New Generation OSINT Framework by@morpheuslord

New Generation OSINT Framework

image
Morpheuslord HackerNoon profile picture

Morpheuslord

I am a red team operator, and a security enthusiast I write blogs and articles related to cyber-sec topics.

Hello there, today I am going to discuss a new OSINT framework that aims at creating one location for all your OSINT needs its a really neat tool for many things from Username OSINT, Social Media OSINT, Email OSINT, Bug Bounty Dorks, IP/Domain Tools, Crime Investigations, Sock Puppet Category, Temp Email/Phone, News Infosec, Phishing URL Detection, Reverse Image Lookup, Image Forensics, and Location Logging Services.

OSINT stands for Open Source Intelligence and generally refers to information that you can learn about people and organisations that can be gathered through publically-avaliable tools.

Topics to discuss

  • Introduction
  • Username Osint.
  • Email Osint.
  • Bug Bounty Dorks.
  • IP/Domain Tools.
  • Crime Investigation.
  • Sock Puppet Categories.
  • Temp Email/Phone.
  • News Infosec.
  • Phishing URL Detection.
  • Reverse Image Lookup and Image forensics.
  • Location Logging Services.
  • ThreatCops Pro Version.
  • Future Plans.

Introduction

Threatcops.com - The threat tool is currently being used by various law enforcement agencies from different states that including Delhi Police, Gurugram Police, UP Police, Uttrakhand Police, Telangana Police, and Rajasthan Police, and more. (check Linkedin for reference).

The website aims to provide the best possible experience to its users by filtering and choosing the best resources which have been tested by many pros from the community and they also have exclusive services with their pro options.

As a hacker, it’s necessary to do some recon and gain more knowledge on what I am dealing with and OSINT is the skill you need. You can go no were in a pentest when you don’t know from where you can find the info if you don’t have complete info you cannot do any pentest to its fullest.

That is where this ThreatCops comes in handy as it has all the resources which are necessary to find the best intel to exploit.

Intro on the developer.

image

Saumay Srivastava, is a developer, a Cybersecurity Critical thinker, and an excellent communicator proficient in OSINT-based Research/Reconnaissance, Malware Analysis, and Web App enumeration.

I aspire to develop transformational cybersecurity tactics for a variety of organizations and societies and help like-minded people with my existing knowledge.

Achievements: Delivered Training sessions to MHA (Ministry of Home Affairs) Won Cyber Hackathon Organised by Uttrakhand Police sponsored by IBM, Systools, AWS User group India and Virtual Cyber labs competed with 326 Teams across India [Major all ITs, Tech Universities, and IBM], then Uttarakhand Police selected 50 projects/concepts. Afterwards, all participants completed their projects while continuously coding/programming for 36 hours.

Delivered a Webinar on "How to be Safe Online" at Delhi University Vivekananda. Reported Critical Violent Data from IAMC (Indian American Muslim Council) to Government of India.

Username OSINT

Let's consider a scenario where you have been appointed by a group of people to a company or in any legal way you have been assigned to monitor or gather intel regarding a person from the internet and for that the main things you need to search for the person’s username and there might be 100’s of people with the same username and all you need to have the proper portal from where you can search the person.

image

The above image will give a basic understanding of how it works.

This is useful for targeting a specific thing related to that person may be designing a spear-phishing attack designing custom passwords as per the data collected and many more.

The possibilities are endless and that’s where ThreatCops can be useful for username OSINT there are around 8 different links consisting of dorks, internal sub-links, and also external search engines, and yes all of them are tested and they work, and also give accurate results to a certain extent.

Email OSINT

In a scenario where you are testing an email of an employee or an admin email over on the internet can reveal some juicy information whether there is any kind of data leaks, malicious activities, or anything of that sort that can be checked not just email data related to what is going on with the website. ThreatCops have great links where you can also check whether the header of a suspicious email is a phishing email or not.

image

If you are familiar with protonmail or any email provider with security in mind you know they allow us to view headers of suspicious emails and using that you can easily check if that email is a phishing email or not.

In ThreatCops there are 5 links and 1 exclusive pro service where the 5 links have great resources which you will need and in most cases will be enough but in the 1 pro version there will be a dedicated investigation on the email and that will also come with a detailed analysis report.

