Dark Web OSINT Part Four: Using Scikit-Learn to Find Hidden Service Clones


Welcome back to the fourth and final instalment in this series. If you haven’t read part one, two or three definitely feel free to go and do so. This will be much shorter than the others The original inspiration for this post was from a @krypti3a blog post called: Counterfeiting on the Darknet: USD4U. If you […]

Dark Web OSINT With Python Part Three: Visualization


Welcome back! In this series of blog posts we are wrapping the awesome OnionScan tool and then analyzing the data that falls out of it. If you haven’t read parts one and two in this series then you should go do that first. In this post we are going to analyze our data in a new […]

Dark Web OSINT with Python Part Two: SSH Keys and Shodan


Welcome back good Python soldiers. In Part One of this series we created a wrapper around OnionScan, a fantastic tool created by Sarah Jamie Lewis (@sarajamielewis). If you haven’t read Part One then go do so now. Now that you have a bunch of data (or you downloaded it from here) we want to do some […]

Dark Web OSINT With Python and OnionScan: Part One


  You may have heard of this awesome tool called OnionScan that is used to scan hidden services in the dark web looking for potential data leaks. Recently the project released some cool visualizations and a high level description of what their scanning results looked like. What they didn’t provide is how to actually go […]

Expanding Skype Forensics With OSINT: IP Addresses


In the first part of this series we covered how to extract email accounts from SQLite databases and pull additional information from FullContact.com to find social media accounts or other online profiles that are associated with those email addresses. In this post we will apply much the same technique except we are going to be interested in […]

Expanding Skype Forensics with OSINT: Email Accounts


I will be the first to tell you that I know little about forensics compared to most law enforcement or private forensic examiners. One thing that I always found amazing was looking at the result of a forensic acquisition and seeing all of that magical data flowing out from it. Email addresses, phone numbers, usernames, social […]

Automated Reverse Image Search Part 2: Vimeo


In a previous blog post I covered how to utilize the YouTube API to find the preview images for videos and then reverse search them using the TinEye API. In this blog post we will cover how to use the same techniques for Vimeo to retrieve the location of the preview image, and then we […]

When People Sleep: Determine Facebook Activity Using Google Chrome, Javascript and Python

darkriversystemnew (1)

It is always an interesting question and one that was posed over on the IntelTechniques.com forums. How can you tell what hour of the day people are most active on Facebook? There are tools out there for Twitter and other platforms, but due to Facebook’s limited API it is always a bit more of a […]

Automatically Finding Weapons in Social Media Images Part 2

darkriversystem13 (1)

In the first part of this series we examined how to write some code that can slice and dice an image and then submit it to Imagga. By examining the tags that come back we can make a fairly accurate guess as to whether there is a weapon present in the picture. Now we get […]

Automatically Finding Weapons in Social Media Images Part 1

darkriversystem13 (1)

As part of my previous post on gangs in Detroit, one thing had struck me: there are an awful lot of guns being waved around on social media. Shocker, I know. More importantly I began to wonder if there wasn’t a way to automatically identify when a social media post has guns or other weapons […]