Category Archives: Blog

Google Dorking

Practically every person makes use of Google or other similar search engines, but what most do not know is the capability of search engines to handle advanced queries.

Google Dork query, sometimes called a “dork,” is a search string that employs advanced search operators to search for information not readily accessible on a website. Since its inception, the features of Google Dorking have been made available to other Open Source Network Intelligence Tools (OSNIT) and search engines.
# The usage of advanced operators in Google is termed “Dorking.”
# The strings used for Dorking are termed “Google Dorks.”
# These strings can be a single basic string or a complex combination of advanced operators as a unique string for searching.
# Individual Dork has a specific meaning which enables the search engine to filter out or narrow down search results.
Google Dorking remains a proactive security tool that makes use of online repositories like the Google Hacking Database (GHDB) and other databases to make available access to thousands of exploit entries. Google Dorks can be used to find hidden information, vulnerabilities, and access pages for particular websites.
With its advanced operators in the Google search engine, Google Dorking can locate specific information (e.g., file name, version, and more) within search results. The basic syntax for using an advanced operator in Google is
• operator_name: keyword
• Some other simple Google Dorks Syntax includes:
• allintitle and intitle: comprises of title specified phrase.
• Filetype: search for specific filetype formats.
• inurl: limits the results from the URLS using a particular phrase(s).
• Site: would return the website on the resulting domain.
What Data Can Be Found Through Google Dorks?
• Admin login pages.
• Bank account details.
• Email lists.
• Govt/military data.
• Sensitive documents.
• Username and passwords and lots more.

Google Dorks are also useful in network mapping as subdomains of selected sites can be found through Simple Dorks.

Google Dorking can be useful for several reasons. Although it still poses some level of challenges with insecurities, Google Dorks still presents some top benefits like testing personal websites and more.

Buddy is a military veteran, former intelligence officer, and entrepreneur whoteaches dozens of courses on a variety of intelligence related topics. Buddy currently serves as the Chief Executive Officer of Echo Analytics Group and is based in Tampa, Florida.

Snap Map – the Best Map for Snaps

SnapChat offers a new social, technological feature that allows users to share Snaps on maps alongside their location. The ability for other users to view your location may sound disturbing, in terms of privacy, there are still some fantastic features that make Snap Map a great application for OSINT practitioners and research professionals. For one, I recently used Snap Map to keep track of the daily happenings regarding the protests in Iraq. With Snap Maps, I was able to see developments on the ground in near real time, even when the internet was shut down across the country. The ability to stay current about events unfolding on the round in near real time is simply incredible in a day and age of information overload where sifting through news articles can be a daunting task.
Snap Map offers opt-in features, which implies users have full control over privacy. The Opt-in features offers vital safety importance in allowing users the ability to decide if they would like to share their location.
Selective Audience Feature with Ghost Mode.
With Snap Map, you can activate Ghost Mode features, which allows the user to turn off locations. Users can choose to share location with all, or some selected friends. Ghost Mode comes as a standard feature on Snap Map. Here is a simple and quick way to activate and control the Ghost Mode feature on Snap: https://www.adweek.com/digital/snapchat-heres-how-to-turn-on-ghost-mode/
Uploaded Snaps Do Not Include Usernames.
Snaps shared on Snap Map do not display the posters username. Snap Map basically shows the user’s current location. What you will find though, is that most users sharing their location will tag their image or video with their location. The reason most users turn on their location services is because they want to advertise their location on the ground. However, be sure to cross check the location a user posted on their image or video with the actual location their snap appears on the map. I have found that on several occasions users improperly tagged their location.
With Snap Map It is Always to Share.
It is vital to note once you opt-in, your selected audience for sharing snaps with are always able to see your updates. Snap Map undeniably makes sharing easier for individuals who share their views about different locations. This feature is a huge benefit to the platform because more publicly available data translates to stickiness on the platform.
Snap Map comes with several features, but the ultimate use lies with the user and what information you choose to share on the platform. Several thoughtful decisions on privacy and protection are required to help with proper usage. On Snap Map, you can find several features including
• Snaps – which lets users submit Snaps from any location.
• Stories – which contains several snaps about an event or location.
• Friends – view snaps from other users as well as shared locations.
• Explore – offers a secure method to share your journey and see what’s happening with friends.
About Snap Map.
On Snap Map, you can view Snaps submitted all across the globe, covering celebrations, events, news, and more. Snap is a dedicated camera brand offering a variety of imaging products and services. These services provide a fast and fun approach for users to express individual ideas, moments, and learn about the world through the pictorial views of other users. For OSINT practitioners and research professionals, Snap Map offers an incredible glimpse into the world around us and provides incredible moments-in-time during significant events that help tell the story of how events develop and unfold. There are many other free platforms that offer features similar to Snap Map and they can be found on CID, a purpose-built research dashboard with thousands of resources. To learn more, sign up today by visiting us on the Echo Analytics Group Website.

