2022 OSINT課程(鑑識學會)

###### tags: `OSINT` `開源情報` `偵查` # 2022 OSINT課程(鑑識學會) # About Me * 陳詰昌 Jeff * Contact: power.shell@gmail.com # 一、OSINT簡介 ## (一)情資循環:評估、蒐集、分析、回饋 ## (二)情資整合運用(不同來源或開源與非開源間) ## (三)情資蒐集與隱私保護上網時可能因為瀏覽器特徵、WebRTC漏洞、Javascript等洩漏個人身分或真實IP。 * [瀏覽器洩漏](https://browserleaks.com/) * [What is my agent](http://user-agent.me) * [User Agent Changer Firefox](https://addons.mozilla.org/en-US/firefox/addon/user-agentswitcher/) * [User Agent Changer Chrome](https://chrome.google.com/webstore/detail/user-agentswitcher-for-c/) ### 隱私保護工具 1. 作業系統:Tails 2. 網路:VPN、TOR、Proxy 3. 瀏覽器:TOR Browser (安裝TOR並瀏覽一下[IP](https://www.whatismyip.com.tw/)) 4. 金流:禮物卡、虛擬貨幣 5. 資料傳遞:加密技術 ## (四)OSINT框架 [OSINT Framework](https://osintframework.com/ ) ## (五)情資彙整表 by人、事件、地點... 1. mindmap 2. timeline --- # 二、網路搜尋 ## (一)Google and Bing Search Operator ![google search operator](https://i.imgur.com/agoL6ls.jpg) ### Advanced operator * Social media search:`@facebook:user name` * hashtag search:`#osint` * music search: `music:` * [Operators List](https://sites.google.com/site/gwebsearcheducation/advanced-operators ) * [Operators Reference](http://www.googleguide.com/advanced_operators_reference.html) ### 客製化搜尋引擎 1. [Google客製化](https://programmablesearchengine.google.com/cse/create/new) 2. 產生Script片段 3. 將script片段貼入 ``` <html> <head> <title>my site</title> </head> <body> <div1>Customized Search </div1> 請在這裡貼上程式碼 </body> </html> ``` ### Google與資安 * [GHDB](https://www.exploit-db.com/google-hacking-database) ### Google vs Bing search * 一般搜尋[bvsg](https://bvsg.org/index.html) * 進階搜尋[advangle](https://advangle.com) * [Google Advanced Search](http://www.google.com/advanced_search) ## (二)隱私導向搜尋引擎 * [DuckDuckGo](https://duckduckgo.com/) * [Qwant](https://www.qwant.combased) * [Oscobo](https://oscobo.co.uk) * [Swisscows](https://swisscows.com) * [Privatelee](https://privatelee.com) * [Gigablast](https://www.gigablast.com) * [Gibiru](www.gibiru.com) ## (三)Metadata Serach Engines 沒有自己的搜尋索引，而是將查詢語法轉送給其他搜尋引擎，將所得結果取回後，重新編排順序，再將結果給查詢者。 * [etools](https://www.etools.ch/search.do) * [All the internet](https://www.alltheinternet.com/) 包含購物網站 * [Fagan finder](https://www.faganfinder.com/engines) 包含 QA網站與部落格 * [Carrot2](https://search.carrot2.org/#/search/web)搜尋結果以主題方式分類 * [Opentext](http://fqs.opentext.com/web.htm)包含FB、Twitter、Linkedin等社群 ## (四)Code Search 搜尋程式片段出處 * [Searchcode](https://searchcode.com) 含Google code、GitHub、Bitbucket、CodePlex、Sourceforge、Fedora Project及GitLab。 * [Nerdaydata](https://nerdydata.com/search) 付費訂閱制 * [Krugle](https://www.krugle.org) * [Codase](https://www.codase.com) * [Symbolhound](http://symbolhound.com) searches code search engines and doesn’t ignore special characters. * [Merobase](http://merobase.com) for java * [GitHub Dorks](https://github.com/techgaun/github-dorks)搜尋機敏資料，私鑰、帳號密碼、驗證用令牌等 * ## (五)FTP搜尋 * Advanced Google Search ``` inurl:ftp://www. “Index of /” inurl:ftp -inurl:(http|https) “CISSP” ``` * [4shared](https://www.4shared.com/) * [ftp indexer](https://www.searchftps.net/) * [Global file search](http://globalfilesearch.com) * [Filemare](https://filemare.com/en-nl) * [Archie](http://archie.icm.edu.pl/archie_eng.html) ## (六)IoT Search 搜尋IoT設備或不安全監視鏡頭 * [Shodan](https://www.shodan.io) ``` city: taipei country: tw port: 1234 hostname: wisdom net: 192.168.0.1/24 product: windows version: version of product Iip: hinet geo:25,121 ``` * [123Cam](http://123cam.com) * [AirportWebcams](http://airportwebcams.net)機場監視器 * [Insecam](www.insecam.org) * [Lookr](https://www.lookr.com) * [Open Street Cam](https://www.openstreetcam.org/map) * [Pictimo](https://www.pictimo.com) * [Reolink](https://reolink.com/unsecured-ip-camera-list) * [Webcam-Network Project](http://www.the-webcam-network.com) * [Thingful](https://haque.co.uk/work/thingful/) ## (七)Web Directory 一些網際網路網站地址做集合，並按照網站種類分類以引導用戶快速訪問的一類網站的總稱。 * [The WWW Virtual Library](http://vlib.org) * [DirPopulus](http://dirpopulus.org) * [Best of the Web](https://botw.org) * [GoWorkable](http://www.goworkable.com) * [01webdirectory](http://www.01webdirectory.com) ## (八)Website History 網站歷史資料(可相互參照Domain Name一節) * [Archive](https://archive.org/web/web.php) * [Archive](https://archive.fo/) * [Cached View](https://cachedview.com/) * [Way Backpack](https://github.com/jsvine/waybackpack) * [Oldweb.today](http://oldweb.today) ## (八)Web Monitoring 網站監測(可相互參照Domain Name一節) * [Talk Walker](http://www.talkwalker.com/alerts) * [Visual Ping](https://visualping.io) * [Follow That Page](https://www.followthatpage.com) * [Watch That Page](http://www.watchthatpage.com) --- # 三、圖片搜尋情資 ## (一)圖片搜尋引擎 * [Google](https://images.google.com) * [tineye](https://tineye.com) * [bing](https://www.bing.com/images/) * [yandex](https://www.Yandex.com/images/)新秀 * [Baidu](http://images.baidu.com) * [twitter](http://twipho.net)針對twitter * [Pimeyes](https://pimeyes.com) * [Facesearch](http://www.facesaerch.com/)臉部 ## (二)EXIF Viewer EXIF為圖片檔之Matadata，包含圖片拍攝工具、時間、地點等。 * [Jeffery ExifViewer](http://exif.regex.info/exif.cgi) * [verexif](https://www.verexif.com/en/) * [imageforensic](http://www.imageforensic.org/) * [exif.tool](https://exif.tools/) ## (三)圖片分析 [Edit detection](http://www.errorlevelanalysis.com) [Foto forensics](http://fotoforensics.com) [Forensically](https://29a.ch/photo-forensics/#forensic-magnifier) [pictriev](http://www.pictriev.com/)判斷特徵，男或女等 ## (四)其他工具 * [Remove bg](https://www.remove.bg/zh)去背 * [Clipping magic](https://clippingmagic.com/)去背 * [OCR](https://www.i2ocr.com/) * [youtube-dl](https://github.com/ytdl-org/youtube-dl) * [Video archives](https://archiving.witness.org/archive-guide/acquire/acquiring-raw-video-and-metadata/) # 四、社群媒體情資社群媒體分為照片分享、影片分享、部落格、微博、遊戲、論壇等型態網站，又其內容又分為貼文、回應、多媒體內容與社交互動等多元資料類型。 ## (一) Facebook ### 1、FB ID與創立時間 * [Lookup-id](https://lookup-id.com/) * [Findidfb](https://findidfb.com/) ``` 2006: <600400000 2007: 600400000~ 2008: 1000000000~ 2009: 1140000000~100000628000000 2010: 100000629000000~ 2011: 100001611000000~ 2012: 100003303000000~ 2013: 100004978000000~ 2014: 100007377000000~ 2015: 100008761000000~ 2016: 100010926000000~ 2017: 100014947000000~ 2018: 100023811000000~ ``` ### 2、使用帳號或暱稱為關鍵字搜尋 * [Whatsmyname](https://whatsmyname.app/) * [Social Search](https://www.social-searcher.com/) * [Instant Username Check](https://instantusername.com/#/) ### 3、被動式搜尋 * [FB Search Engine](https://www.social-searcher.com/facebook-search/) * [Archive](https://archive.is/) * Google Search ``` site:facebook.com "user name" inurl:facebook "user name" ``` ### 4、主動式搜尋利用FB內建功能進行搜尋，因其可能於網站留下相關紀錄，通稱此類為主動式搜尋；目前分為top、posts、people、photos、videos、pages、places等。 ![FB](https://i.imgur.com/rdnNTfn.jpg) 搜尋語法如下: #### Top Search * https://facebook.com/search/top/?q=people&epa=FILTERS&filters=(base64 encoding) * Most recent popular content ``` JSON: {"rp_chrono_sort":"{\"name\":\"chronosort\",\"args\":\"\"}"} Base64: eyJycF9jaHJvbm9fc29ydCI6IntcIm5hbWVcIjpcImNocm9ub3NvcnRcIixcImFyZ3NcIjpcIlwifSJ9 ``` * Most popular public content ``` JSON: {"rp_author":"{\"name\":\"merged_public_posts\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJtZXJnZWRfcHVibGljX3Bvc3RzXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Most popular content posted from your own profile ``` JSON: {"rp_author":"{\"name\":\"author_me\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJhdXRob3JfbWVcIixcImFyZ3NcIjpcIlwifSJ9 ``` * Most popular content viewed by your profile ``` JSON: {"interacted_posts":"{\"name\":\"interacted_posts\",\"args\":\"\"}"} Base64: eyJpbnRlcmFjdGVkX3Bvc3RzIjoie1wibmFtZVwiOlwiaW50ZXJhY3RlZF9wb3N0c1wiLFwiYXJnc1wiOlwiXCJ9In0= ``` * Most popular content posted by your friends ``` JSON: {"rp_author":"{\"name\":\"author_friends_feed\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJhdXRob3JfZnJpZW5kc19mZWVkXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Most popular content from the pages you like or the groups you are a member of ``` JSON: {"rp_author":"{\"name\":\"my_groups_and_pages_posts\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJteV9ncm91cHNfYW5kX3BhZ2VzX3Bvc3RzXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Most popular content in the groups you are a member of ``` JSON: {"rp_group":"{\"name\":\"my_groups_posts\",\"args\":\"\"}"} Base64:eyJycF9ncm91cCI6IntcIm5hbWVcIjpcIm15X2dyb3Vwc19wb3N0c1wiLFwiYXJnc1wiOlwiXCJ9In0= ``` * Most popular content from a specific page ``` JSON: {"rp_author":"{\"name\":\"author\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` #### Posts Search * https://facebook.com/search/posts/?q=people&epa=FILTERS&filters=(base64 encoding) * Public posts ``` JSON: {"rp_author":"{\"name\":\"merged_public_posts\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJtZXJnZWRfcHVibGljX3Bvc3RzXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Your own posts from your profile ``` JSON: {"rp_author":"{\"name\":\"author_me\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJhdXRob3JfbWVcIixcImFyZ3NcIjpcIlwifSJ9 ``` * Posts viewed by your profile ``` JSON: {"interacted_posts":"{\"name\":\"interacted_posts\",\"args\":\"\"}"} Base64: eyJpbnRlcmFjdGVkX3Bvc3RzIjoie1wibmFtZVwiOlwiaW50ZXJhY3RlZF9wb3N0c1wiLFwiYXJnc1wiOlwiXCJ9In0= ``` * Posts from your friends ``` JSON: {"rp_author":"{\"name\":\"author_friends_feed\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJhdXRob3JfZnJpZW5kc19mZWVkXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Posts from the pages you like and the groups you are a member of ``` JSON: {"rp_author":"{\"name\":\"my_groups_and_pages_posts\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJteV9ncm91cHNfYW5kX3BhZ2VzX3Bvc3RzXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Posts in the groups you are a member of ``` JSON: {"rp_group":"{\"name\":\"my_groups_posts\",\"args\":\"\"}"} Base64: eyJycF9ncm91cCI6IntcIm5hbWVcIjpcIm15X2dyb3Vwc19wb3N0c1wiLFwiYXJnc1wiOlwiXCJ9In0= ``` * Posts from a specific page ``` JSON: {"rp_author":"{\"name\":\"author\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` * Posts from a specific group ``` JSON: {"rp_group":"{\"name\":\"group_posts\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` * Public