https://riga.sh/tags/osint/Recent content in OSINT on RigaHugo 0.125.0en-usWed, 17 Jun 2026 00:00:00 +0000https://riga.sh/investigations/imoulife-privacy/Wed, 17 Jun 2026 00:00:00 +0000https://riga.sh/investigations/imoulife-privacy/I bought a security camera to watch my front door. What I didn’t know is that the app on my phone would watch me back and share what it learns with TikTok’s parent company. Here’s the full breakdown after tearing apart the Imou Life app (v10.0.6, com.mm.android.smartlifeiot). Methodology: MITM proxy analysis via Burp Suite + APK decompilation + Frida dynamic analysis 1. The ID that never dies Every request the app sends contains this:https://riga.sh/investigations/the-great-canadian-scammers/Mon, 28 Oct 2024 00:00:00 +0000https://riga.sh/investigations/the-great-canadian-scammers/This article is made for educational purpose only, to show what’s going on behind the scenes of malicious actors and their digital platforms. Everything comes from open and legal sources. I received an SMS asking me to log in to: auth-rbcroyalbank-online[.]com. Well, thanks to this scam, I was able to map a wide phishing network targeting Canadian institutions. Key points: ⏺️ Mostly Russian and Chinese registrars/hosting providers (JSC Selectel, Nicenic…) are involved.https://riga.sh/toolbox/-business/Mon, 01 Jul 2024 00:00:00 +0000https://riga.sh/toolbox/-business/I endorse nothing you’ll do with these tools, use them at your own risks. LEAKS https://aleph.occrp.org https://offshoreleaks.icij.org https://www.opensanctions.org https://www.opensecrets.org/ CORPORATE INFOS https://b2bhint.com https://opencorporates.com 🇺🇸 USA https://www.judyrecords.com https://lookups.melissa.com/home/ https://www.followthemoney.org/ https://www.importyeti.com/ 🇫🇷 FRANCE https://www.societe.ninja/index.html https://www.societe.com https://pappers.fr 🇧🇪 BELGIUM https://trendstop.knack.be https://kbopub.economie.fgov.be http://www.actionnariatwallon.be AFRICA https://openafrica.net/ https://owners.africa 🇨🇬 RDC & CONGO 🇨🇩 http://www.pagewebcongo.com https://liziba.cg Mining specific https://resourcecontracts.org/ http://itie-rdc.masiavuvu.fr/ https://congo-repo.revenuedev.org 🇨🇦 CANADA https://opengovca.com/ 🇬🇧 UK https://www.pappers.co.uk/ 🇨🇭 SWISS https://www.pappers.co.uk 🇺🇸 US INDIVIDUALS SEARCH Free tools: https://www.https://riga.sh/toolbox/-recon/Fri, 28 Jun 2024 00:00:00 +0000https://riga.sh/toolbox/-recon/I endorse nothing you’ll do with these tools, use them at your own risks. Combining multiple sources while investigating is highly recommended. Remember, these tools are only there to help your investigation, the conclusion is up to you. Using web tools can be beneficial when it comes to investigations, as you don’t directly interact with the target. Recon (online) toolbox MAGIC TOOLBOX Bunch of tools: https://intelx.io/tools Complet toolbox, all free, you can nmap and even find public buckets:https://riga.sh/investigations/countermisinformation/Mon, 30 Oct 2023 00:00:00 +0000https://riga.sh/investigations/countermisinformation/OSINT is about gathering technical and social elements to draw a narrative about a situation and communicate a clear thought. Sometimes, misinformation campaigns regain attention as they are shared a few years later, taking advantage of the mass of shared information to reuse old images when they are forgotten. It’s also worth pointing out that a tragic event appeals the emotions, making us less inclined to verify it. So, I stumbled upon a tweet published in March 2022, which gained substantial exposure at that time:https://riga.sh/investigations/terroristinfrastructure/Thu, 12 Oct 2023 00:00:00 +0000https://riga.sh/investigations/terroristinfrastructure/With the ongoing war between Israeli forces and Hamas, I wanted to analyze different propaganda tools and how they are built.https://riga.sh/investigations/elonmusk/Tue, 01 Aug 2023 00:00:00 +0000https://riga.sh/investigations/elonmusk/What the internet has to offer for a high value profile (who likes to troll a lot)https://riga.sh/investigations/moneylaunderingkabila/Wed, 19 Jul 2023 00:00:00 +0000https://riga.sh/investigations/moneylaunderingkabila/Oil giant Perenco’s suspicious deals with companies close to Congo’s ex-president"https://riga.sh/investigations/theshadypimeyes/Fri, 13 Jan 2023 00:00:00 +0000https://riga.sh/investigations/theshadypimeyes/Pimeyes is on a thin linehttps://riga.sh/investigations/anatomycryptoscam/Sat, 27 Aug 2022 00:00:00 +0000https://riga.sh/investigations/anatomycryptoscam/Scam me if you canhttps://riga.sh/tutorials/buckets/Mon, 01 Nov 2021 00:00:00 +0000https://riga.sh/tutorials/buckets/I endorse nothing you’ll do with these tools, use them at your own risks. Buckets A bucket contains various types of data such as public files (static assets), but sometimes it’s used to store sensitive infos (logs, passwords…). Permissions are critical with buckets, it can leverage an attacker to abuse unauthenticated access or improper ACL permissions. An open upload policy could let an attacker upload a malicious file, such as a custom payload.https://riga.sh/tutorials/phonerecontelnyx/Mon, 18 Oct 2021 18:51:52 -0400https://riga.sh/tutorials/phonerecontelnyx/I endorse nothing you’ll do with this tool, use it at your own risks. Phone number OSINT with Telnyx Let’s say some scammer or aggressive dude is calling you a bunch of time, or you just need infos about a phone number, well it’s not the most funny part of OSINT. Currently, I see 3 majors sources of recon: Yellow pages Spam lists Breaches They’re not always up-to-date, and sometimes limited by the amount of infos listed.