Buddy is a military veteran, former intelligence officer, and entrepreneur whoteaches dozens of courses on a variety of intelligence related topics. Buddy currently serves as the Chief Executive Officer of Echo Analytics Group and is based in Tampa, Florida.

Locating Shooters by Smartphone Video Recording

Locating Shooters by Smartphone Video Recording

Now, there is a new system that can accurately locate shooters based on video recordings from as few as three smartphones, researchers report.

When researchers demonstrated the system using three video recordings from the 2017 mass shooting in Las Vegas that left 58 people dead and hundreds wounded, the system correctly estimated the shooter’s actual location — the north wing of the Mandalay Bay hotel. The estimate was based on three gunshots fired within the first minute of what would be a prolonged massacre.

Alexander Hauptmann, a research professor in Carnegie Mellon University’s Language Technologies Institute, says the system, called Video Event Reconstruction and Analysis (VERA), won’t necessarily replace the commercial microphone arrays for locating shooters that public safety officials already use, although it may be a useful supplement for public safety when commercial arrays aren’t available.

(more…)

Wayback Machine: Digital Library and its Benefits. 

By Buddy Jericho 

Since 1996, Wayback Machine has assembled over 400 billion web pagesAnd there is every possibility your favorite web page is already on a Wayback Machine. In general, if a website allows web crawlers and it is not blocked or passworded, you can archive them for future use.  Wayback Machine is a great resource for open source information collection and analysis and is heavily used by OSINT professionals. 

What is Wayback Machine For?  

Source: WayBack Machine, 2019

Wayback Machine is designed to offer large size allotments dedicated to preserving digital artifacts like histories, researches, and more. They also can easily be employed for saving audios, videos, as well as other entertainment materials.  

Another importance of Wayback Machine is in accessing content no longer available on the web. Its usage in the Internet Archive provides useful help in discovering old software as well

Wayback Machine can also allow users access to downloading content on a website initially shut down or no longer available. 

As an OSINT professional, adding Wayback Machine to your checklist or your Echo Cyber Intelligence Dashboard a.k.a. CID is a must. 

(more…)

Internet of Things (IoT) and Thingful

Internet of Things (IoT) for Search Engines: A New Frontier with Thingful

By Buddy Jericho 

Searching the web is taking new approach especially in the search IoT devices. New technologies are on the rise, and since the start of search engines, the web has continuously evolved. For independent and secure connection of “things” globally, we are more concerned with a similar approach of “googling” related keyword(s) to find useful content, especially in the field of open-source intelligence (OSINT). 

Well, this key feature is presently transformed into new searches as devices are expected to link with the internet as part of optimizations for IoT.   As more and more common devices and appliances establish their wifi connections more information will be introduced to the internet but we will also witness an explosion of cyber capabilities to combat risk.  In the near future, we will be buying Cyber Protection Plans with our refrigerators the same way we now buy antivirus software for our laptops. 

(more…)

Intelligent Platforms are on the rise

Intelligent Platforms are on the rise with Cognitive Computing

Intelligent Platforms are on the rise with Cognitive Computing

By Buddy Jericho 

Cognitive computing is transforming the way we seek more fundamental applications of the internet. Intelligent Platforms are on the rise. It is also playing a notable role with several virtual assistant and advisor programs. Nowadays, experts are seeking the implementation of cognitive solutions into enterprise systems.  

But what is cognitive computing? 

Cognitive computing describes technology platforms that apply a mixture of HumanComputer Interaction (HCI), Natural Language Processing (NLP), Machine Learning (ML), speech, vision, and more to mimic the functions of the human brain to enhance the decisionmaking process. 

(more…)

How do you stay anonymous online?

Staying Anonymous

A few weeks ago, I was speaking with a regional bank in the Southwestern United States, where the lack of anonymity online had jeopardized a recent investigation. The bank was doing online research necessary for them to comply with the Bank Secrecy Act and Anti Money Laundering (BSA/AML) regulations.

