Another week, another workflow. This week we’re going to look at how to make images for your sock puppet accounts that can beat deep fake and face swap checks as well as some bonus tips.
Let’s go!
(1/9)
Step 1: Download a GAN Images
We’re going to need a convincing GAN to get started. You can go to generated.photos or you can go to thispersondoesnotexist.com. Try to find a GAN that has a portrait view and doesn’t have glasses or a lot of facial hair (male).
(2/9)
Step 2: Remove Background from GAN
Go to remove.bg and remove the background from your GAN. We want to eliminate any noise that will prevent us from using this image in later steps.
Another week, another set of tools. This week we’ll discuss deep fakes, YouTube geolocation search, and data extraction. This will be a good prep for the sock puppet edition of #OSINT Workflow Wednesday tomorrow.
Let’s go!
(1/5)
The first #OSINT tool is called Sensity. I heard about this through a tweet from @JaneLytv. This is a great tool for testing your sock puppet accounts to see if you can beat autodetection. More on that tomorrow for OSINT Workflow Wednesday.
The second #OSINT tool is a geolocation search tool for YouTube videos. Simply input the location and radius, keywords, and timeframe in and see the results you’re looking for. Very useful for location-specific investigations and monitoring.
Another week, another workflow. This week we’ll take a look at how to build a basic bookmarklet to automate OSINT searches using #javascript. This will be ground floor level stuff, don’t worry!
Let’s go!
(1/9)
Step 1: Create an option for input
Start a new #javascript file and create a variable to accept input for usernames. This will create a prompt when you click the bookmarklet which we'll use to automate our process.
var username = prompt("Enter a username: ");
(2/9)
Step 2: Plug that username into a URL
Create a new variable called fb and add the URL of the site you want to check. This will append the username to the end of the URL which is Facebook in this example.
Another week, another set of tools. This week is a low tech week but we'll look at data set search engines and what to look for, tools for identifying scams and typosquatting, and finally, #OSINT for Github.
Let's go!
(1/6)
The first #OSINT tool is Dataset Search by Google. I've been working with datasets a lot lately and stumbled across this. Try searching for things like "webcams" or "cctv" to see the depth of what types of data you can work with.
The second #OSINT tool is called Registered Domain Names Search. It seems very basic; however, by searching for keyword only, you can find a ton of phishing prospects. They also have an API for extended results. Try searching for "facebook".
Another week, another workflow. This week we’re going to look at YouTube and how to deconstruct videos, analyze the outputs, and apply automation and AI-lite to the results at scale.
Let’s go!
(1/10)
Step 1: Select a Video of Interest
Go to YouTube and find any video. Don’t pick anything too long for this workflow because it’ll be difficult to work with. Keep it under 15 minutes or 200 mb if you can. Great use cases are wartime videos, human rights violations, etc.
(2/10)
Step 2: Download the Video
You can inspect the element and extract the video, use a Python script, or use a web app. I’ll recommend a quick web app called YT1s that allows you to put in a YouTube link and download the video.
Another week, another set of tools. This week let's look at Snapchat, Google Earth, and YouTube today. This will include 2 #python tools and 1 web app. Shall we?
(1/5)
The first #OSINT tool is made by @djnemec and it's a #python tool called Snapchat Story Downloader. It allows you to create a db of locations of interest then extract Snapchat stories from those locations indefinitely. Classifier too. Great!
The second #OSINT tool is a #python tool I made in response to @raymserrato who was looking to automate screenshot capturing of Google Earth. Earthshot will open and screenshot a list of coordinates you specify on a CSV. It's slow though!