Monitoring ships and OSINT sources for anomalous patterns may lead you to vessels that are violating sanctions, smuggling drugs, trafficking humans, performing navy maneuvers, and engaging in illegal fishing. Understanding the pattern of life within maritime activity will enrich your data collection and overall investigation.

It can be tricky to determine what vessels deserve a deeper look without having experienced consistent monitoring of vessel traffic. I have compiled a few key activities that may help you narrow down your search.

Monitor reflagging of vessels


Why is port analysis important to us as OSINT Analysts? There is an increasing need for the overall surveillance and analysis of maritime ports due to the increase in global trade, smuggling of goods/people, COVID tracing and medicine transport, terrorism, and shipbuilding/breaking. The intention of this writeup is not to wax poetic about maritime tools, but rather to inspire some outside the box thinking and methodologies that may assist in your investigations.

Before we dive in, let’s define what a port is and what happens there. A port is a location where vessels can load/unload various cargo and people. Special…


FOCA, which stands for (Fingerprinting Organizations with Collected Archives) is a pretty nifty tool I use for collecting documents from a target domain and analyzing metadata found within them. Some may argue there are other tools that do this better, and that may very well be true. However, I like the interface for FOCA and because it is run on a Windows system it has a relatively low barrier for learning how to use it.

FOCA runs searches on your domain through Google, Bing, and DuckDuckGo, looking for various filetypes including doc, pdf, xls, Powerpoint, and even Adobe. The metadata…


As an analyst, using points of reference in the surroundings of a photo is not a new concept. Verifying a photo or video often comes down to tracking down city skylines, mountain/land horizons, and street names. However, I began to wonder how difficult it would be to use natural clues to tighten the scope of a location on both a national and global scale.

I have seen survivalists on TV navigate through the deep woods using only their knowledge of plants and sun charting. If they can do it, I thought maybe similar skills could be used to verify images…


On a recent episode of OSINT Curious I had the pleasure of discussing disinformation investigations with the brilliant Jane Lytvynenko from BuzzFeed. Since the webcast, I have become enthralled with learning how to track and analyze Twitter bots and investigate disinformation campaigns. I am certainly no Jane Lytvynenko, but I wanted to openly work through some of the methodologies I am learning which in turn may help other beginners.

Oddly enough, in starting this investigation my biggest hurdle was finding a bot. This sounds ridiculous because we see bots all day long on Twitter but honestly I had trouble finding…


What makes a good OSINT Analyst? To me, the most important asset an OSINT Analyst can possess is an inquisitive mind. A person can be taught how to use/create tools or write reports but it is vastly more difficult to teach a person how to be analytical. That isn’t to say it can’t be taught and/or learned over time with practice. That being said, there are some things to keep in mind if you are trying to learn the art of curiosity.

Ask a lot of Questions

In classical rhetoric, the “elements of circumstance” created by Aristotle have been used to analyze rhetorical questions for…


***Due to recent findings by @MwOsint I can no longer endorse Lampyre as a trusted tool https://keyfindings.blog/2020/03/23/be-careful-what-you-osint-with/

Lampyre is a windows-based tool that I like to use for some quick OSINT research. Previously, I wrote a blog on Basic Email and Phone Number recon but Lampyre has since upgraded and now has an exciting new beta version with a more simple layout and new tools. If you don’t already have Lampyre, you can go to their website www.lampyre.io and click Try Lampyre for Free.

Once Lampyre is installed, activate it through their website and then open the program. This demo will be run in online mode, I have found it to be less buggy overall. It is…


When I think of the United States Correctional System I envision an underfunded prison filled to the brim with inmates. All of them packed into tiny cells with few luxuries aside from a chessboard with pieces carved from bars of soap.


In a recent blog article that I co-wrote with Tokyo_v2 titled Anatomy of a Puppy Scam, I track down a prolific puppy scammer selling fake tea-cup puppies online for thousands of dollars. The following is a breakdown of how I used Spiderfoot HX for much of my investigation into the domains and email addresses of the target website tiny-teacup dot com.

The Scan This investigation into puppy scams began with just a single website, tiny-teacup dot com, so the first step was to analyze this site. I created a new scan within Spiderfoot HX and input the domain tiny-teacup dot…


An Investigation by Tokyo_v2 and wondersmith_rae

The previous edition of Anatomy of a Puppy Scam detailed how the Tiny-Teacup puppy scam works by tricking people into sending money for a puppy that never existed. Additionally, we introduced you to Layla Mandi Tayeb the CEO/Marketing Genius/Author/Dog Breeder. In part 2 we dive into the structure behind Tiny-Teacup dot com and what methods we used to make a connection between accounts and organizations in order to verify our intelligence.

We designed a chart to help explain the data connections between Layla and the numerous domains, social media accounts, and emails we found…

wondersmith_rae

@wondersmith_rae | OSINT Analyst | @OSINTCurious Advisory Board | @QuizTime | http://Tracelabs.org | http://safeescape.org | Speaker

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store