A few months ago I wrote about how you could use Carbon-14 to detect the timestamps for images published in webpages. By comparing the publication times of the images with the publication time of the page itself it is possible…
Tag: website attribution
OSINT Techniques: Who’s Behind A WordPress Site?
WordPress is the base that 35% of the world’s websites are built on. If you’re ever going to investigate a website, then it’s really important to be able to know your way around a WordPress setup. In this tutorial I’m…
Crypto Scam Investigation: Using Spiderfoot HX For OSINT Automation
Automation or Augmentation? Automation is an increasingly important part of OSINT. Even the simplest of investigations can require large amounts of different data types to be gathered and analysed quickly. Yet it is not accurate to suggest that all…
Spiderfoot HX: Investigating A Domain Used For Phishing
In my last Spiderfoot tutorial I wrote about how Spiderfoot HX could be used to gather information about a suspicious IP address and then analyse and visualise the data. In this guide I’m going to show how Spiderfoot HX can…
Using Spiderfoot HX To Investigate A Malicious IP Address
Using OSINT to identify and investigate sources of malicious internet activity is a key part of cyber security. There’s a huge range of open source information out there to help with this, and Spiderfoot HX gathers it very quickly. This…
Search Tip: Finding Historic WhoIs Data
The WhoIs system used to be a goldmine for OSINT investigators. It was usually possible to find out the address, phone number, and e-mail address of the person who owned or at least registered the website. However the increasing use…
12 OSINT Resources For E-mail Addresses
Most OSINT investigations involve an e-mail address at some point. Some start with an e-mail and nothing else. E-mail addresses can sometimes be a bit of a challenge but they can also provide a wealth of information about a subject.…
Website Investigation – Where Did 8Chan Move To?
After the El Paso shooting this past weekend, it quickly emerged that the shooter had apparently posted his manifesto on 8Chan prior to carrying out the killings. As a result Cloudflare announced that they would no longer permit 8Chan to…
Website Attribution Without WhoIs – Reverse IP Lookups (Part 2)
In my last post on Reverse IP Lookups I wrote about the challenges OSINT investigators face when it comes to attributing a website to someone. Reverse IP lookups show which other domains are hosted at the same IP address, which…
Website Attribution Without WhoIs – Reverse IP Lookup
How do you identify the people or group who run a website? Knowing who really owns or controls a domain is an important part of many online investigations, but it can be very hard to do in cases where people…