Using OSINT to Investigate School Shooters

https://www.linkedin.com/in/joas-antonio-dos-santos
Introduction
Monitoring Social Medias

https://www.osinttechniques.com/osint-tools.html
How to Conduct Person of Interest Investigations Using OSINT and
Maltego

https://www.maltego.com/blog/how-to-conduct-
person-of-interest-investigations-using-osint-and-
maltego/
How to Conduct Person of
Interest Investigations Using
OSINT and Maltego
How to Conduct Person of
Interest Investigations Using
OSINT and Maltego
Examining your Digital
Profile and Social Media
Footprint

https://www.maltego.com/blog/beginners-guide-
examining-your-digital-profile/
Examining your Digital
Profile and Social Media
Footprint
4Chan OSINT

https://github.com/malavmodi/4Chan
-Scraper
4Chan Image OSINT

https://github.com/graysonpike/python-4chan-scraper
4chans OSINT - Materials

https://search4chan.org/

https://archived.moe/

https://www.youtube.com/watch?v=DBJIkR3DmU0&ab_channel=JessWerks

https://andreafortuna.org/2017/03/15/osint-the-secret-weapon-of-4channers/
Geolocation Techniques – Social Media

https://reveal-mklab.iti.gr/reveal/ Features a multitude of images tampering detection algorithms as well as metadata analysis,
geolocation, thumbnail extraction and integration with Google reverse image search.)

• http://www.geocreepy.com/ (Creepy is a platform for OSINT geolocation. Creepy can assist in gathering geolocation-related information
from online sources and enables map presentation, search filtering based on exact location and date, comma separated value (CSV) or XML
export for further review on Google Maps. Searches for Twitter, Flickr, and Instagram are currently sponsored by Creepy. It extracts
geolocation based on image-saved EXIF information, geolocation information accessible through the application programming interface (
API), and some other techniques.)

• https://github.com/laramies/metagoofil (Metagoofil is an information gathering tool designed for extracting metadata of public documents
(pdf, doc, xls, ppt, doc, ppt, xlsx) belonging to a target company. Metagoofil will perform a search in Google to identify and download the
documents to local disk and then will extract the metadata with different libraries like Hachoir, PdfMiner and others. With the results, it
will generate a report with usernames, software versions and servers or machine names that will help Penetration testers in the
information gathering phase.)
Geolocation Techniques – Social Media

https://www.spiderfoot.net/

• https://github.com/radioactivetobi/geo-recon (Geo-Recon is an OSINT command-line interface (CLI) tool which is designed to fast track IP
Reputation and Geo-location lookup for Security Analysts. It will provide the following details:- Country, Region, City, Organisation, ISP. With
the inbuilt reputation check we will be able to see Domain Name, Hostname, Usage type, Confidence of abuse, Number of times reported,
last reported and whitelisted. It will also provide us with the information that whether the IP address is malicious or not.)
Geolocation Techniques
– Social Media

https://github.com/rquinliv
an/iplogger
Geolocation Techniques – Social Media (Other Tools)

→ InVid

→ Google Lens

→ Overpass Turbo

→ Mapillary

→ KartaView

→ CarNet

→ WorldLicensePlates.com

→ VehicleHistory.com

→ Poctra

• Whatismyipaddress

• Utrace
Geolocation Techniques – Social Media (Other Tools)

• IPChicken

• IPAddress

• MyIP

• IPTracker

• LiveIP Map

• GeoBytes

• ViewDNS

• DomainIQ Reverse IP

• DomainTools Reverse IP

• Whoisrequest Reverse IP

• Whatismyipaddress IP Lookup

• UltraTools Whois IP Lookup

• IP2Location

• GeoIPTool
Dark Web Investigation – Dark vs Deep

→ Unlike the surface web, these two layers represent the non-indexed content available on the internet. This means it can’t be found with your
common Google search, however, there are substantial differences between the deep and the dark web.

→ For instance, unlike the dark web, the deep web doesn’t require a particular browser to be accessed. Still, its contents can’t be identified, tracked, or
crawled by standard search engines because they’re either password-protected or kept behind specific internet services. The data contained within
our email inboxes, online banking services, and even job intranets are examples of the deep web. And, as you can imagine, this data is usually only
available to the user and the service providers, unless specific allowances for investigators are made in the terms of assist services, for example,
criminal investigations.

