I am often asked what tools I am packing in my battle chest. So I have decided to do a series, starting with OSINT tools that are openly available to everyone. Obviously there are ‘other’ proprietary tools I use and I won’t be discussing those, so with respect to you all, please don’t ask me 😉
Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community, the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence.
OSINT is defined by both the U.S. Director of National Intelligence and the U.S. Department of Defense, as “produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.”
Here’s just five freely available OSINT tools and resources in no particular order, each one excels in different aspects of OSINT collection and collation.
Maltego is an open-source intelligence and forensics application developed by Paterva, Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining.
Maltego permits creating custom entities, allowing it to represent any type of information in addition to the basic entity types which are part of the software. The basic focus of the application is analyzing real-world relationships between people, groups, websites, domains, networks, internet infrastructure, and affiliations with online services such as Twitter and Facebook. Maltego is a java-based program that runs on Windows, Mac, and Linux.
The app, actually a software package for Windows and Linux, hooks into social networks like Twitter and Flickr to glean information about a targeted user’s location. It’s surprisingly effective, even in its early stages. After Creepy has finished its analysis, it reveals a map that pinpoints the location where the targeted user posted every geo-tagged tweet and every shared image. Clusters would logically indicate a person’s residence or workplace.
Creepy is currently available to download for Windows and Linux operating systems and a version for Mac OS X is in the works.
Spokeo is a social network aggregator website that aggregates data from many online and offline sources (such as phone directories, social networks, photo albums, marketing surveys, mailing lists, government censuses, real estate listings, and business websites). This aggregated data may include demographic data, social profiles, and estimated property and wealth values.
All data collected by Spokeo is publicly accessible from its original sources. According to the site, Spokeo does not originate data and information available is only as good as its source. The information available originates from information people provide that becomes public information “even if a person isn’t on Facebook or Twitter.”
CaseFile is the little brother to Maltego. It targets a unique market of ‘offline’ analysts whose primary sources of information are not gained from the open-source intelligence side or can be programmatically queried. We see these people as investigators and analysts who are working ‘on the ground’, getting intelligence from other people in the team and building up an information map of their investigation.
CaseFile gives you the ability to quickly add, link and analyze data having the same graphing flexibility and performance as Maltego without the use of transforms. CaseFile is roughly a third of the price of Maltego.
Intelligence analysts are under increasing pressure to forecast what the future may hold. Recorded Future intelligence analysis tools help analysts understand trends in big data, and foresee what may happen in the future. Groundbreaking algorithms extract temporal and predictive signals from unstructured text.
Using what they call a “temporal analytics engine”, Recorded Future provides forecasting and analysis tools to help analysts predict future events by scanning sources on the Internet, and extracting, measuring, and visualizing the information to show networks and patterns in the past, present, and future. The software analyzes sources and forms “invisible links” between documents to find links that tie them together and may possibly indicate the entities and events involved.
These are just a sample of some of the many great OSINT tools out there. Time permitting, I am hoping to turn ‘Jesters Loadout’ into a feature, and in the next in the ‘series’ am intending to talk about ‘technical recon’ – tools I use to map the nature of target networks and possible vulnerabilties or entry points.
‘There’s an unequal amount of good and bad in most things, the trick is to figure out the ratio and act accordingly.’