OPSEC

[WIP]

Resources

https://github.com/devbret/online-opsec/
https://anonymousplanet.github.io/thgtoa/guide.html


Technical OPSEC

# Simple data analysis (headers, OS...)
https://amiunique.org/fp

# Creating profile pictures for sock
# Mixing two pictures
https://twitter.com/OSINTgeek/status/1258857825868156930?s=19
https://www.artbreeder.com/

# Email providers comparison
https://www.privacytools.io/providers/email/

# Compilation of great ressources
https://shutuptrackers.com/index.php

# Windows 10 Tracking
https://github.com/10se1ucgo/DisableWinTracking

# Firefox Configuration Posts
https://daring-india-marten-972.medium.com/osint-comment-naviguer-en-eaux-troubles-32f11ab985ac


# Image Cloaking for Personal Privacy
# Fawkes takes your personal images and makes tiny, pixel-level changes that are invisible to the human eye
# if and when someone tries to use these photos to build a facial recognition model
# "cloaked" images will teach the model an highly distorted version of what makes you look like you
http://sandlab.cs.uchicago.edu/fawkes/
# Lycamobile can be used to get a Burner SIM / phone number
https://www.lycamobile.fr/fr/


Watermarking sent documents

https://twitter.com/_trou_/status/1313951783182651393?s=19

# Watermarking documents sent over the Internet can help for identification if they leak
# You can watermark using the company and date for example
# Not perfect as it can be removed !

# In case of text watermarking it can be done through this
# $1 = source file
# $2 = watermark text
# $3 = destination file
convert -density 150 -fill  "rgba(255,0,0,0.25)"  -gravity Center -pointsize 80 -draw "rotate -45 text 0,0 \"$2\""  "$1" "$3"

# Repeated text
$ convert original.png \( -background none -pointsize 35 -fill "rgba(255,0,0,0.30)" label:"TEXT" -rotate -45 -write mpr:tile +delete \) \( +clone -tile mpr:tile -draw "color 0,100 reset" \) -compose over -composite watermarked.png


Browser Configuration

# Some resources
https://daring-india-marten-972.medium.com/osint-comment-naviguer-en-eaux-troubles-32f11ab985ac
https://openfacto.fr/2019/09/01/firefox-iv-securiser-un-peu-plus-sa-navigation/
https://medium.com/@mattybv3/firefox-browser-settings-configuration-and-add-ons-extensions-for-privacy-security-and-osint-114e76d8a468
https://proprivacy.com/privacy-service/guides/firefox-privacy-security-guide
https://www.maketecheasier.com/28-coolest-firefox-aboutconfig-tricks/
# Profiles

# You can first segment your browing by using different profiles
about:profiles
# Preferences

# DNS over HTTPS (DoH)
# General > Network
network.trr.mode = 2
network.trr.uri = your resolver
# Cloudflare or Quad9 (https://dns.quad9.net/dns-query)
# Config

# ESNI (Hide sites to your ISP)
network.security.esni.enabled = true

# Disable copy/paste blocking
dom.event.clipboardevents.enabled = false

# Disable WebRTC
# You can switch using an add-on
media.peerconnection.enabled = false

# Auto start the private mode
browser.privatebrowsing.autostart = true

# Disable the Google safebrowing feature
# Job already done by add-ons
browser.safebrowsing.phishing.enabled = false
browser.safebrowsing.malware.enabled = false

# Don't send report to Mozilla
datareporting.healthreport.uploadEnabled = false

geo.wifi.uri ?
geo.enabled ?

# Disable referer forwarding
# Can break some sites
network.http.sendRefererHeader = 0
network.http.sendSecureXSiteReferrer = false

# Preload embedded links when visiting a page
network.prefetch-next = false

# Get sources in an external editor
view_source.editor.external = true
view_source.editor.path = "C:\Program Files\Sublime Text 3\sublime_text.exe"