Bug Bounty Dorks

If you have read any of my previous articles regarding website security I have mentioned quite a lot of times what a bug bounty is and how you can earn money via such programs. But, to find a promising bug there is always a need for lots of investigations if you want to find an open directory or a super-secret file inside the websit. For that matter you will have to use google dorks. They are the freest to use easy to understand and highly powerful tools that are present in almost all the devices in our reach.

image

ThreatCops have some of the best links and dorks in place these with proper filtering and good googling skills can easily fetch you one or 2 bugs and that’s good as nothing in the security industry is small even the smallest of smallest vulnerability has a lot of value.

In ThreatCops there are more than 30 different dorks and they are highly effective sort after and working bugs which I guarantee with some good searching can get you a pay-day.

IP/Domain tools

In an OSINT related to a web server or service even in a pentest scenario where you need instantaneous results, the best option is online sources as they have high-speed internet and other neat perks with them, therefore, making them effective in the enumeration in case you are doing a server enumeration or a website enumeration and want to look up the subdomains and the DNS information to find possible exploits for data leaks, etc.

image

ThreatCops has a few of the best links for you to try and test for your next web pentest. There are in total of 31 different web links which extend from SSL scans to port scans and also have much more functionality.

Crime Investigation

Knowing various crimes all across the world and being up to date is necessary it helps in knowing what’s on the minds of hackers mainly black hats what global things can get affected what are the latest crimes which can have a great impact on a commoners day to day life and what you as a hacker can learn from it and how you can educate people about it.

For example: On December 23, 2015, the power grid of Ukraine was hacked, which resulted in power outages for roughly 230,000 consumers in Ukraine for 1-6 hours. You see the problem is if there was a power outage for 1-6 hours that can cause people’s lives, think about it there is a hospital with 50 ICU patients or maybe more and the hospital has 5 hours of complete full power backup, a hacker group manage to disable power for about 8 hours then even reinforcements can not save the 50 plus lives in that hospitals not just that this can be in any field let it be banking, stock market, etc. that is a major issue.

image

Staying aware of what’s going on in the outside world helps you be ahead in your game.

ThreatCops have I guess 6 links some being external redirects and some internal all have their perks, and to a greater extent accurate they scrape the intel from many sources and give out a condensed view and links to the complete articles.

Sock puppet categories

Sock puppets are nothing but fake social media accounts crafted in detail to search for OSINT without giving out real identities. Sock Puppets are essentially aliases, fictional character profiles created by others with a specific goal in mind, and as part of OSINT social engineering.

image

These types of accounts can be used by anyone, such as investigators, detectives, hackers, police, and journalists, who can be anyone who wants to impersonate someone else. Now that you think yes, it's an easy job because you just need to create a dummy account.

It's not as simple as you might think, to be a successful sock puppet it needs to be believable and consistent with the behavior of real people online. The puppets have real names, real phone numbers, addresses, photos, credit card numbers, various social media accounts, friends, and more. Let's see what the puppets are for.

ThreatCops has great links to sites for fake ID images and more for in-depth investigative uses.

Temp email/phone

As the name suggests this helps to create a temporary email or phone number for authentications and also for short testings. Where I would never prefer using my actual email and all for obvious reasons this is kinda useful for more than one thing such as Opsec, Bug Bounty, etc.

image

ThreatCops do have some really interesting links for us to use, that’s it I know not much to explain it’s way simpler to use than explain.

In ThreatCops there are 5 different services linked with maximum integrity. They have been pretested and I can assure you that this will be useful for you to use.

News Infosec

As I said above being aware of the latest happenings is important and that’s general but knowing in the field where you are working in, yes exclusive cybersecurity-related information, such as the latest CVE’s huge data breaches, scam busting, and many more.

image

I find this information useful in a pentest scenario if you find a similar kinda service or issue facing then you can get to know where to refer and what to do to exploit that particular vulnerability.

That would be more helpful than finding the same vuln from scratch which might take hours. This is just one use case there are many and might take a whole lot of time to list out.

ThreatCops has four news service links that act as complete hacker newspapers as they have the day-to-day updates on the cyberworld.

