Law Enforcement Tools

Open Source Intelligence (OSINT) investigations often involve using a variety of tools and techniques to collect and analyze publicly available information. Here are some popular OSINT tools and resources that can be useful for conducting investigations:

  1. Search Engines: Traditional search engines like Google, Bing, and Yahoo can be powerful tools for gathering information. Utilize advanced search operators to refine your searches.
  2. Social Media Platforms: Use platforms like Twitter, Facebook, Instagram, and LinkedIn to gather information, but remember to respect privacy settings and terms of service.                                                                                                                    
  3. Search Engine Operators: Google Dorks and other search engine operators help you conduct advanced and specific searches to find relevant data.
  4. Maltego: This tool allows you to visualize and link information across various data sources, helping to create a graphical representation of relationships and connections.
  5. TheHarvester: It’s a tool for gathering email addresses, subdomains, hosts, employee names, open ports, and banners from different public sources like search engines, PGP key servers, and more.
  6. Shodan: A search engine for Internet-connected devices. It can be used to discover servers, routers, and other devices that are exposed to the internet.
  7. Wayback Machine: The Internet Archive’s Wayback Machine allows you to view past versions of websites. This can be useful for tracking changes and historical data.
  8. DNS Lookup Tools: Tools like DNSDumpster and DNSlytics can help you gather information about domains, IP addresses, and DNS records.
  9. WHOIS Lookup: Tools like WHOIS and DomainTools allow you to find information about domain ownership and registration.
  10. Email Verification Tools: Tools like Hunter and Verify-Email.org can help you verify email addresses.
  11. Geospatial Tools: Services like Google Maps and Google Earth can provide geospatial information. GIS tools can also be helpful for mapping and geospatial analysis.
  12. Data Mining Tools: Tools like Import.io and ParseHub can help scrape data from websites.
  13. Digital Forensics Tools: Tools like Autopsy and Sleuth Kit are useful for analyzing digital artifacts and extracting information from devices.
  14. Social Media Analysis Tools: Tools like Hootsuite, Brandwatch, and Social Mention can help you monitor and analyze social media content and trends.
  15. Public Records Databases: Websites like PublicData.com and the National Archives can provide access to a wide range of public records.
  16. Dark Web Tools: Tools like Tor and OnionScan can be used to access and monitor the dark web. However, be cautious when navigating the dark web due to its potentially illegal or harmful content.
  17. Custom Scripts and Programming: Some investigators develop custom scripts or use programming languages like Python to automate data collection and analysis.
  18. Cybersecurity Tools: Various cybersecurity tools, such as Nmap for network scanning or Wireshark for packet analysis, can be valuable for collecting technical data.

It’s important to note that while many OSINT tools are freely available, ethical and legal considerations should always be at the forefront of any investigation. Respect privacy, copyright, and terms of service when using these tools, and be aware of the laws and regulations governing OSINT activities in your jurisdiction. Always ensure that your investigations are conducted within legal and ethical boundaries.

https://osint.rocks/

https://www.hudsonrock.com/threat-intelligence-cybercrime-tools

Phone Number Investigation

 

 

Facebook: https://ru-ru.facebook.com/login/identify/
Twitter: https://twitter.com/account/begin_password_reset
Instagram: https://www.instagram.com/accounts/password/reset/
LinkedIn: https://www.linkedin.com/uas/request-password-reset
Google: https://accounts.google.com/signin/v2/identifier
MicroSoft: https://login.live.com/login.srf

https://sync.me/

USA number check

All in one search useful EPID

300+ tools V good OSINT

Several popular Telegram bots designed to check phone numbers against various leaks: https://avclick.me/v/AVinfoBot, https://gb.sbs/, https://t.me/QuickOSINT_Robot, https:// t.me/UniversalSearchBot.
 
 
Search for business entities on the map by phone number can be done through the service https://yandex.ru/maps/. Find registered Russian companies by phone number — follow the link https://e-ecolog.ru/phone/+123456789.
 
Using Google Dorks to Verify a Phone Number. One of the easiest ways to check is to use the Google phonebook located at the link: “https://www.google.com/search?hl=en&pb=r&btnG=Search+PhoneBook&q=+123456789“. Other search options can be external services: https://demo.phoneinfoga.crvx.fr/#/ and https://intelx.io/tools?tab=telephone.
 