A financial fraud analyst found incriminating evidence on the web page of a business she was investigating. Imagine her frustration when she went back the next day to collect that evidence, only to find it had been removed in the meantime. What happened?

The bank suspects that the subject of its investigation was tipped off to the analyst’s research because web traffic from the bank was hitting the website of the investigated business. This happens more often than one would think, as I’ve learned in conversations with other financial services firms before.

Fully anonymous web access

Having secure, fully anonymous web access would have kept the bank from tipping its hand in this instance. And lacking a solution to accommodate special web access for its analysts wasn’t just jeopardizing the bank’s investigations.

It also put the bank’s internal IT security at risk, because BSA/AML analysts frequently need to access URLs that are considered “high risk” from a cybersecurity perspective.

Why Online Anonymity Is Crucial for Business

Banking is not the only sector with this problem. Law firms face similar challenges. Take practice groups that need anonymous browsing for conducting litigation support research, for example.

Ideally, law firms would have access to a setup where they can browse anonymously while gathering information for litigation support. The legal professionals commonly pushing for these setups do so because they need to conduct online research without getting blocked by their firm’s URL filter. They also need to prevent their web activity by getting traced back to the firm.

Compliance managers, financial intelligence units, and law firms conducting litigation research are not the only groups facing this challenge. Professionals in other fields depend on unrestricted, secure, anonymous web access on the job as well. Cyberfusion centers, corporate security departments, private investigators, and OSINT professionals also need this level of protection when accessing the web.

And just like leading financial services and law firms, they increasingly turn to a solution that has solved similar problems for federal agencies and the Department of Defense: accessing the web through a secure cloud browser.

Where Traditional Web Browsers Fail Your Business

What’s wrong with using a regular browser for this purpose, you ask? Simply put, the “free” and supposedly “secure” mainstream browser betrays you. It’s neither free nor secure.

You don’t have to take my word for it. Check out https://sploit.io, a tool built to see what information is being broadcast about you when going online with a browser installed on your local computer or mobile device.

Did you know what kind of information local browsers such as Chrome, Firefox, Edge, and Safari share with the world? That data includes the browser’s make and version number, your device’s operating system, plugins you use, languages/fonts, your location…

All of these details, together with basic tracking code such as “cookies”, can be used to create a unique fingerprint.

That information is frequently used to identify and target individual end-users and whole organizations.

Think about it from a security perspective. This “oversharing” by the browser also exacerbates its built-in vulnerabilities. It enables attackers to exploit your browser extensions and plugin – including such that purport to protect you.

How to REALLY Browse Anonymously

Anonymous browsing tools galore – will they really protect your team’s anonymity when conducting business-critical research?

Yes, you can find thousands of blog posts and articles on “how to browse the web anonymously” on the web. And no, most don’t provide a clear answer.

They suggest a wide variety of approaches, only to then end on a note along the lines of “this is about the best you can do, and you can never be 100% sure.”

Did you end up more confused than when you started? Most of these how-to guides suggest a multi-step solution where several methods are combined to prevent your web activity from being traced back to you.

It seems as if the six most commonly suggested methods are imperfect at best:

Switching to “private browsing” or “incognito mode”

…only prevents the browser from storing your web session’s browsing history, cached web pages, or “cookies” locally.
Because the browser is still sharing your browsing history and other traceable details with your Internet Service Provider (ISP), your web activities remain vulnerable to snooping and are neither anonymous nor private. Let’s move on.

Accessing the web through a Virtual Private Network (VPN)

…protects you when using public WiFi, because it encrypts the connection and makes it harder for attackers to intercept internet traffic. Still, VPN services don’t fully anonymize your web activity.
VPN also does not protect against web-borne exploits, such as spyware infections, and can make larger organizations more vulnerable. And it often is slow – but you likely knew that already.

Misconceptions about VPN are widespread even among IT professionals. If you’re considering it to ensure anonymity and non-attribution for web investigations, I recommend reading this Authentic8 whitepaper about VPN [PDF] first.

Using a proxy service

…hides your originating IP address from websites when going online. It doesn’t protect users against tracking code or malware fingerprinting. Depending on the vendor that runs the proxy server, your IP address and web requests may be stored and sold to third parties who aggregate such data. Feeling anonymous yet?
Installing browser-based anonymity or privacy tools

…can shield your online activities to a limited degree from tracking or malvertising on the local browser. Paradoxically, such browser extensions also can make it easier for third parties to find out who you are, what you’re up to, or to launch an attack.

