š Welcome to the 90th issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. Hereās an overview of this issue:
-
Investigating GitHub profiles
-
You can change your Gmail address?
-
Nano Banana ruining the internet
-
Local AI inside of GitHub OSINT tools
-
Deobfuscating Telegram messages
-
Face recognition reverse image search
Over the past few weeks we have posted 6 CTF challenges as part of the OSINT Newsletter CTF. A new challenge is now live on the CTF website. You can sign up and compete now.
Here are the answers to those challenges:
Operation Jaguar
Challenge #1: The Jaguar Building – Google Lens on the building locates it as the Cartier shop in London.
Challenge #2: The Mystery Car – Reg plate obtainable from user submitted 360 view footage from Google Maps.
Challenge #3: Vehicle Attribution – Information available from the UKās MOT website.
Challenge #4: Looking Back – Vehicle damage history (partially) available from MOT website.
Operation X
Challenge #1: Twitter Account Geolocation – Using the CLI tool to export the data, 60% of the recent RTās come from Europe or European counties.
Operation History
Challenge #1: Past is Prologue – Using wayback machine we can find the earliest recorded snapshot of the osintpodcast.com. Then, using developer tools to view the source code of the page we can see multiple mentions of āassets.buzzsprout.comā and other code snippets mentioning the Buzzsprout service.
šŖ If you missed the last newsletter, hereās a link to catch up.
ā” Investigating X Account Locations at Scale
šļø If you prefer to listen, hereās a link to the podcast instead.
Letās get started. ā¬ļø
š° GitHub Commit History is Misleading
This is not OSINT-related per se; however, if you discover a GitHub profile during your investigation that seems to be dormant (the commit history is completely gray), you might be making a mistake. Before closing your tab, make sure to look at all of the commit history and other activity first.
Turns out, contributions to branches other than main don't show up in the contribution graph (until you merge). Good to know for anyone else wondering why their activity isn't reflected accurately! š© H/T: Emrah Nazif
š° You may soon be able to change your Gmail address
Soon, Gmail users might be able to change their email address. This is pretty significant considering that, similar to usernames, the uniqueness of an email address as a personal identifier might be weakened, specifically with Gmail.
A Google support page in Hindi says the feature is "gradually rolling out to all users."š© H/T: Will Shanklin
š° Nano Banana Pro vs AI Detection; Whoās the human here?
In September, I wrote a post about testing AI detection against existing models. Googleās Nano Banana was released in August and itās becoming a big problem. Jonathan tests out the new model against existing detection models I didnāt cover in my previous issue.
š© H/T: Jonathan Hatzbani
š Godās Eye
AI is so accessible that itās even making its way into free OSINT tools. Godās Eye is a subdomain enumerator (among other features) that uses a local AI (Ollama) to do analysis for vulnerabilities and produce reports.
Zero-cost local AI with Ollama for intelligent vulnerability analysis, CVE detection, and executive reports. 100% private.š© H/T: Vyntral
š Telegram Spoiler Decoder
If youāre on a Mac, the Telegram can display text that looks like braille. Itās a unique way of obfuscating text; however, like other methods, you can still reveal the plaintext behind it.
Telegram client on MacOS sometimes displays text under spoiler as pseudo-braille characters. In such cases, if you share your screen or take a screenshot, the hidden text can be recovered!š© H/T: Soxoj
š Surfface
Surfface is another reverse image search that uses face recognition to identify people. With Pimeyes and Facecheck.id going behind the paywall, investigators on a budget are always looking for new tools that donāt require a card on file (or a crypto transaction).
šļø You have to spoof your location to use the tool. I set my VPN to a Russian IP.
ā Thatās it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, youāll get access to the following:
ā” Why OSINT Certifications Arenāt Worth It and What to Do Instead
š All paid posts in the archive. Go back and see what youāve missed!
š If you donāt have a paid subscription already, donāt worry thereās a 7-day free trial. If you like what youāre reading, upgrade your subscription. If you canāt, I totally understand. Be on the lookout for promotions throughout the year.
šØ The OSINT Newsletter offers a free premium subscription to all members of law enforcement. To upgrade your subscription, please reach out to LEA@osint.news from your official law enforcement email address.
