Breaking: Pentagon insists it only uses verified Twitter accounts for airstrike tips

Want wonderful teeth like former FTX executive (sentenced to 7.5 years) Ryan Salame? Extensive OSINT reveals Dentist he went to in Hong Kong 4 years ago 😱

The Fanta Bomb & Improvised Munitions in Ukraine

Improvised munitions including grenades have appeared in Ukraine over the past 12 months. They are often based on drinks cans or bottles and are filled with readily available explosive materials and in some cases fragmentation material for an increased anti-personnel effect. In this video, we look at various types of improvised munition which have been observed in the field.

Check out the video below:

Check out the full accompanying article here.

hi tuglr i wrote about how i solved an OSINT challenge posted by @rhinozzryan !! it was my first time doing any genealogy work, but i had tons of fun with this one c:

y'all should give it a try if u have some spare time and want to learn a bunch about people who died a few centuries ago, its actually enjoyable :3 https://versary.town/blog/breakdown-of-a-geolocation-genealogy-challenge/

If I’m being honest, the most useful skill for hacking is learning to do research. And since Google’s search is going to shit, allow me to detail some of the methods I use to do OSINT and general research.

Google dorking is the use of advanced syntax to make incredibly fine-grained searches, potentially exposing information that wasn’t supposed to be on the internet:

Some of my go-to filters are as follows:

“Query” searches for documents that have at least one field containing the exact string.

site: allows for a specific site to be searched. See also inurl and intitle.

type: specifies the tor of resource to look for. Common examples are log files, PDFs, and the sitemap.xml file.

Metasearch engines (such as SearxNG) permit you to access results from several web-crawlers at once, including some for specialized databases. There are several public instances available, as well as some that work over tor, but you can also self-host your own.

IVRE is a self-hosted tool that allows you to create a database of host scans (when I say self-hosted, I mean that you can run this in a docker container on your laptop). This can be useful for finding things that search engines don’t show you, like how two servers are related, where a website lives, etc. I’ve used this tool before, in my investigation into the Canary Mission and its backers.

Spiderfoot is like IVRE, but for social networks. It is also a self-hosted database. I have also used this in the Canary Mission investigation.

Some miscellaneous websites/web tools I use:

SecurityTrails: look up DNS history for a domain

BugMeNot: shared logins for when creating an account is not in your best interest.

Shodan/Censys: you have to make an account for these, so I don’t usually recommend them.

OSINT framework: another useful index of tools for information gathering.

Mapping control in Syria at this exact moment of disarray is unrealistic, and any attempts are likely misleading. But here's our new map showing the last day of resistance before Assad's govt collapsed.

Concise summary of events and detailed timeline included.

2024 Supported Org: Bellingcat

Over the past two decades, the American public's faith in mainstream news organizations has dropped precipitously -- in a Gallup survey last year, more than half of respondents indicated that they believe news organizations actively mislead the public. The major organs of mainstream media have made many choices that have cost them the public's trust, often relying on the "both sides" model of reporting at the expense of a full and truthful picture and treating politics as a horse race.

But these organizations are also under significant pressure as they struggle to adapt to the radical technological shifts in our media environment. These shifts have cut into traditional revenue streams, driving news organizations toward the sort of reporting that will generate revenue. They have also created both the possibility of and the need for new approaches to reporting, and many legacy news outlets have struggled to adapt.

Bellingcat is an independent investigative collective of researchers, investigators and citizen journalists that uses cutting-edge technology to engage in fact-checking and open-source intelligence investigation outside the apparatus of major journalistic publications. In addition to doing their own reporting, Bellingcat designs and shares verifiable methods of ethical digital investigation. By publishing walkthroughs to open source research methods and holding tailored training sessions on their use for journalists, human rights activists, and members of the public, they’re broadening the scope and application of open source research. Their research is regularly referenced by international media and has been cited by several courts and investigative missions.

Operating in a unique field where advanced technology, forensic research, journalism, transparency and accountability come together, Bellingcat believes in the need for collaboration and has partnered with news organisations across the globe. Likewise, Bellingcat’s Global Authentication Project (GAP) seeks to harness the power of the open source community by nurturing and encouraging a network of volunteer investigators. Their Justice & Accountability unit, meanwhile, seeks to demonstrate the viability of online open source information in judicial processes.

