Important Notes to read
- this file will contain the most important notes from the second OSINT session explain by sameer fakhoury in the first CTF completion and training in BAU
OSINT tools are useful for CTF challenges
- https://epieos.com/ → perform reverse email and phone numbers lookup
- http://web.archive.org/ → use to see broken websites → see them in the past
- The Way back Machine is an internet archive that allows users to view past versions of websites. It provides a historical snapshot of the internet's evolution.
- https://bit.ly/ → to see the original link
- Bitly is a web-based service that helps you create and share shortened links. Instead of using long, cumbersome URLs
- Bitly allows you to create compact links that are easier to share and remember. It's commonly used in social media posts, emails, and online marketing campaigns to make links more concise and manageable.
- important note → when we see bit.ly → we should not open it first we should see the original link of it first in bitly website → may be forwarded to a harm website → and see the original link date creation
- https://oduwsdl.github.io/tweetedat/ → see twitter snowflake → more information about the twitter accounts
- https://twitter.com/rzsdw2iwug77eda/status/1394223468003176455 → twitter snowflake
- Twitter Snowflake is a unique ID generation algorithm developed by Twitter to generate globally unique IDs in a distributed system.
- It was designed to replace the previously used auto-incrementing IDs, which were not suitable for a highly scalable and distributed environment like Twitter's.
- Snowflake is a service used to generate unique IDs for objects within Twitter (Tweets, Direct Messages, Users, Collections, Lists etc.). These IDs are unique 64-bit unsigned integers, which are based on time, instead of being sequential.
- Snowflake generates 64-bit integer IDs.
- The ID consists of a timestamp, worker ID, and sequence number.
- https://www.kali.org/tools/sherlock/ → gathering social media accounts
- Sherlock is an open-source intelligence (OSINT) tool to gather information about a specific username or online identity.
- how to install sherlock
- https://osintframework.com/ → OSINT framework focused on gathering information from free tools or resources
- The OSINT framework → a methodology that integrates data, processes, methods, tools and techniques to help the security team identify information about an adversary or their actions quickly and accurately.
ImgOps
is a meta-tool → Enter an image → Choose an online image utility → https://imgops.com/upload
git clone https://github.com/sherlock-project/sherlock.git
cd sherlock
python3 -m pip install -r requirements.txt
cd sherlock
CTF Questions to solve
- solving the following question first and then check the writeup of them
- these questions are from CTF competitions I attended
- XpandCTF OSINT CTF
- https://sameerfakhoury.com/ctf-writeups/open-source-intelligence-writeups/xpandctf/the-code-mystery
- https://sameerfakhoury.com/ctf-writeups/open-source-intelligence-writeups/xpandctf/stolen
- https://sameerfakhoury.com/ctf-writeups/open-source-intelligence-writeups/xpandctf/digital-footprint-1
- NBCTF OSINT CTF