Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏 Profile picture
πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏
@OSINT_Tactical
2x @Tracelabs OSINT Gold πŸ₯‡& 3x Silver Badge πŸ₯ˆ | https://t.co/I4WnSSr9tV

Oct 17, 2022, 8 tweets

🧡Thread! 1/8 : @jakecreps asked about what OSINT can be gathered using DevTools. One of my favorites is using Google Reviews to see what date a subject was in a location, file name used, upload time and date.

#OSINT #devtools #browser #sourcecode

🧡2/8 : The techniques within this thread are to be used on Google Reviews, the intelligence gathered can't be seen or obtained without using Dev Tools, the first initial work on this came from @BanPangar, whom I assisted in the final steps for the different dates understanding.

🧡3/8 : Let's start with my chosen photo which is a cup of coffee. Using exiftool, we can see the photo was taken on the 27th of September 2022 at 17h57 +2 GMT. *I will change the file name to "ilovgoogle"

🧡4/8 : The photo was posted on the company page, quite amazing and not really relevant but only a few seconds after posting, 12 people had already viewed the photo. Kind of strange at this time of night. But nice to be followed, even during dark hours....😎

🧡5/8: Now let's get down to business on this photo, let's see what Google does. By clicking on the photo, we can see Google does read Exif/Metadata, the date of visit to the company has not been put as 18/10/22, it shows September, even though this photo was posted just mins ago

🧡6/8 : Now it's getting very interesting!
1. inspect element --> 2. Network --> 3. img --> 4. click on the photo --> 5. headers
Guess what!"ilovgoogle" is there, Google doesn't clean file names, imagine you don't have a name for the subject, and you get "Dave_at_work"😈

🧡 7/8: Also try: 1. Go to Fetch/XHR (this technique was found by @BanPangar) --> 2. Look for files that start with V1? and double click --> 3. You will get a file in your downloads named photometa.js
--> Open the file however you wish to open it (.txt or chrome etc...)

🧡 8/8: To finish up, let's take a look at the photometa JS file and analyse what's in there. The first date is the date the photo was taken, second date is the upload date and time in GMT. See attached screenshot with the full info. Maybe we can make a script @GONZOs_int 😎

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling