OSINT tools and techniques

Open-source intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context. In the intelligence community, the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources).

CREEPY
Most of us are addicted to social networks, and image sharing is one of the most utilized
features of these platforms. But sometimes when we share these pictures it’s not just the
image that we are sharing but might also the exact location where that picture was taken.
Creepy is a Python application which can extract out this information and display
the geolocation on a map. Currently Creepy supports search for Twitter, Flickr, and
Instagram. It extracts the geolocation based on EXIF information stored in images,
geolocation information available through application programming interface (API),
and some other techniques.
It can be downloaded from

Image for post
Image for post

We simply need
to select the version according to our platform and install it. The next phase after
installation of Creepy is to configure the plugins that are available in it, for which
we simply need to click on the Plug-in Configuration button present under the edit
tab. Here we can select the plugins and using their individual configuration wizard
configure them accordingly. Once the configuration is done we can check whether it
is working properly or not using the Test Plugin Configuration button.

After the configuration phase is done, we can start a new project by clicking on
the person icon on the top bar. Here we can name the project and search for people
on different portals. From the search results we can select the person of interest and
include him/her in the target list and finish the wizard. After this our project will be
displayed under the project bar at the right-hand side.

Image for post
Image for post

Now we simply need to select our project and click on the target icon or right
click on the project and click Analyze Current Project. After this Creepy will start
the analysis, which will take some time. Once the analysis is complete, Creepy will
display the results on the map.

Image for post
Image for post

Now we can see the results in which the map is populated with the markers
according the identified geolocation. Now Creepy further allows us to narrow down
these results based on various filters.

Image for post
Image for post

The results that we get from Creepy can also be downloaded in the form of CSV
file and also as KML, which can be used to display the markers in another map.
Creepy can be used for the information-gathering phase during a pentest
(
penetration test) and also as a proof-of-concept tool to demonstrate to users what
information they are revealing about themselves.

Written by

Blogger | Security Researcher | Digital forensic analyst | Twitter — @mrunal110

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store