→ The dark web, on the other hand, is comprised of websites that are only accessible via internet services such as The Onion Router (TOR). One of
the main differences between Google and TOR is the composition of the URLs they take in, where the ones used to access dark web content use
obfuscating techniques, making them almost impossible to guess, remember, or understand. Additionally, the content in the dark web is primarily
hosted anonymously and heavily encrypted, providing extra layers of protection against tracing and identification.

→ Oftentimes, whatever information is stolen from the deep web (passwords, privileged data) ends up being sold on the dark web. However, not
everything that transpires there is of a criminal nature. Journalists, activists, and politicians working and reporting under corrupt or totalitarian
regimes use it to gather, collaborate, and exchange information without fear of being harassed or prosecuted.

→ https://www.youtube.com/watch?v=BdJ6mrDh9Lw&ab_channel=SocialLinks
Dark Web Investigation

• IACA Tools

• Darknetlive

• The Hidden Wiki

• OnionScan

• Hunchly Hidden Service Reports

• Torch

• Not Evil

• Onion.link

• Ahmia.fi
AI for Image
Processing

https://www.apriorit.com/dev-blog/599-ai-for-
image-processing
AI for Image
Processing
WEAPON
EXAMPLE

https://www.theregister.com/20
22/06/28/computer_vision_scho
ol_guns/
Reverse Image Search

https://www.osintcombine.com/reverse-image- • FotoForensics
analyzer
• Forensically

• Google Images

• Bing Images

• Yandex Images

• Baidu Images
https://www.osintessentials.com/search-by-image
• Tineye
• Jeffrey's Image Viewer
• Image Identify by Wolfram
• ExifTool by Phil Harvey
• Karma Decay
• Metapicz
• Pictriev
• IrfanView

• Find Exif Data

https://thatsthem.com/

https://www.numlookup.c
om/

https://discordlookup.com/

https://instantusername.co
m/#/
Doxing and Personal
Information OSINT

https://www.digitalocean.co
m/community/tutorials/ngin
x-access-logs-error-logs

https://www.sumologic.com
/blog/apache-access-log/

https://github.com/nordicgian
t2/awesome-landing-page

→ https://github.com/dekrypted
/discord-image-logger
Doxing and Personal
Information OSINT

https://www.in911.net/uploa
ds/6/5/9/0/65907603/att_wire
less_exigent_form.pdf

https://www.in911.net/uploa
ds/1/2/4/9/124957688/exigen
t_form.pdf

https://www.xfinity.com/-
/media/4231839e374c4f618b
2d34004d50987c
Doxing and Personal
Information OSINT

https://github.com/Defaulti
k/sms_spoofer

https://github.com/vpn/SM
SSpoof
Extra Resource – Prepare your Environment OSINT

https://www.maltego.com/blog/how-to-use-maltego-transforms-to-map-network-infrastructure-an-in-
depth-guide/

https://www.maltego.com/blog/beginners-guide-to-maltego-setting-up-maltego-community-edition-ce/

https://www.maltego.com/blog/mapping-visual-disinformation-campaigns-with-maltego-and-tineye/

https://www.maltego.com/blog/data-at-your-fingertips-which-data-is-included-in-your-maltego-plan/

https://www.maltego.com/blog/maltego-data-integrations-got-bigger-and-better/

https://github.com/louisbarrett/ElasticMaltego

https://catalyst256.medium.com/maltego-metasearch-engines-e08e64b0912

https://www.tracelabs.org/initiatives/osint-vm
Extra Resource – Create Sock Puppet

https://www.cybervie.com/blog/what-is-sock-puppets-in-osint-how-to-create-one/

https://www.youtube.com/watch?v=Zf155HW5Qp0&ab_channel=TheCyberMentor

https://www.youtube.com/watch?v=3KPO58wkw7M&ab_channel=TraceLabs

https://hackernoon.com/how-to-make-sock-puppet-accounts-for-osint-in-2021-12r33gs

https://ztrkouzhan.medium.com/the-mega-sock-puppets-tutorial-for-osint-af3bd29dd5fc

https://www.maltego.com/blog/creating-sock-puppets-for-your-investigations/

https://securityboulevard.com/2022/09/the-benefits-of-sock-puppets-in-open-source-intelligence-
osint/
Extra Resource – Social Media Investigation

https://github.com/OhShINT/ohshint.gitbook.io/blob/main/Lists_of_OSINT_Web_Resources/1-Complete-List-of-OSINT-Web-Resources.md#social-media-
intelligence-socmint