You can support Bellingcat as a creator in the 2024 FTH auction (or as a bidder, when the time comes to donate for the auctions you’ve won.)

Spacex.... BIG GOALS!!!

🚀 🔥🍌

Mastering OSINT: The Power of Open-Source Intelligence

Open-Source Intelligence (OSINT) is the art of gathering publicly available information from various online sources. Whether for cybersecurity, investigations, or research, OSINT provides valuable insights. In this blog, we’ll explore key OSINT techniques, tools, and best practices. 1. Sock Puppets: Creating an Anonymous Identity A sock puppet is a fake online identity used to gather…

NS OSINT challenge

Kan jij erachter komen waar deze foto genomen is?

Handig met computers en wil jij graag helpen om miljoenen reizigers te vervoeren? Kijk op werkenbijns.nl

Take this as a reminder to update your passwords, and if you use basically the same password for everything get in *the jar*

Turkish Heavy Machine Guns in Ukraine

Turkey has provided a huge range of military equipment to Ukraine, in this video we'll look at Turkish-made M2 heavy machine guns and an unusual rotary grenade launcher in service with the Ukrainian Armed Forces.

Check out the accompanying article here.

Hawker: An OSINT Tool for Investigating Emails, Phone Numbers, URLs, and IP Addresses in Python

In light of the escalation of state violence at several protests, I have elected to release my findings on the Canary Mission here.

The canary mission is a shady group of Zionists that doxx activists and students that express support for Palestine in an attempt to silence, intimidate, and defame them.

Some time ago, I was able to link the organization to one Howard David Sterling, an American lawyer who invests in Israeli medical firms. I wrote the report on my site here.

More recently, I found the account that runs their tip submission form. The username was included in the resource URL of the banner image of the form, which is hosted on a service called jotforms, under the username “carlossantanajm”

A google dork turned up two potential candidates: a man from eastern Canada, and a the rock musician Carlos Santana, who played a concert in Israel around 2010 despite backlash. Investigation is underway to conclusively prove the involvement of either of these individuals, but data is scarce.

Also of note was an investigation by Josh Nathan-Kazis into Megamot Shalom: an elusive organization that acts as a front for the Canary Mission. In the report, data from the Israeli charity register is cited but not provided to prove connections between Megamot Shalom and Aish HaTorah, an organization that focuses on pro-Israel media advocacy.

Funding for Megamot Shalom is contributed by wealthy zionists in the US, through the Central Fund for Israel, which routes the money to the Israeli organization so that the donors can claim it on their tax breaks. The connection between the Central Fund for Israel and Megamot Shalom was confirmed by the 2017 Tax returns of the Hellen Diller Family Foundation, who donated to CFI and labeled the reason as “CANARY MISSION FOR MEGAMOT SHALOM”

Two anonymous sources claim that a man named Jonathan Bash (who has ties to Aish HaTorah) confided in them that he ran the Canary Mission. From this info, six other Megamot Shalom board members were able to be named.

Efforts are Still underway to obtain the charity data cited in the report.

More to come soon, for updates follow the #opmonoxide tag.

I love MHA fanfic where Izuku is slightly more competent than cannon and basically becomes an OSINT analyst at the youthful age of 14, never getting mcguffin super powers.

Manually Decoding DTMF Through A Spectrogram

While working on a recent CTF, I came across a challenge that required participants to extract a credit card number from a recording of a touch-tone telephone. If you pull your phone out now, turn on your ringer (because it’s almost definitely off), and click on some random numbers on the phone app keypad, you’ll hear the product of what’s known as DTMF, which stands for dual-tone multi-frequency.

I won’t go into the specifics of DTMF and why it exists — the important thing to know is DTMF uses a combination of two distinct tones to create one sound. There is a low tone and a high tone. Today, I’ll be showing you how to decode DTMF by sight through a spectrogram. There are decoders available for free online, so if you come across a problem like this in a CTF, or otherwise, I highly recommend using one of those, purely for speed and convenience. All that being said, this is an interesting process, and just generally a cool thing to know about. It’s the equivalent of converting binary to hexadecimal by hand instead of using an online converter — basically useless — but a great party trick (in the event of attending one, which I highly doubt given you’re reading this — so yeah, basically useless… on that note (or should I say tone (my musically inclined friend has informed me that I should not)), on with the article!)