 
 
These include such Western services as: Infotracer: https://infotracer.com/; Pipl: https://pipl.com/. Or Russian developments, for example, TelPoisk: https://интернет-розыск.рф/telpoisk
 
https://irbis.espysys.com/
 
 

Username Investigation

https://blackbird-osint.herokuapp.com/

https://whatsmyname.app/

https://www.social-searcher.com/

https://github.com/webbreacher/whatsmyname

https://t.me/osint_maigret_bot

https://github.com/soxoj/maigret

https://t.me/mailcat_s_bot

https://docs.google.com/spreadsheets/d/17f_O3qnKBDRJkIlpR2FEy4IugCpQS0m2tOMY0HK_qDc/edit?usp=sharing

http://www.likasoft.com/ru/document-search/

 

 

 

Email Investigation

 

Telegram Investigation

 

Google Search

  • Use a command site:t.me “search term” or site:telegram.me “search term” in the Google search bar. It brings results with the keyword in posts, hashtags, or links. Investigators can use all types of information as search terms, including names, emails, phones, social links, etc.
  • Use a command “t.me/joinchat” “search term”. It helps to find links to Telegram chats on other websites and social media with a keyword related to a specific topic.

Online Tools, General Search

  • Lyzem Search: the service finds information in channels, groups, bots, messages, and on Telegram’s blogging platform Telegraph
  • Custom Google Search Tools (Telegago, Commentgram, Osint Me, here, here): the engines look for the keywords in contacts, public and private channels and groups, Telegraph, messages, and bots.

Channels and Groups Search

Channels:

Groups:

Both Sources:

Bots for Investigations:

  • @BotoDetective: the bot allows to search for users using a phone number, name, social networks, email, password, or a photo
  • @TgScanRobot:the bot shows basic profile details and groups that a user is a member of
  • @username_to_id_bot: the bot helps to find IDs of users, groups, or channels
  • @userinfobot: this bot shows basic user’s info
  • @creationdatebot: this one shows a creation date of any account in Telegram

Investigators need to create an account to view non-public channels and groups. It’s recommended to use new SIM cards, VPNs, and if possible, new phones with no contacts on them. Telegram has many privacy settings that are needed to be enabled for any research.

Company Investigation

https://techjournalism.medium.com/osint-checklist-for-company-investigations-86c3752c095d

Military Intelligence Blog by Igor

https://medium.com/@ibederov_en/military-intelligence-using-osint-methods-4aae1df2d812

 

Google Dorks

Name: “<XXX XXX>” (☎ OR ☏ OR ✆ OR 📱)

"username*com"

Number:

https://www.google.com/search?hl=en&pb=r&btnG=Search+PhoneBook&q=+91XXXXXX

 

To find people within GitHub code:

site:http://github.com/orgs/*/people

online resumes of a person:
inurl:resume “john smith”
intext:resume “john smith”

people with a specific job title and location:
site:http://linkedin.com/in "<job title>" (☎ OR ☏ OR ✆ OR 📱) +"<location>"
Trello
site:http://trello.com password + admin OR username 


specific documents within a website or domain namesite:
<domain> filetype:PDF
Instead of ‘filetype:’ you can also use the abbreviation for extention, which is: ‘ext:’

XLS files within government websites:

filetype:xls site:.gov
filetype:"xls | xlsx | doc | docx | txt | pdf" site:.gov
filetype:"doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml"

Indexed documents that contain the phrase ‘confidential’ or ‘top secret’ within open Amazon S3 buckets:

site:http://s3.amazonaws.com confidential OR "top secret"

confidential login information within XLS files:

s3 site:http://amazonaws.com filetype:xls password

copies of databases via Google

ext:sql intext:”– phpMyAdmin SQL Dump”

Social Media

Tweet was shared on other media

"text of a tweet" -site:https://twitter.com

search messages and/or links for a specific username

@dutch_osintguy -site:twitter.com/dutch_osintguy


Important Operators
cache:<keyword> 
inurl:<keyword>
allinurl:<keyword>
site:<keyword>
intitle:<keyword>
allintitle :<keyword>
intext:<keyword>
allintext:<keyword>
filetype: <keyword>

Find files under a domain name:

<keyword> site:<website.com> filetype: pdf,xlsx,docx

Find all indexed pages for a specific domain:

site:<website.com>

Find subdomains for a specific domain:

site:<*.website.com> -www

Finding non HTTPS web pages:

site:<website.com> -inurl:https

 Social Media

Find social profiles or searching for a keyword from multiple websites at once:

<keyword> (site:facebook.com | site:twitter.com | site:linkedin.com)

Find open webcams

intitle:"webcamXP" inurl:8080

Find plain text passwords on Pastebin:

site:pastebin.com "@gmail.com password"

To find admin passwords:

site:pastebin.com "admin password"

Find vulnerability reports from multiple tools:

intitle:"report" ("qualys" | "acunetix" | "nessus" | "netsparker" | "nmap") filetype:html

Some other google dorks that you can use to find information about yourself or your website are:

  • <your_name> filetype:pdf
  • <your_name> intext:<phone_number> |<email> |<address>
  • site:<your_website> filetype:”doc | xls | txt | pdf”
  • ip:<your_servers_IP> filetype:”doc | xls | txt | pdf”

 

 


https://www.darkowl.com/