Phishing URL Detection

If you check the spam section of your email there might be at least 1 phishing email attached to it the more your email is exposed on the internet the more you have chances of receiving a phishing email.

I receive a lot of such emails reaching from job offers to things that I use on a day-to-day base.

image

These emails sometimes can get annoying and get on my nerves and sometimes they tend to be as close to being legit but you may never know.

I check things related to the email body like finding silly spelling mistakes or mistakes with the contents in some manner to get a better understanding.

If in case that is a company email of some sort I check the headers of the email to contain all sorts of information that can help determine the legitimacy of the email the services are all over the internet but you need to search for the write one.

If that was a personal email I search the email sender’s information means I will try to OSINT the person behind the email and if found legit I might think about going forward with the conversations or else report phishing and drink coffee and forget it.

These emails mostly contain links. These links might be of services that are made to execute backdoors via our browsers mainly projects such as BeeF projects.

ThreatCops has some great links to lookup such might be fraud email links we don’t know who is behind what spam links there are 4 links mentioned and they also can be used in conjunction with email investigation.

Reverse Image Lookups and Image Forensics

If you are into forensics you might be familiar with reverse engineering and retrieving metadata from images and they tend to be easy to give out all the information such as latitude and longitude where the image might be taken from the camera and much more information.

image

If you know the incident where John Macfee was arrested then you might get a good idea.

The scene is that John Macfee's image was found on social media when he was fleeing and when the officials checked the metadata of the image they found out the exact coordinates to the residence he was staying in that they found his exact location and arrested him.

A classic example of what kinda power metadata and image forensics have and ThreatCops have some of the best online links out there they have about 14 links that have the most accurate results out there.

Location Logging Services

Location Logging as the name suggests determines a person mainly targets locations via links and other means and uses it mainly for legal purposes and not for other unwanted things.

image

There are times when you might have to determine the location of your target via means such as web links or emails these kinda OSINT involves both Social Engineering and OSINT together as if you want to make your target click on the link you need to convince him to click the link and that’s left up to how you carry on the investigation.

Let’s take a real-life scenario to better understand the use case of this utility. Let’s assume you have been appointed by a gov agency, I am mentioning government because in many nations doing this is illegal keeping that in mind you might have got a target to enumerate but have no clue on his locations or anything in that matter, all you have is either his phone number or his email the first logical thing is to create a convincing email or phone number.

Mainly a temp and anonymous one is used for better Opsec, and then do a social engineering attack on your target with a real-life website for him to view but in a shortened or location logger link in place then send the message, email, or do a call if all goes well then you have the location of your target and you can report that to the respective authority.

ThreatCops has 7 different links for Location Logging services and they are accurate for the most part with the city and country location but miss slightly with the exacts but the rest information is accurate for the most part.

ThreatCops Pro Version.

If you want a professional to do the job for the maximum efficiency and proper format in case you don’t have proper knowhow or you cannot directly get involved then ThreatCops has their pro version where you need to enter a few details and you are good to go the payments are feasible and the services are accurate and timely.

image

The pro service includes:

  • Email Investigation
  • Linkedin Investigation
  • People Investigation
  • Employee Investigation
  • Business Competitors Investigation

The investigations are conducted by government authorized personnel and there will be a report with all the findings after the complete investigation has been completed these investigations are kinda complicated and companies usually hire such personnel for such complex jobs.

Future Plans

ThreatCops have been taking OSINT to a new extent by introducing Dark Web Investigation they are planning on introducing a dark web investigation suit and they are yet to be released but it will be done soon.

image

COMING SOON.

Links to the website


Contact me

Thanks for reading my article and anything else you want to discuss or any topic which you feel that I can write an article about please add a comment below, thanks to HackerNoon’s new feature giving your opinion and suggestions have become more easy, and if you want to contact me personally you can do that via LinkedIn or email I don’t use my Instagram and Twitter handles that often and thank you.

Do check out my about me page to get links to my website and social media platforms with a few details regarding me and my works.

Morpheuslord HackerNoon profile picture
by Morpheuslord @morpheuslord.I am a red team operator, and a security enthusiast I write blogs and articles related to cyber-sec topics.
Read My Stories

Comments

Signup or Login to Join the Discussion

Tags

Related Stories