Methodology

Gap Analysis & others

# In OSINT - Analytical mind
# Ask a lot of questions : Who, What, When, Where, Why, and How

# Be Curious and Craft a Storyline

# Use Gap Analysis
shttps://nixintel.info/osint/using-gap-analysis-to-keep-osint-investigations-on-track/
1. What do we know ?
2. What does the information mean?
3. What do I still need to know?
4. How do I find out?

# Reflect on failures but also wins
1. What part is taking the most time?
2. Is this necessary for the investigation?
3. What could I change in my process?
4. Could any part be automated?
5. Who could I ask for input/advice?


Preserving data & recover

# Great post, presenting why it's important and some tools
https://nixintel.info/osint/the-attrition-of-information-in-osint-why-acting-quickly-matters-and-how-to-recover-when-you-dont/
# Preservation tools

# Screenshots
# --> Fireshot (extension)
# --> Shutter (Linux)
# --> Snipping Tool (Windows)

# Saving a web page
https://tweetbeaver.com/ # Twitter
https://pypi.org/project/twint/ # Twitter

https://archive.is/ 
https://www.httrack.com/page/1/en/index.html

https://mrs0m30n3.github.io/youtube-dl-gui/ # Not only Youtube

# Complete Browser
http://osirtbrowser.com/?LMCL=J79jsX
# Recovery Tools

# Google Cache
# Time parameter search can also filter

# Wayback Machine
https://archive.org/

# Reddit
https://www.resavr.com/
https://snew.notabug.io/r/all


Storing and indexing local data

# Tools like recoll can help to index gathered data and to fastly search for them locally
https://doc.ubuntu-fr.org/recoll
https://www.lesbonscomptes.com/recoll/


Investigate a website (crosspost Domains & URL)

# Thread by Aware Online about some website investigation methodology
https://twitter.com/aware_online/status/1308312883248467975

# 1 - Tactical informations
# 2 - WHOIS
# 3 - Archives
# 4 - Text
# 5 - Reverse Image Search
# 6 - Images and EXIF data
# 7 - Source code
# 8 - Others TLD
# 9 - Mentions of target
# 10 - Check infos via RSS
# 11 - SSL certificates
# 12 - Robots/Sitemap
# 13 - Port scans
# 14 - Reverse IP lookup
# 15 - Reverse DNS lookup
# 16 - Monitoring changes
# 17 - Malware check


Workflow

Domain

OSINT Domain

# This one is good too
https://twitter.com/sinwindie/status/1251320697370095617?s=20
@sinwindie

OSINT Domain

E-mail

OSINT E-mail

Username

OSINT Username

Real Name

OSINT Real Name

Phone

OSINT Phone

Location

OSINT Location