Twitter would not be Twitter without a daily dose of QAnon drama. Recently there were claims that since Q-drop archive site qmap.pub now shares the same IP as 8Kun proved that 8Kun owner Jim Watkins is Q. I’m not sure…
Tag: website attribution
Website OSINT: What’s The Link Between Antifa.com and Russia?
The term “OSINT” sometimes gets thrown around a little too loosely. The “open source” part of OSINT is straightfoward enough: there’s a world of information out there and with enough digging and practice you can find almost anything you could…
Who Stole My Stuff? Finding Out Who Is Behind A Website
The last blog post I wrote about Fake Twitter profiles is by far the most widely-read post I’ve ever published since I started this blog. It’s nice when people read your work but there was a little sour note with…
Website Forensics: How To Detect Editorial Changes
A few months ago I wrote about how you could use Carbon-14 to detect the timestamps for images published in webpages. By comparing the publication times of the images with the publication time of the page itself it is possible…
OSINT Techniques: Who’s Behind A WordPress Site?
WordPress is the base that 35% of the world’s websites are built on. If you’re ever going to investigate a website, then it’s really important to be able to know your way around a WordPress setup. In this tutorial I’m…
Crypto Scam Investigation: Using Spiderfoot HX For OSINT Automation
Automation or Augmentation? Automation is an increasingly important part of OSINT. Even the simplest of investigations can require large amounts of different data types to be gathered and analysed quickly. Yet it is not accurate to suggest that all…
Spiderfoot HX: Investigating A Domain Used For Phishing
In my last Spiderfoot tutorial I wrote about how Spiderfoot HX could be used to gather information about a suspicious IP address and then analyse and visualise the data. In this guide I’m going to show how Spiderfoot HX can…
Using Spiderfoot HX To Investigate A Malicious IP Address
Using OSINT to identify and investigate sources of malicious internet activity is a key part of cyber security. There’s a huge range of open source information out there to help with this, and Spiderfoot HX gathers it very quickly. This…
Search Tip: Finding Historic WhoIs Data
The WhoIs system used to be a goldmine for OSINT investigators. It was usually possible to find out the address, phone number, and e-mail address of the person who owned or at least registered the website. However the increasing use…
12 OSINT Resources For E-mail Addresses
Most OSINT investigations involve an e-mail address at some point. Some start with an e-mail and nothing else. E-mail addresses can sometimes be a bit of a challenge but they can also provide a wealth of information about a subject.…