https://www.youtube.com/watch?v=sXn1GBgSpUQ&ab_channel=GaryRuddell

https://www.youtube.com/watch?v=F6l2Bmh7Dq4&ab_channel=DavidBombal

https://www.youtube.com/watch?v=uBynB50liTw&ab_channel=TheCyberMentor

https://www.youtube.com/watch?v=KdZvxxLsN3E&ab_channel=NetworkChuck

https://www.youtube.com/watch?v=KTVHRdSFBJU&ab_channel=CodyBernardy

https://www.youtube.com/watch?v=_mvwiFKB8L8&t=4s&ab_channel=SystemExploited

https://www.youtube.com/watch?v=TUQ4AbUNmeI&ab_channel=CodyBernardy

https://www.youtube.com/watch?v=NWyqSbnsvGU&ab_channel=NetworkChuck

https://www.youtube.com/watch?v=ImWJgDQ-_ek&ab_channel=DavidBombal

https://www.youtube.com/watch?v=2puBmXfi9Z0&ab_channel=Freethink

https://www.youtube.com/watch?v=0TY2ajnmivA&ab_channel=Moss%C3%A9CyberSecurityInstitute
Extra Resource – Geolocation OSINT

https://www.youtube.com/watch?v=CWMF8Bx_Lyk&ab_channel=Nattic

https://www.youtube.com/watch?v=4Hkdxnqz1mg&ab_channel=OSINTDojo

https://www.youtube.com/watch?v=IXacf6_R6HU&ab_channel=Elysium

https://www.youtube.com/watch?v=OsY32K1s51Y

https://www.youtube.com/watch?v=BjZso0nA2bE&list=PLtoC6Cd29__VS01w1pzjqmhGMh_LECsi7&
ab_channel=OSINTDojo

https://www.youtube.com/watch?v=SMxya-M6KhU&ab_channel=CodyBernardy
Extra Resource – Image Search

https://www.youtube.com/watch?v=9TW82ZELLx0&ab_channel=FourZeroThree

https://www.youtube.com/watch?v=0uoJKlyGpbo&ab_channel=SANSCyberDefense

https://www.youtube.com/watch?v=YkUnuouRhuE&ab_channel=GaryRuddell

https://www.skopenow.com/resource-center/image-based-osint-investigations-tips-techniques

https://github.com/jivoi/awesome-osint#-image-search
Extra Resource – Personal Information

https://github.com/infomaven/personal-osint/blob/master/resources.md

https://www.youtube.com/watch?v=F5DaPt4W5Oo&ab_channel=SANSCyberDefense

https://haywoodhunt.ca/understanding-osint-and-the-power-of-public-records/

https://www.skopenow.com/news/what-is-osint-how-to-conduct-investigations-with-open-source-data

https://thatsthem.com/challenge?r=%2F

https://nixintel.info/osint/12-osint-resources-for-e-mail-addresses/

https://allabouttesting.org/quick-tutorial-email-osint/

https://www.aware-online.com/en/osint-tools/email-address-tools/

https://github.com/topics/email-osint

https://www.youtube.com/watch?v=SSV9vDX9tfc&ab_channel=CyberSudo

https://www.youtube.com/watch?v=WW6myutKBYk&ab_channel=NullByte

https://hackcontrol.org/OSINT/Phone_numbers.html

https://hakin9.org/uncovering-data-from-phone-numbers/

https://github.com/spider863644/PhoneNumber-OSINT
Threat Reporting

https://www.schoolsafety.gov/threat-assessment-and-reporting

https://ociac.ca.gov/default.aspx?menuitemid=68&AspxAutoDetectCookieSupport=1

https://www.fbi.gov/file-repository/stats-services-publications-school-shooter-school-shooter/view

https://swiftshield.com/blogs/news/9-tips-for-what-to-do-in-a-school-shooting

https://www.nytimes.com/2018/02/16/us/survive-active-shooter.html

https://www.dhs.gov/xlibrary/assets/active_shooter_booklet.pdf
Awareness

https://www.youtube.com/watch?v=2zfiQAk927s&ab_channel=TheOhioStateUniversity-
Administration%26Planning

https://www.youtube.com/watch?v=9qyD7vjVfLI&ab_channel=syracuse.com

https://www.youtube.com/watch?v=OP7l1n_8Lh4&ab_channel=TowsonUniversity

https://www.youtube.com/watch?v=A8syQeFtBKc&ab_channel=SandyHookPromise

https://www.youtube.com/watch?v=T254_J8Vcvw&ab_channel=SandyHookPromise

https://www.netflix.com/title/81349306