Gathering information about a person by FIRST NAME and LAST NAME
general approach to the search process;
basic automation techniques;
examples of tools.
🧵🧵🧵 (1/15)
#osint #socmint
general approach to the search process;
basic automation techniques;
examples of tools.
🧵🧵🧵 (1/15)
#osint #socmint
🧵(2/15)
Let's start with the easiest and fastest option. Use NAMINT from @seint_pl.
It will generate possible name variants and links to search for them in various search engines (+ possible emails and document search + social media accounts)
seintpl.github.io/NAMINT/
Let's start with the easiest and fastest option. Use NAMINT from @seint_pl.
It will generate possible name variants and links to search for them in various search engines (+ possible emails and document search + social media accounts)
seintpl.github.io/NAMINT/
🧵(3/15)
If the options suggested by NAMINT do not bring results (or your goal is to collect the MAXIMUM info), then you need a list of all possible nicknames based on the first and last name.
Here's a guide on how to do it from @Sox0j:
github.com/soxoj/username…
If the options suggested by NAMINT do not bring results (or your goal is to collect the MAXIMUM info), then you need a list of all possible nicknames based on the first and last name.
Here's a guide on how to do it from @Sox0j:
github.com/soxoj/username…
🧵(4/15)
When compiling a list of possible name variants do not forget that any, even the simplest name (eg John) can be derived from dozens of different names and have a dozen more diminutive variants
Find those for each name will help this site:
nameberry.com/search?q=john
When compiling a list of possible name variants do not forget that any, even the simplest name (eg John) can be derived from dozens of different names and have a dozen more diminutive variants
Find those for each name will help this site:
nameberry.com/search?q=john
🧵 (5/15)
If you've done well in the past stages, you have a long list of nickname variations based on first/last names.
github.com/soxoj/marple automate the search (it automatically prepends the inurl: operator to the query and collects links to the results in a text file)
If you've done well in the past stages, you have a long list of nickname variations based on first/last names.
github.com/soxoj/marple automate the search (it automatically prepends the inurl: operator to the query and collects links to the results in a text file)
🧵(6/15)
You can also use the above list together with tools to verify the existence of accounts with a certain nickname in social networks.
There are many of them: Sherlock, Maigret, BlackBird, Nexfil... Take your pick.
github.com/cipher387/osin…
You can also use the above list together with tools to verify the existence of accounts with a certain nickname in social networks.
There are many of them: Sherlock, Maigret, BlackBird, Nexfil... Take your pick.
github.com/cipher387/osin…
🧵(7/15)
It's also worth searching for different emails based on first and last names. This Google Sheet will help you generate them
(create a copy and enter the data you want in the first name, last name, and domain fields)
docs.google.com/spreadsheets/d…
It's also worth searching for different emails based on first and last names. This Google Sheet will help you generate them
(create a copy and enter the data you want in the first name, last name, and domain fields)
docs.google.com/spreadsheets/d…
🧵 (8/15)
Once you have a list of emails, you need to sort out the non-existent ones. To do this, there are dozens of online services to check one by one and dozens of APIs to automate this process.
Just for example:
email-checker.net
eva.pingutil.com
Once you have a list of emails, you need to sort out the non-existent ones. To do this, there are dozens of online services to check one by one and dozens of APIs to automate this process.
Just for example:
email-checker.net
eva.pingutil.com
🧵(9/15)
It is also worth looking at accounts in various social networks, which are registered to email addresses from the list. You can do this with the well-known tool Holehe from @palenath.
github.com/megadose/holehe
It is also worth looking at accounts in various social networks, which are registered to email addresses from the list. You can do this with the well-known tool Holehe from @palenath.
github.com/megadose/holehe
🧵 (10/15)
Keep in mind that almost any command line tool can be run automatically many times in a row for a whole list of arguments (in our case name variants) using the XARGS utility.
In this thread I explain in detail how to use it:
Keep in mind that almost any command line tool can be run automatically many times in a row for a whole list of arguments (in our case name variants) using the XARGS utility.
In this thread I explain in detail how to use it:
https://twitter.com/cyb_detective/status/1544266830637940736
🧵 (11/15)
There are many universal sites to search for people by first and last names, but I would advise you to BE WARNING of them.
They often contain outdated and inaccurate data for which they charge money.
Only go to them when you have tried the freely available tools.
There are many universal sites to search for people by first and last names, but I would advise you to BE WARNING of them.
They often contain outdated and inaccurate data for which they charge money.
Only go to them when you have tried the freely available tools.
🧵 (12/15)
When searching by first and last name, don't forget the state websites with data from individual countries and cities:
- company and taxpayer registries;
- election data;
- court records and civil registries;
- etc.
Look up this map:
cipher387.github.io/osintmap/
When searching by first and last name, don't forget the state websites with data from individual countries and cities:
- company and taxpayer registries;
- election data;
- court records and civil registries;
- etc.
Look up this map:
cipher387.github.io/osintmap/
🧵(13/15)
If you are looking for a person from Russia, Ukraine and other former Soviet countries, try Telegram #osint bots (based on data from leaks)
This is not exactly a legal method and these bots are blocked all the time. Up-to-date links can be found at @HowToFind_bot
If you are looking for a person from Russia, Ukraine and other former Soviet countries, try Telegram #osint bots (based on data from leaks)
This is not exactly a legal method and these bots are blocked all the time. Up-to-date links can be found at @HowToFind_bot
🧵(14/15)
Using the methods described above, you are sure to find social media accounts belonging to the target person.
The tools for collecting account data for each specific social network can be found in my collection of tools for #osint:
github.com/cipher387/osin…
Using the methods described above, you are sure to find social media accounts belonging to the target person.
The tools for collecting account data for each specific social network can be found in my collection of tools for #osint:
github.com/cipher387/osin…
🧵 (15/15)
Also, when searching for information about a person by first and last name, you may have to deal with Google. Read this thread about how to automate and make working with this search engine more efficient:
Also, when searching for information about a person by first and last name, you may have to deal with Google. Read this thread about how to automate and make working with this search engine more efficient:
https://twitter.com/cyb_detective/status/1471791943592067076
@threader compile
@threadreaderapp unroll
@threadrip unroll
@PingThread unroll
@threadreaders unroll
@TurnipSocial save
@readwiseio save thread
@tresselapp save thread
@rattibha unroll
@getnaked_bot unroll
@threadreaderapp unroll
@threadrip unroll
@PingThread unroll
@threadreaders unroll
@TurnipSocial save
@readwiseio save thread
@tresselapp save thread
@rattibha unroll
@getnaked_bot unroll
• • •
Missing some Tweet in this thread? You can try to
force a refresh
