originally created for creating and sharing short lip-sync, comedy, and talent videos. Today, it is very similar to Vine, which was shut down in 2016. TikTok allows users to create standard videos of 3 to 15 seconds in length and looping videos of 3 to 60 seconds in length. It is popular globally and was the most downloaded app in the U.S. during various months in 2018. It should not be ignored when investigating younger targets. The data is public, and we need to focus on search, usernames, comments, and acquisition of videos.
TikTok Search: TikTok does not offer any native search options within its pages or profiles. However, third-party resources provide a hashtag search option. I have found TikTokDom (tiktokdom.com) helpful, but prefer TikTokAPI (tiktokapi.ga). Within this page, click on “Hashtag Search” and provide any complete or partial search terms. Searching “osint” provides results of “inosint”, “osintamu”, and any other hashtags containing the term. If you know your exact hashtag of interest, you can navigate to a direct URL as follows, replacing “test” with your target information.
https://www.tiktok.com/tag/test
TikTok Usernames: TikTokAPI also possesses a username search option which behaves exactly as the hash tag feature. If you know your target’s username, you can navigate directly to the profile with the following URL. Replace “test” with your target’s username.
https://www.tiktok.com/@test
TikTok Comments: Similar to Instagram, users leave comments on the TikTok posts of others. These can be publicly viewed next to the video, but the content is not located within the source code of the profile. You could select all of the text, copy it, and then paste into a report. However, I prefer to use Export Comments (exportcomments.com). Paste your target TikTok video URL into the search field and allow the process to complete. Below is an actual excerpt, which includes the exact usernames, date, time, likes, and comments from the target post.
Name Date Likes Comments
daddy.devito 08/10/19 19:51:24 1 lmao sorry for this
alicetsybulski 08/10/19 21:20:31 1 😂 I hate you Trisha!
barbaquesauce 08/10/19 21:25:24 3 😂😂 He’s so weird looking
TikTok Videos: When identifying a video of interest on TikTok, the original video file should be downloaded and archived. The video page does not offer a download feature, and right-clicking does not present any helpful options. Instead, we must either dig into the source code of rely on third-party websites. First, let’s focus on the manual method. Right-click any video page and select the “View Source” option. When the source code is displayed, search for “muscdn” and locate a URL which includes “video” within the path. An actual example follows.
https://v16.muscdn.com/75872b2c9c565afcfce83a9d9779815e/5da50dc4/video/tos/maliva/tos-maliva-v-0068/bf6d76a268fd437b912512d5cdaf41a9/
Copy and paste this URL into a new browser tab to view the full size video, usually in 720p resolution. You can now right-click on this video to save it as a standard mp4 video file. Alternatively, you can replicate this process using the services TikTokDownload (tiktokvideodownload.com) or ExtertsPHP (expertsphp.com/tiktok-video-downloader.html). The ExprtsPHP service also supports numerous additional video hosting websites.
Filed under OSINT | Comments Off on Investigating TikTok Accounts
Open Source Intelligence Techniques, 7th edition
Posted on October 26th, 2019
My latest book about online investigation techniques has finally been published. Below is the description.
It is time to look at OSINT in a different way. For many years, and within the previous six editions of this book, we have relied on external resources to supply our search tools, virtual environments, and investigation techniques. We have seen this protocol fail us when services shut down, websites disappear, and custom resources are dismantled due to outside pressures. This book aims to correct our dilemma. We will take control of our investigative resources and become self-reliant. There will be no more need for online search tools; we will make and host our own locally. We will no longer seek pre-built virtual machines; we will create and configure our own. This book puts the power back in your hands. The new OSINT professional must be self-sustaining and possess their own tools and resources. You will become a more proficient subject matter expert who will be armed with the knowledge and readiness to articulate the sources of your findings. Aside from eleven brand new chapters, hundreds of pages have been updated to keep your OSINT investigative methods fresh. Furthermore, an entire new section featuring Methodology, Workflow, Documentation, and Ethics provides a clear game plan for your next active investigation. All-new custom search tools, report templates, and detailed documents are included via download. Today, we start over.
