The first four parts of this series of posts looked at how to build your own custom Buscador-style OSINT virtual machine. Part One showed how to install Ubuntu, Part Two looked at installing programs from the Ubuntu software, Part Three was about how to install tools from the web with .deb packages, while Part Four headed to the command line to learn how to install and run some popular Python-based tools. I’ve intended these guides to be for people who are fairly new to Linux and/or OSINT and this fifth part continues the trend. This article will look at how to clone and backup the virtual machine and how to export it to other computers.
Backing Up & Cloning A Virtual Machine
One of the big advantages of virtual machines is that once you’ve created one and it’s set up just the way you like it, it’s possible to make an exact clone of the machine. There are several benefits to this. Firstly, if you’ve spent a long time creating a virtual machine and customising it for your needs, cloning means it is possible to make an exact copy of the VM in full working order. That way if you break or corrupt your VM beyond repair, it’s easy to create a new one by using a clone and you don’t have to worry about starting again from scratch.
Secondly, if you use your VM in an environment where your OSINT work is likely to be used as some kind of evidence either for corporate investigations, law enforcement, or some other kind of legal process, it is possible to take a “one case, one VM” approach where all your work for one particular case can be done in one VM which is then saved, hashed, and exported so that it is possible for your work in the VM to be inspected independently if needed.
Virtualbox makes cloning very easily. Make sure the VM is powered OFF and that it looks like this in the main Vbox menu:
Now simply right click on it, and select “clone”:
Give the cloned machine a name:
Choose “Full Clone” as the type:
After a few minutes Virtualbox produces a second virtual machine which will be completely identical to the first.
For backup purposes, it’s possible to simply make a snapshot of a virtual machine rather than making a full clone. If something might go wrong or you want to experiment with new settings, creating a snapshot will give you a restore point to go back to if needed.
Exporting A Virtual Machine
It is also possible to save and export a virtual machine. This means that it can be transferred to other devices or shared with others like Buscador.
To export a VM in Virtualbox, simply go to File > Export Appliance > Choose the VM to Export > Choose OVA.
OVA and OVF formats are (in theory) compatible across Virtualbox and VMWare. OVA is a simpler single-file package, whereas OVF splits the virtual machine into several different files. There’s no right or wrong way to do it, but OVA files are just fine for a small, simple VM.
The next (and final) part of this series will look at some browser extensions that make OSINT work a lot easier.