Another downside is that plugins also compound the inherent vulnerabilities of the local browser, especially in business IT environments.

Browser plugin user data can be sold to third parties and used for deanonymization. Attackers frequently hijack plugin developer accounts to push malicious “updates” for add-ons. Are you willing to take that risk?

Using “privacy browsers”

…won’t fully anonymize your web sessions either. Most of these “secure” browsers are derivatives of popular traditional browsers that are tweaked to enhance online privacy protections.
That means they still process – potentially dangerous – web code on your local machine and don’t provide professional-grade anonymity.

They have been outlawed in some countries and too often get blocked by certain web services. This makes them even less viable for professionals with the need for conducting anonymous web research while abroad.

Avoiding public WiFi

….is also a – surprisingly common – suggestion. So we’re supposed to cease work when out and about, at the airport, at a coffee shop, or when connecting from the home office? Seriously?
To be fair – some of these methods can be useful for browsing mostly anonymously, as long as we keep in mind that none of them were built for this specific purpose. For business-critical and compliance-relevant use cases, however, cobbling together a mingle-mangle of tools that keep you mostly anonymous isn’t enough.

In the age of remote work, enabling secure, anonymous web access becomes ever more important, because IT doesn’t always control the network or machine employees and contractors are connecting from.

*** This is a Security Bloggers Network authored by Kurt Cunningham.

Data Visualization and Its Benefits: Sentinel Visualizer 

Data visualization tools create and deliver visual designs for data.

It also offers a more straightforward technique to visually represent data of large sets. The process of handling data sets with data points running into thousands or millions can be automated by the use of visualization tools. These data visualizations can serve several purposes and can virtually present information that needs interpretation. 

Advantages of Data Visualization

Data visualization makes available quick access to clearly understand input data. Owing to the availability of graphic illustrations, large volumes of data can be visualized in a comprehensible and intelligible way. This approach helps in analyzing data, draw insights and conclusions. This approach also saves time and offers more efficient solutions. Other significant advantages of Data Visualization include: 

  • Information design aids in the identification of emerging trends that can be quickly acted upon based on its outcome. These trends offer better insights into the graphical representation and the detection of highly correlated parameters. Obvious connections can be well represented and aid other decision-making processes.   
  • The representation of data and infographics allows better identification of connections and patterns inside digital assets, as perceptive trends in data provides competitive benefits in terms of factors that may affect output quality. 
  • Data storytelling permits the development of new ideas that help tell and share your story with others. It offers a method that allows the easy creation of narratives via analytical diagrams and graphics. It also helps in visual analytics, which can reveal new insights and engagements. 
  • Visualization of data offers analysis at different levels of detail. Some evidence becomes known through underlying analysis. Also, other analytics breakdowns provide evidence for backstories as well as extra experience in the area of data. 

Sentinel Visualizer for Data Visualization

Interconnected data are challenging to comprehend with traditional tools. Sentinel Visualizer makes available advanced visualization surfaces to aid in discovering meaning from complex data. Sentinel Visualizer offers analysis and data visualization solutions for big data.  

Researchers of big data seeking data visualization platforms can swiftly see multi-level links amongst entities and models with several relationship types. Sentinel Visualizer can help you: 

  • Find hidden relationships. 
  • Identify clusters and patterns rapidly. 
  • Organize complex networks into manageable groups. 
  • Perform ad-hoc analysis, test theories, and scenarios.
  • Advance drawing and redrawing to generate optimized views for essential entities. 

350+ hackers hunt down missing people in first such hackathon

More than 350 ethical hackers got together in cities across Australia on Friday for a hackathon in which they worked to “cyber trace a missing face”, in the first-ever standalone capture-the-flag (CtF) event devoted to finding missing persons.

Similar CtFs have been held before, alongside conferences such as DEF CON and B-Sides, but this was the first such event focused entirely around a missing persons hackathon.

Astounding Results

Organizers called the results “astounding,” ABC News reports.

During the six hours, the competing teams hammered away at the task of searching for clues that could potentially solve 12 of the country’s most frustrating cold cases. 100 leads were generated every 10 minutes.

The National Missing Persons Hackathon was run by the AustCyber Canberra Innovation Node, which partnered with the Australian Federal Police, the National Missing Persons Coordination Centre and Trace Labs: a nonprofit with a mission of crowdsourcing open-source intelligence (OSINT) and training people on OSINT tradecraft.

Resources Collected

OSINT is data collected from publicly available sources. That includes Google searches, for example. The missing persons hackathon is the sunny side of that coin. Last week, we saw a much darker side to OSINT when we heard about a Japanese pop star who was attacked by a stalker who zoomed in on the reflections in her eyes from selfies, then searched for matching images on Google Maps to find out where she lives.

ABC News mentioned another recent case of the use of OSINT: last month, Twitter user Nathan Ruser picked up on a video uploaded to YouTube that showed hundreds of detainees at a train station, handcuffed and blindfolded, and all with freshly shaven heads. They were allegedly members of the Uyghur Muslim community in western China.

Chinese officials had denied the mass detention. To verify the image, and to find out when and where it was taken, Ruser used elements in the imagery to geolocate the scene: buildings, a cell tower, a carpark, trees, and train tracks, for example, feeding the images into Google Earth. Other useful elements included a pole that acted as a sundial, casting a shadow that could be matched with other images that show the sun at a given azimuth, casting specific shadows, on a particular day, to get a rough idea of the day it was taken.

Cold Cases

The participants in the Australian missing persons hackathon used similar search techniques to try to find previously uncovered hints at what could have happened to the missing persons focused on in the event. Those 12 cold cases were selected from what ABC News says is now more than 2,600 Australians listed as “long-term” disappearances.

At the start of the event, contestants were allowed to view the missing persons case details by logging into the CtF platform. The organizers haven’t released results of the mass gathering of OSINT. All leads generated on the missing person cases were handed over to the National Missing Persons Coordination Centre.

Technology Decisions quoted Minister for Industry, Science and Technology Karen Andrews, who said that an event like this shows the good that can come from hacking:

Haunted by the Experience

You can only imagine the great heartache when a loved one goes missing. Family and friends are often haunted by the experience of life. They never stop looking and trying to find answers.

This event is a great opportunity to use online investigative techniques and hacking skills in creative and socially useful ways.

Australian Federal Police Assistant Commissioner Debbie Platz said that crowdsourcing like this opens up a whole new way of policing that will hopefully lead to solving more of these heartbreaking cases:

by Lisa Vaas

OSINT and Money Laundering

OSINT and Money Laundering

OSINT and Money Laundering

Let’s take a look at OSINT and Money Laundering. With social media websites and cyber-related intelligence which has given rise to an unprecedented volume of intelligence at one’s fingertips, the internet is an ocean of data that can significantly assist to crack money laundering and terror financing investigations.

AML_CTF investigations

Over the last decade, there has been an increase in the drive to adopt intelligence-led approaches and solutions in order to deal with cyber threats based on the understanding that individuals and illicit networks intent on committing financial crimes can be identified by those who utilize all capabilities to see the wider intelligence picture.

Financial institutions (FIs) can be attacked by individuals and networks who mask their identities in sophisticated methods. However, digital fingerprints can be tracked down online, and analysts can exploit the internet to their advantage to reveal hidden leads and connections.

Numerous web sources hold an unparalleled amount of hidden information. Threat actors and illicit network operators leave a digital footprint that can be identified by analyzing the technical details of electronic activity, behavior and cyber information such as IP addresses, time-stamps, device indicators and more.

Suspicious Activity

But despite the advantages available to FIs when using cyber information, many don’t use it to its full potential when conducting Anti-Money Laundering (AML) investigations. Though, the inclusion of this data in suspicious activity reports will make them as complete and accurate as possible.

During AML investigations, social network analysis of the OSINT gathered allows analysts to map and measure the relationships between social networks which may be used to move illicit funds or to finance terror activity.

Terrorists and Criminal Activity

Transnational criminal organizations and terror organizations have benefited tremendously by technology such as electronic banking systems and cryptocurrency and the accessibility it provides for illicit network financing.

Criminals and terrorists who work in the shadows of the deep and dark web are often paid in virtual currency such as Bitcoin or other cryptocurrencies, which is an attractive way to launder funds without concern of being caught by AML authorities.

While FIs don’t have the capabilities to gather the type of data that Counter-Terror Financing (CTF) agencies do, they can disrupt the attempts of illegal organizations by blocking and rejecting suspicious transactions and allow assessment of data that might link illicit networks and laundering funds.

SOURCE Cobwebs Technologies

1 2 3 4
  • Sign up
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.
We do not share your personal details with anyone.