website attribution

Crypto Scam Investigation: Using Spiderfoot HX For OSINT Automation

15th December 201916th December 2019 NixintelOSINT Tools1 Comment

Automation or Augmentation? Automation is an increasingly important part of OSINT. Even the simplest of investigations can require large amounts of different data types to be gathered and analysed quickly. Yet it is not accurate to suggest that all…

Spiderfoot HX: Investigating A Domain Used For Phishing

2nd December 2019 NixintelOSINT ToolsLeave a Comment

In my last Spiderfoot tutorial I wrote about how Spiderfoot HX could be used to gather information about a suspicious IP address and then analyse and visualise the data. In this guide I’m going to show how Spiderfoot HX can…

Using Spiderfoot HX To Investigate A Malicious IP Address

21st November 2019 NixintelOSINT ToolsLeave a Comment

Using OSINT to identify and investigate sources of malicious internet activity is a key part of cyber security. There’s a huge range of open source information out there to help with this, and Spiderfoot HX gathers it very quickly. This…

Search Tip: Finding Historic WhoIs Data

1st October 2019 NixintelOSINTLeave a Comment

The WhoIs system used to be a goldmine for OSINT investigators. It was usually possible to find out the address, phone number, and e-mail address of the person who owned or at least registered the website. However the increasing use…

12 OSINT Resources For E-mail Addresses

17th September 201917th September 2019 NixintelOSINTLeave a Comment

Most OSINT investigations involve an e-mail address at some point. Some start with an e-mail and nothing else. E-mail addresses can sometimes be a bit of a challenge but they can also provide a wealth of information about a subject.…

Website Investigation – Where Did 8Chan Move To?

5th August 2019 NixintelOSINTLeave a Comment

After the El Paso shooting this past weekend, it quickly emerged that the shooter had apparently posted his manifesto on 8Chan prior to carrying out the killings. As a result Cloudflare announced that they would no longer permit 8Chan to…

Website Attribution Without WhoIs – Reverse IP Lookups (Part 2)

1st July 20191st July 2019 NixintelOSINTLeave a Comment

In my last post on Reverse IP Lookups I wrote about the challenges OSINT investigators face when it comes to attributing a website to someone. Reverse IP lookups show which other domains are hosted at the same IP address, which…

Website Attribution Without WhoIs – Reverse IP Lookup

18th June 201918th June 2019 NixintelOSINTLeave a Comment

How do you identify the people or group who run a website? Knowing who really owns or controls a domain is an important part of many online investigations, but it can be very hard to do in cases where people…