background preloader

OSINT

Facebook Twitter

Find the exact location of any phone. If I had to pick my favorite smartphone features, GPS would be near the top of the list. It keeps me from getting lost in unfamiliar places, tracks the mileage of my morning jogs, helps me keep tabs on where my son is located and so much more. Of course, if my phone and apps know where I am, then that means a lot of other people could, too. App developers, advertisers, the government - anyone can tap into the information if I install the wrong app or don't pay attention to my settings. That's why your smartphone gives you the option to turn off your GPS.

You can just leave it off most of the time and no one can track you, right? Sorry, but that doesn't work. I found this site where you can see where any phone is located using the same service carriers and app developers use. The way your cell provider tracks you is through cellular towers. From there it doesn't take much work to narrow down your general location. As I said above, the accuracy varies. Email.

Research

OSINT. OSINT and other intel. Collection Software. Tools. Bank card number. Payment card numbers are found on payment cards, such as credit cards and debit cards, as well as stored-value cards, gift cards and other similar cards. Card issuers refer to the leading six digits on the card as an "issuer identification number (IIN)", or sometimes referred to as "bank identification number (BIN)".

On rare occasions they are referred to as bank card numbers. The remaining numbers on the card are referred to as the primary account number or PAN. IINs and PANS have a certain level of internal structure and share a common numbering scheme. ISO/IEC 7812 IINs are six digits in length,[1] and can be up to 19 digits. A six-digit Issuer Identification Number (IIN), the first digit of which is the Major Industry Identifier (MII)a variable length (up to 12 digits) individual account identifiera single check digit calculated using the Luhn algorithm[2] Issuer identification number (IIN)[edit] Partial IIN on a credit card (both printed and embossed) Security measures[edit]

HHS.gov.

Not for distribution

Data. Open Data Structures. WikiLeaks Finally Brings Back Its Submission System for Your Secrets. Updated at 6:30 pm with a statement from WikiLeaks founder Julian Assange. It’s taken close to half a decade. But WikiLeaks is back in the business of accepting truly anonymous leaks. On Friday, the secret-spilling group announced that it has finally relaunched a beta version of its leak submission system, a file-upload site that runs on the anonymity software Tor to allow uploaders to share documents and tips while protecting their identity from any network eavesdropper, and even from WikiLeaks itself. The relaunch of that page—which in the past served as the core of WikiLeaks’ transparency mission—comes four and a half years after WikiLeaks’ last submission system went down amid infighting between WikiLeaks’ leaders and several of its disenchanted staffers. “WikiLeaks publishes documents of political or historical importance that are censored or otherwise suppressed.

Hrafnsson declined to comment on what new security measures WikiLeaks has put into place. Go Back to Top. Update: Spy agencies hacked SIM card maker's encryption. U.S. and U.K. intelligence agencies have reportedly hacked into the computer network of giant SIM card maker Gemalto and taken smartphone encryption keys potentially used by customers of hundreds of mobile phone carriers worldwide. The Gemalto hack, by the U.S. National Security Agency and the U.K. Government Communications Headquarters (GCHQ), allowed the two spy agencies to monitor a large portion of the world's mobile phone voice and data traffic, according to a story in The Intercept. The hack was detailed in a 2010 GCHQ document leaked by former NSA contractor Edward Snowden, the story said. It's unclear how much mobile traffic the two agencies intercepted after the reported hack.

Gemalto, based in the Netherlands, produces about 2 billion SIM cards a year. With the compromised encryption keys, the surveillance agencies would be able to monitor mobile communications without the approval of the carriers or foreign governments, The Intercept story said. Guide to building the Tastic RFID Thief. The Tastic RFID Thief has been around since late 2013, and since I've had a tremendous amount of requests asking how to build it, I thought that this blog post would be of justice to the tastic. About the Tastic RFID Thief The Tastic RFID Thief was introduced by the company Bishop Fox through a series of Defcon and Blackhat videos across mid-late 2013. Bishop Fox describe the Tastic silent, long-range RFID reader that can steal the proximity badge information from an unsuspecting employee as they physically walk near this concealed device.

I built my first Tastic RFID Thief in February 2014, with no experience in electronics, and as a total challenge given to me by my boss at the time. It was an overall fun experience however, and I'm grateful that I was able to push myself. So, to all those who want to build one, but don't quite have the experience to do so, my advice is just go for it. This guide assumes that you are doing constant testing of the circuit along the way. Getting Started. Cyber Threats against the Aviation Industry. Introduction The recent incident to the Malaysia Airlines Flight MH370 is fueling the discussion of whether would be possible to hack into an airplane and gain complete control control of on-board systems, excluding the pilots.

In the past, we have seen many security experts present possible attack scenarios, but never has an attacker made them reality. While the investigators still search for evidence that can provide more indications of what is really happened to the flight, some security experts also hypothesized that it could be the result of a cyber attack against the airplane. Some experts alerted to the possibility that it could be an attack against the in-flight entertainment system that allowed the hackers to infiltrate the security software. The airplanes are very sophisticated systems. Many investigators revealed that an attacker with a deep knowledge of the plane’s system could intentionally cause serious problems with its normal operation. Figure – ACAR messages Conclusions. Zotero | Home. Tool For Detecting social Netorks. Surveillance II.

InfoSec. Knowledge worker. Intelligence Collection. Intelligence and Controversy in Democratic States. Central Intelligence Executive. Tools I use or am trying. OSINT. WiGLE - Wireless Geographic Logging Engine - Plotting WiFi on Maps. GFII - Guide Intelligence Economique. Midnight Research Labs - SEAT. SEAT aaron posted in on August 23rd, 2006 Project Info :: Features :: Screenshots :: Videos :: Downloads :: Documentation :: Developers :: WIKI Project info: SEAT (Search Engine Assessment Tool) is the next generation information digging application geared toward the needs of security professionals. SEAT uses information stored in search engine databases, cache repositories, and other public resources to scan a site for potential vulnerabilities. It’s multi-threaded, multi-database, and multi-search-engine capabilities permit easy navigation through vast amounts of information with a goal of system security assessment.

Furthermore, SEAT’s ability to easily process additional search engine signatures as well as custom made vulnerability databases allows security professionals to adapt SEAT to their specific needs. Features Supported Search Engines: o Google o Yahoo o MSN o AltaVista o AllTheWeb o AOL o DMOZ Vulnerability Databases: o GHDB o NIKTO o GSDB o WMAP o URLCHK o NESTEA Screenshots Videos. File%20Shredding%20Programs.pdf. Encrypted Google. COMPUTER & TECHNO WORLD.

Private investigation

Ad. FBI. News Sources.