The full chapter outline and purchase links can be found at: https://inteltechniques.com/book1.html
If you have the 6th edition of this book, you may want to know what has changed in this 7th edition. Overall, 1/2 of the book is brand new content, 1/4 is updated material, and 1/4 is recycled relevant instruction. The 7th edition is over 550 pages, but the retail price of the book remained unchanged. All expired and outdated resources were replaced with new methods throughout every chapter, and the OSINT flow charts were re-built to reflect all changes. All purchases include free download of a custom search tool which can be modified as needed and executed locally from your computers, custom Linux scripts to build your own virtual machines, and detailed cheat-sheets to simplify each process.
Thank you so much for all of the support. I am honored to still be in this game.
Filed under OSINT | Comments Off on Open Source Intelligence Techniques, 7th edition
The Privacy, Security, & OSINT Show – Episode 141
Posted on October 25th, 2019
EPISODE 141-Jack Rhysider from Darknet Diaries
This week Jack Rhysider joins me to talk about his experiences creating his podcast Darknet Diaries, and I present some recent experiences and solutions after getting locked out of online accounts used for OSINT investigations.
Support for this show comes directly from my new book Extreme Privacy. More details can be found at https://inteltechniques.com/books.html.
Listen to all episodes at https://inteltechniques.com/podcast.html
or Subscribe at:
RSS / iTunes / Stitcher / Spotify
SHOW NOTES:
INTRO:
Tim Conway Jr.
https://fortune.com/2019/10/21/nordvpn-server-security-breach-hacked/
JACK RHYSIDER FROM DARKNET DIARIES:
Jack Rhysider – Darknet Diaries
https://darknetdiaries.com/
https://twitter.com/JackRhysider
A podcast about hackers, breaches, APTs, hacktivism, cybercrime, and all the things that dwell on the hidden parts of the network.
OSINT:
https://discordapp.com/privacy
https://amzn.to/2MRbGTI
Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf
Affiliate Links:
PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 141
The Privacy, Security, & OSINT Show – Episode 140
Posted on October 18th, 2019
EPISODE 140-Pretend with Javier Leiva
This week, Javier Leiva joins me to discuss his amazing podcast about people pretending to be someone else: ‘Pretend’.
Support for this show comes directly from my new book Extreme Privacy. More details can be found at https://inteltechniques.com/books.html.
Listen to all episodes at https://inteltechniques.com/podcast.html
or Subscribe at:
RSS / iTunes / Stitcher / Spotify
SHOW NOTES:
INTRO:
https://www.onxmaps.com/
Catalina Issues
iOS Issues
Data Shaming: https://www.locatefamily.com/removal-errors.html
PRETEND WITH JAVIER LEIVA:
Javier Leiva (@PretendPod)
Pretend (http://pretendradio.org)
Stories about people pretending to be someone else
Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf
Affiliate Links:
PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 140
The Privacy, Security, & OSINT Show – Episode 139
Posted on October 12th, 2019
EPISODE 139-Birth Tourism & Whois Archives
This week, I talk about a recent experience with birth tourism and explain a free alternative for domain registration historical data.
Support for this show comes directly from my new book Extreme Privacy. More details can be found at https://inteltechniques.com/books.html.
Listen to all episodes at https://inteltechniques.com/podcast.html
or Subscribe at:
RSS / iTunes / Stitcher / Spotify
SHOW NOTES:
INTRO:
https://anoni.sh/
https://www3.nhk.or.jp/nhkworld/en/news/20191008_36/
PRIVACY: BIRTH TOURISM:
https://en.wikipedia.org/wiki/Birth_tourism
https://en.wikipedia.org/wiki/Jus_soli
OSINT: WHOIS ARCHIVES:
https://web.archive.org/web/http://www.who.is/whois/cnn.com/
https://web.archive.org/web/https://whois.domaintools.com/cnn.com
https://web.archive.org/web/https://www.whoxy.com/cnn.com
https://web.archive.org/web/https://domainbigdata.com/cnn.com
https://web.archive.org/web/https://whoisology.com/cnn.com
Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf
Affiliate Links:
PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 139