fbpx

Posts

For the second year in a row, I attended the OSMOSIS Conference for open source intelligence professionals (you can read last years OSMOSIS review here).

I go into these conferences with a pretty open mind – people who think they are going to have some life-changing-experience are bound to be disappointed. In part, because everyone attending the conference has a different background, so every presentation is not going to perfectly relevant to what you do.

So even if you are never going to do a cryptocurrency investigation, chasing down child predators or spending your wee hours on dark web, it’s important to have at least a basic understanding of what that is. 

My goal with any conference like this is to pick up a few new techniques and tools relevant to my daily business practices, have an understanding of new trends, meet some new people and to walk away with a new sense of investigative inspiration. 

By that measure, it was a resounding success. 

I’m just amazed about how many brilliantly smart people that are out there doing some really incredible work. 

The venue in Orlando this year was 100% better than the Excalibur in Las Vegas last year (and San Diego in 2020 is going to be hard to pass up). 

I did find that a few of the presentations were a big miss (note: we know how to Google and anyone can read a PowerPoint slide), but overall, it’s a great conference that I would recommend to anyone in the business.  

Here are some of my takeaways, quotes and tools:

1Try this Google query: intitle:”not for public release” site:.gov. A fun little experiment that will show you all the documents titled “not for public release” on any U.S. government site. Happy hunting….

2Best virtual machine? VirtualBox if you are working with $0 budget; VMWare if you have $80 a year.

3Qintel – One of the best datasets and indexes of dark web content. 

4ViewDNS.info – One of the best sites for searching domain website data, including boolean searching, where you can search for things like anyone with an email that starts with a particular username from any domain (e.g. hello@*.com

5Reveye – Chrome and Firefox extension that lets you do reverse image searches through five separate image search engines (Google, Bing, Yandex, TinEye and Baidu)  at the same time. 

6“In a post-GDPR world, don’t rely on Whois data…but it is a good starting point.” ~Joshua Hopping

7DomainTools has the best set of historical data for domain information. Whoisology and CyberToolbelt also  have good historical data. 

8Archive.today takes a snapshot of a webpage and turns it into an unalterable record. Archive-it is similar.

9Sneaky way to find out if there are connections between multiple websites is to check to see if they have a matching Google Analytics code. You can get the Analytics code in the source code, and simply do a Google search on the Analytics code. 

10“You should be too expensive for some of your clients!” ~Cynthia Hetherington

11Favorite VPN – I asked the same question last year to people much smarter than me, but Nord VPN and Proton VPN seem to be the flavor of the year. Privacy Internet Access, which I personally use, seems to get blocked from too many websites because of its popularity. 

12Quiztime – Each weekday, members post a quiz on Twitter, asking you to geolocate an image, to find out whether a video has been tinkered with or to identify some obscure audio. Great way to test out your online sleuthing skills.  

13GeoGuessr – Online game that lets you guess the location of street-level imagery on a map. Another great way to test your skills.

14“Some investigative techniques may not be viable, but if it does work, you can look like a wizard and a hero to your client.” ~Chris Brenner

1590% of the DuckDuckGo index is from Yandex

16“The Tor browser is 95% Mozilla Firefox, which does not have a great track record of security.” ~Andrew Lewman

17Yandex is the “King of all facial recognition searches” available via open source.

18“Be a resource. You may not have the answer, but you may know the guy.” ~Cynthia Hetherington

19Hooyu – Relatively new, UK-based database that helps investigate people, places and businesses.

20Photos of the interior of a house from real estate listing websites like Zillow can be very revealing.

21MySudo – Helps you communicate with privacy, by creating different “pseudos”, each with a phone number and email address to use for signups, downloads, or anytime you need a private phone number and/or email address. 

22Dehashed can help investigators identify usernames and passwords of targets from leaked data. 

23Jaleo in Orlando was just as awesome as Jaleo in Las Vegas. Seriously, it’s way too expensive for what it is, but it’s pretty darn authentic Spanish food. And Jaleo’s owner, Jose Andres, is a better human being than most of us, and I will support whatever he does. 

24Private investigators are pretty bad ass at beating escape rooms. 

Enjoyed What You Read?

Sign up for our newsletter and stay up to date with what Hal Humphreys, from Pursuit Magazine, believes to be one of the absolute best blogs in the investigative industry!

Last week, I attended the OSMOSIS Conference, held in Las Vegas and put on by Cynthia Hetherington of the Hetherington Group.