Note — Standard DTMF — two tones, four levels per tone.

As of iOS 15.7, this tutorial is still relevant. I am looking for more samples (other phone brands and software models) to determine how accurate this is cross-platform. If you’re interested in contributing, there will be some information at the end explaining how.

I’ll be using this audio file - https://voca.ro/1dr1J1gbyw5B

(This is from the CyberSoc Wales “personalbanker” challenge)

The first thing I did was put the recording through a spectrogram program. There are plenty available for free online; personally, I like using Academo, because it includes lines that will help with quick sight-reading later on. (https://academo.org/articles/spectrogram/).

You may be better off downloading software (Audacity is fantastic), should you require a spectrogram for a longer recording. Academo is not scalable beyond 10 seconds, so you can use it, but you’re going to be taking quite a few screenshots.

The first thing I did was drop the recording from the challenge into Academo.

A spectrogram is a visual representation of the frequency content of an audio signal as it changes over time. In the image above, I’ve isolated the beeps produced by the clicking of the phone keypad. This section of the recording is longer than 10 seconds, so I also spliced together two screenshots. Any discrepancies you may notice in the image above are a product of that.

Each vertical line of dots represents one beep, and thus, one number. You’ll notice that there are two horizontal rows per beep, this is the magic of DTMF. There are 8 total frequencies involved in the DTMF system. The original DTMF keypad was laid out in a 4x4 format (below). The letter keys (A, B, C, and D) are no longer used for personal telecommunication. For digital decoding purposes, you will almost certainly not come across the letter keys, although they are still used by amateur radio operators, payphones, and the occasional equipment control system.

I was starting from scratch, with no knowledge of how a spectrogram worked with DTMF, so the first thing I did was create two recordings of myself clicking each number in my phone app (I am using iOS 15.7 on my iPhone XR).

What you’ll begin to notice is that each number has its own combination of low and high tones. If you want to try to figure out the system on your own, now is the time.

Each variation in height represents a tone at a specific Hz. In order to decode this manually, you do not need to know the specific Hz of each number, you just need to understand the relational position of each tone, informed by its Hz.

I ended up throwing the original audio into Audacity so that I could create my own lines on the spectrogram for demonstration purposes.

First, I’m going to turn down the contrast to make it a little easier to see.

Now, I’m going to add some lines to match up the similar tones.

At this point, we have 6 layers of lines, there are no 0s present in this recording, if there were, we would have another line just above the bottom three. The use of the original DTMF structure with the ABCD keys would give us another line above the top three.

The simplest way to proceed is to categorize each set into Low, Medium, and High. You could choose any system — 1, 2, 3; a, b, c; whatever works for you. I recommend the LMH system because it’s visual and easy to keep track of.

I filled out the table below to show each numerical combination.

Two letters per number, each representing Low, Medium, or High (ultra High in the case of 0).

The first letter represents the top layer, and the second letter represents the bottom.

The corresponding Hz are listed in the third row for your reference.

I’ll walk you through the decoding process for the first two and then you can try the third.

We’re going to look at the first column of tones (boxed in yellow).

This represents one number.

The first tone is crossed by the lowest of the top lines, it is marked L.

The second tone is crossed by the medium bottom line, it is marked M.

Together, they are LM — which, upon referencing the chart, is 4.

The second one is MM, which is 5.

Now try the third. (full answer at the end, scroll up now if you’d like to try it on your own — try it with lines or without!)

Once you get a feel for this, the process becomes much faster. The lines are purely for demonstrative purposes, with a little practice you’ll be able to quickly do this without lines.

And that’s how to decode DTMF manually through a spectrogram! Is it useless? Yes! Is it fun? That’s debatable!

If you’d like to help me compare cross-platform DTMF signaling, take a screen recording that captures you pressing 1234567890 on your phone keypad. Send the file to me through one of the methods outlined below. Please include your phone model and its latest software.

Discord — Adler#7210

Email me — [email protected]

If you’re seeing this on Tumblr, send me a DM!

Medium link - https://medium.com/@adler7210/manually-decoding-dtmf-through-spectrogram-562e4b0b99c3

The final answer to the CTF challenge — 4562 6598 4585 2366

Anyway, thanks for reading, enjoy decoding!