Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Share

P19 open source investigations-deciphering criminals digital footprint_matas_phillips_6.13.19

Download to read offline

Open Source Investigations_Deciphering Criminal's Digital Footprint

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

P19 open source investigations-deciphering criminals digital footprint_matas_phillips_6.13.19

  1. 1. Introduction to Open Source Intelligence for ORC OSINT JOHN MATAS Sr. Director AP/Investigations Macy’s Inc. BRIAN PHILLIPS Sr. Director IT/Info Security Macy’s Inc.
  2. 2. 2 OSINT AGENDA • Getting Started (Basic & Advanced) • Creating a Sock Puppet/OPSEC • Different OSINT Searches • OSINT Basic Sites • Q&A
  3. 3. 3 • ‘Sock Puppet’ (SP) is a fake persona used for investigative purposes. • SP protects the identity of the investigator and allows for greater access to ORC groups identified on social media. • Example: You want to create a sock puppet named “Jeremy Studebaker”. • ‘Jeremy Studebaker’ doesn’t exist, so you have to create an entire online identity around ‘Jeremy’ in order for the persona to look authentic. CREATING A SOCK PUPPET
  4. 4. 4 CREATING A SOCK PUPPET • A dedicated computer that is only used for investigations • Email • A burner phone number • A social media profile where your target is most active (Facebook, Twitter, Instagram, WhatsApp, x,x,x,)
  5. 5. OSINT FOR ORC SITE LINKS: Dropbox: https://www.dropbox.com/s/a1b2c3d4 ef5gh6/example.docx?dl=1
  6. 6. GENERAL OSINT SEARCH • Many investigators begin with a general search using a variety of search engines. • Google is always a great place to start, but you’ll be surprised by the different results you get when you use different open source intelligence tools.
  7. 7. GENERAL OSINT SEARCH Ask Bing Cluuz Dogpile DuckDuckGo Exalead Google Gigablast Mozbot SEE DROPBOX LINK FOR LINKS TO ALL OSINT SITES
  8. 8. SEARCHING PEOPLE • When using OSINT to search for a person, consider every possible variation of the person’s name. Include shortened versions of the person’s name, nicknames, usernames or any version of their name you think they might use. • You can also search someone by their telephone number, email address, physical address, an image or through articles that mention them.
  9. 9. SEARCHING PEOPLE SITES Ancestry AnyWho Black Book Online (public records) BeenVerified Canada 411 InfoBel Intelius MarketVisual MelissaData Numberway PeekYou Phonebook of the World Pipl Public Records Snitch.name (username search) Spokeo UserSearch Webmii ZabaSearch ZoomInfo SEE DROPBOX LINK FOR LINKS TO ALL OSINT SITES
  10. 10. SEARCHING SOCIAL MEDIA & PROFILES • Using OSINT, you can find not only a person’s profile, but also discover what they are talking about if they participate in online forums on social media platforms. • Searching for secondary connections, such as friends, family members, colleagues and ex-partners can reveal a great deal of information about your suspect. • Many sites that are not specifically social media sites allow users to set up profiles, and these can be just as revealing as social media sites.
  11. 11. SEARCHING SOCIAL MEDIA & PROFILES Ashley Madison Bebo Blogspot Classmates Facebook Messenger Flickr Google Plus Google+ hi5 Instagram Kik LinkedIn Match Meetup MySpace OurTime Pinterest Reddit Skype Snapchat Tumblr Twitter VK WhatsApp Messenger YouTube SEE DROPBOX LINK FOR LINKS TO ALL OSINT SITES
  12. 12. SEARCHING IMAGES AND VIDEO • Also search image and video social sites to find photos, videos and discussions related to them. • You’d be surprised at how much information you can get from OSINT resources.
  13. 13. SEARCHING IMAGES AND VIDEO Baidu Bing Image Search Clearview Flickr Google Images Instagram Karma Decay Metapicz Pintrest Image Search Tool Photobucket SmugMug TinEye Webshots Yandex Image Search YouTube SEE DROPBOX LINK FOR LINKS TO ALL OSINT SITES
  14. 14. ONLINE COMMUNITIES AND BLOGS • Blogs, online communities and free domain hosting sites are all sources of OSINT and can be valuable repositories of information. • Search these using names, usernames, email addresses and telephone numbers.
  15. 15. ONLINE COMMUNITIES AND BLOGS Angelfire BlogDigger Boardreader Deviantart Domain Tools Flixster Google Groups IceRocket IMDB Nexopia Omgili Quora Reddit Tumblr Typepad Who.is WordPress Xanga YahooGroups SEE DROPBOX LINK FOR LINKS TO ALL OSINT SITES
  16. 16. CLASSIFIED LISTINGS • There are several reasons you might want to search classified listings as a source of OSINT in the course of an investigation. • In a theft investigation, the target may be trying to sell a stolen item, or might be searching for similar items online. • You can also gather information about buyers and sellers from classified listings, including location information.
  17. 17. CLASSIFIED LISTINGS Amazon American Listed Clickooz Craigslist eBay Hotfrog iOffer OfferUp Kijiji Manta OLX PicClick SaleSpider Used VendAnything SEE DROPBOX LINK FOR LINKS TO ALL OSINT SITES
  18. 18. BUSINESS SEARCH SITES • When conducting due diligence investigations, or researching a person you are going to interview in an investigation, it’s a good idea to conduct a search on a variety of OSINT business search sites. • This list isn’t comprehensive, but you can use it to get started, then follow the trail.
  19. 19. BUSINESS SEARCH SITES Angie’s List Better Business Bureau BizNar Bloomberg Businessweek Central and Eastern European Business Directory CLEAR Corporate Information Dun & Bradstreet Foursquare Guidestar Hoovers Industry Canada InsiderPages Leadership Directories Open Corporates Orbis Directory PIBuzz SEC & SEC Company Search SunBiz Yelp SEE DROPBOX LINK FOR LINKS TO ALL OSINT SITES
  20. 20. BITCOIN AND BLOCKCHAIN SEARCHES • Cryptocurrency transactions have been used for illicit transactions since the advent of the dark web. • Cryptocurrency transactions aren’t as private as many believe. • If you’re looking to find a person’s Bitcoin wallet or a specific Bitcoin transaction, there are OSINT tools to help you do that.
  21. 21. BITCOIN AND BLOCKCHAIN SEARCHES Block Explorer Blockchain Info BlockCypher BTC Blocktrail Matbea Wallet Explorer SEE DROPBOX LINK FOR LINKS TO ALL OSINT SITES
  22. 22. SPECIALIZED AND DEEP WEB SEARCHES • There are many sites that are not mainstream, may be buried, hard to find or simply not indexed by general search engines. • When you know what you’re looking for, you can dig deeper into your research by going directly to these sites.
  23. 23. SPECIALIZED AND DEEP WEB SEARCHES Airbnb Athlinks CourtReference dnsLytics DomainTools EarthCam Free Public Records Directory Fold3 (military records) 4chansearch Global Terrorism Database Human Trafficking Internet Archive (same as Wayback Machine) National Sex Offender Registry PageGlimpse Public Records Snopes State Sex Offender Registry U.S. Federal Inmate Lookup Wayback Machine What Is My IP Address Webboar Whoisology SEE DROPBOX LINK FOR LINKS TO ALL OSINT SITES

Open Source Investigations_Deciphering Criminal's Digital Footprint

Views

Total views

546

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

20

Shares

0

Comments

0

Likes

0

×