After years of going to conferences of a large national organization (that will go unnamed) and coming back less than fulfilled, I found it fantastic to attend a conference that was oozing with brilliant people more closely aligned with what I do on a daily basis.

This year’s venue, Excalibur Hotel, was not my favorite; however, OSMOSIS is an absolutely terrific conference. After hearing rave reviews over the past few years from the likes of Kelly Paxton, Eli Rosenblatt, Rachele Davis and Marcy Phelps, I am so glad I made it.

If your business involves gathering investigative intelligence online, it’s a can’t-miss, and I suggest you sign up for next year right now. The networking alone was worth the price of admission.

Here are some of my takeaways, quotes and tools:

1

“Big Brother is not watching you – unless you have given him a reason to.” — Anthony Reyes, former NYPD officer

2

FOCA – Metadata analysis tool finds hidden information in documents.

3

Searx.net – “Privacy respecting” metasearch engine that combs through multiple search engines, including Google and Bing.

4

Virtual currency is at least 10 years away from being widely adopted.

5

Street Light Vision (from Andrew Fordred)

A man is looking for his keys under a streetlight. A woman approaches him and asks him what he is doing.

“I am looking for my keys,” says that man.

With no car in sight, the woman asks, “Where did you park your car?”

Pointing to a dark parking lot, the man says, “It’s over there.”

“Well, why aren’t you looking over there?” the puzzled woman asks.

“Because there is more light over here.”

6

dnsLytics – Chrome extension that helps you get information about an IP address, domain name and provider.

7

Favorite VPN? I asked about a dozen people (much smarter than I am) about their favorite VPN. NordVPN seemed to be most widely used, followed by Privacy Internet Access (PIA). (Personally, I use PIA.)

8

Talking about leaving data “artifacts,” Anthony Reyes said, “Somewhere out there, there is a footprint.”

9

Hunchly – Tool for online investigators that captures pages as you search, leaving a full audit trail that can hold up in court. So if that webpage disappears a day after you found it, Hunchly will keep a record of it. And even though the founder of Hunchly, Justin Seitz, wasn’t there for the conference, he was there in spirits … literally. ;-) [Thanks, Justin!]

10

Wigle – Collection of wireless routers.

11

Canary Tokens – Offers powerful tools to help track who accessed a link, file or email. This one’s a bit beyond my technological pay grade, but here is a good explanation.

“A canary token is a web URL, email address, document file and so on which will trigger an action if it’s ever accessed. In the case of a web URL, the canary token is the address of a unique yet nonexistent page on the website of the company that issued the token. If someone were to ever attempt to access that page, the web server would notice (because it would attempt to serve that nonexistent page to whoever requested it). The server will then notify the owner of the canary token that someone tried to access it.”

12

Yandex Image Search – The Yandex image search engine for facial recognition is extraordinarily powerful. I uploaded some images from my personal photo collection, and it was easily able to identify a number of photos of me on the web. Neither Google Images nor Bing Images came even close.

13

If you use Tor, put the Security Level settings to the “safest” to disable JavaScript and other scripts to help avoid potential viruses and malware.

14

Jaleo has some amazing, really authentic Spanish food.

15

Bing Image Search – The Bing Image search has a feature that lets you search only a portion of the photo if, for example, you want to search a portion (like a background) to determine where the picture was taken.

16

“Computer forensics is like dumpster diving, but only better. It’s clean and neat.” — Amber Schroader

17

Internet of things – Think privacy is dead? You might be right, at least if you are using any of the new internet of things devices such as your Fitbit (which is being used in several murder cases) and Alexa (which has been known to “unknowingly” send recordings of conversations).

18

“At times, our work can feel like finding a needle in a needle stack.” Don Colcolough

19

The Tor browser can cycle through IP addresses, making it really, really challenging to track down the true user.

20

Read Notify – Lets you know when email you’ve sent gets read.

21

Want to learn more about the Dark Web? Try IACA (International Anti Crime Academy).

22

Two sites for helping track cryptocurrency are blockchain.com and Wallet Explorer.

23

Nox App Player – Android emulator for Windows and Mac so you can run Android apps on your computer.

24

When conducting searches on Google for international subjects, change your VPN’s IP address to the country that you are searching, and you will get completely different results.

25

Too much red wine can give you a headache. And it might make you sleep in a bit. And miss a bit of a conference.

Enjoyed What You Read?

Sign up for our newsletter and stay up to date with what Hal Humphreys, from Pursuit Magazine, believes to be one of the absolute best blogs in the investigative industry!