posts tagged with a specific location ``` JSON: {"rp_location":"{\"name\":\"location\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` #### People Search * https://facebook.com/search/people/?q=people&epa=FILTERS&filters=(base64 encoding) * People within a specific city ``` JSON: {"city":"{\"name\":\"users_location\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` * People with a specific education ``` JSON: {"school":"{\"name\":\"users_school\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` * People who work at a specific employer ``` JSON: {"employer":"{\"name\":\"users_employer\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` * Find friends of your own profile ``` JSON: {"friends":"{\"name\":\"users_friends\",\"args\":\"\"}"} Base64: eyJmcmllbmRzIjoie1wibmFtZVwiOlwidXNlcnNfZnJpZW5kc1wiLFwiYXJnc1wiOlwiXCJ9In0= ``` * Find mutual friends of your own friends ``` JSON: {"friends":"{\"name\":\"users_friends_of_friends\",\"args\":\"\"}"} Base64: eyJmcmllbmRzIjoie1wibmFtZVwiOlwidXNlcnNfZnJpZW5kc19vZl9mcmllbmRzXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Find friends of a specific profile ``` JSON: {"friends":"{\"name\":\"users_friends_of_people\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` #### Photos search * https://facebook.com/search/photos/?q=people&epa=FILTERS&filters=(base64 encoding) * Public photos ``` JSON: {"rp_author":"{\"name\":\"merged_public_posts\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJtZXJnZWRfcHVibGljX3Bvc3RzXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Your own photos posted from your profile ``` JSON: {"rp_author":"{\"name\":\"author_me\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJhdXRob3JfbWVcIixcImFyZ3NcIjpcIlwifSJ9 ``` * Photos viewed by your profile ``` JSON: {"interacted_posts":"{\"name\":\"interacted_posts\",\"args\":\"\"}"} Base64: eyJpbnRlcmFjdGVkX3Bvc3RzIjoie1wibmFtZVwiOlwiaW50ZXJhY3RlZF9wb3N0c1wiLFwiYXJnc1wiOlwiXCJ9In0= ``` * Photos posted by your friends ``` JSON: {"rp_author":"{\"name\":\"author_friends_feed\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJhdXRob3JfZnJpZW5kc19mZWVkXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Photos posted by the pages you like and the groups you are a member of ``` JSON: {"rp_author":"{\"name\":\"my_groups_and_pages_posts\",\"args\":\"\"}"} Base64: eyJycF9hdXRob3IiOiJ7XCJuYW1lXCI6XCJteV9ncm91cHNfYW5kX3BhZ2VzX3Bvc3RzXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Photos posted by the groups you are a member of ``` JSON: {"rp_group":"{\"name\":\"my_groups_posts\",\"args\":\"\"}"} Base64: eyJycF9ncm91cCI6IntcIm5hbWVcIjpcIm15X2dyb3Vwc19wb3N0c1wiLFwiYXJnc1wiOlwiXCJ9In0= ``` * Photos posted by a specific page ``` JSON: {"rp_author":"{\"name\":\"author\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` * Photos posted by a specific group ``` JSON: {"rp_group":"{\"name\":\"group_posts\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` * Photos tagged with a specific location ``` JSON: {"rp_location":"{\"name\":\"location\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` #### Video search * https://facebook.com/search/videos/?q=people&epa=FILTERS&filters=(base64 encoding) * Search live videos ``` JSON: {"videos_source":"{\"name\":\"videos_live\",\"args\":\"\"}"} Base64: eyJ2aWRlb3Nfc291cmNlIjoie1wibmFtZVwiOlwidmlkZW9zX2xpdmVcIixcImFyZ3NcIjpcIlwifSJ9 ``` * Search for episodes ``` JSON: {"videos_source":"{\"name\":\"videos_episode\",\"args\":\"\"}"} Base64: eyJ2aWRlb3Nfc291cmNlIjoie1wibmFtZVwiOlwidmlkZW9zX2VwaXNvZGVcIixcImFyZ3NcIjpcIlwifSJ9 ``` * Videos posted by your friends and the groups you are a member of ``` JSON: {"videos_source":"{\"name\":\"videos_feed\",\"args\":\"\"}"} Base64: eyJ2aWRlb3Nfc291cmNlIjoie1wibmFtZVwiOlwidmlkZW9zX2ZlZWRcIixcImFyZ3NcIjpcIlwifSJ9 ``` * Videos tagged to a specific location ``` JSON: {"rp_location":"{\"name\":\"location\",\"args\":\"PutIDHere\"}"} Base64: Depends on the ID used. ``` * Videos posted within a specific time range ``` JSON: {“rp_creation_time”:”{\”name\”:\”creation_time\”,\”args\”:\”{\\\”start_year\\\”:\\\”2019\\\”,\\\”start_month\\\”:\\\”2019-1\\\”,\\\”end_year\\\”:\\\”2019\\\”,\\\”end_month\\\”:\\\”2019-12\\\”,\\\”start_day\\\”:\\\”2019-1-1\\\”,\\\”end_day\\\”:\\\”2019-12-31\\\”}\”}”} Base64: Depends on the time range used. ``` #### Page search * Search for ‘verified’ pages ``` JSON: {"verified":"{\"name\":\"pages_verified\",\"args\":\"\"}"} Base64: eyJ2ZXJpZmllZCI6IntcIm5hbWVcIjpcInBhZ2VzX3ZlcmlmaWVkXCIsXCJhcmdzXCI6XCJcIn0ifQ== ``` * Search for pages of local business or places ``` JSON: {"category":"{\"name\":\"pages_category\",\"args\":\"1006\"}"} Base64: eyJjYXRlZ29yeSI6IntcIm5hbWVcIjpcInBhZ2VzX2NhdGVnb3J5XCIsXCJhcmdzXCI6XCIxMDA2XCJ9In0= ``` * Search for pages of companies, organisations or institutions ``` JSON: {"category":"{\"name\":\"pages_category\",\"args\":\"1013\"}"} Base64: eyJjYXRlZ29yeSI6IntcIm5hbWVcIjpcInBhZ2VzX2NhdGVnb3J5XCIsXCJhcmdzXCI6XCIxMDEzXCJ9In0= ``` * Search for pages of a brand or a product ``` JSON: {"category":"{\"name\":\"pages_category\",\"args\":\"1009\"}"} Base64: eyJjYXRlZ29yeSI6IntcIm5hbWVcIjpcInBhZ2VzX2NhdGVnb3J5XCIsXCJhcmdzXCI6XCIxMDA5XCJ9In0= ``` * Search for pages of artists, bands or public figures ``` JSON: {"category":"{\"name\":\"pages_category\",\"args\":\"1007,180164648685982\"}"} Base64: eyJjYXRlZ29yeSI6IntcIm5hbWVcIjpcInBhZ2VzX2NhdGVnb3J5XCIsXCJhcmdzXCI6XCIxMDA3LDE4MDE2NDY0ODY4NTk4MlwifSJ9 ``` * Search for pages in entertainment ``` JSON: {"category":"{\"name\":\"pages_category\",\"args\":\"1019\"}"} Base64: eyJjYXRlZ29yeSI6IntcIm5hbWVcIjpcInBhZ2VzX2NhdGVnb3J5XCIsXCJhcmdzXCI6XCIxMDE5XCJ9In0= ``` * Search for pages of a cause or a community ``` JSON: {"category":"{\"name\":\"pages_category\",\"args\":\"2612\"}"} Base64: eyJjYXRlZ29yeSI6IntcIm5hbWVcIjpcInBhZ2VzX2NhdGVnb3J5XCIsXCJhcmdzXCI6XCIyNjEyXCJ9In0= ``` 將上列繁瑣步驟簡化工具 * [SOwdust](https://www.sowsearch.info/) * [graph.tips](https://graph.tips/beta/) * [Aware Online](https://www.aware-online.com/osint-tools/facebook-searchtool) * [IntelX](https://intelx.io/tools?tab=facebook) ### 5、其他搜尋工具 * [WhoPostedwhat](https://whopostedwhat.com/) * [SourcingLab](https://sourcinglab.io/search/facebook) * [OSINTCombine](https://www.osintcombine.com/facebook-search-tools) * [Hashtag](https://www.facebook.com/hashtag/osint ) ### 6、匯出評論 * [Export Comments](https://exportcomments.com/) * [Comment picker](https://commentpicker.com/export-comments-facebook.php) ### 7、網路爬蟲 * [FB detail Scrapper](https://github.com/satendrapandeymp/Fb_details_scrapper) * [Ultimate FB Scrapper](https://github.com/harismuneer/Ultimate-Facebook-Scraper) ### 8、取回帳號方式情蒐 ![recovery](https://i.imgur.com/YBF4iat.jpg) ### 9、執法機關窗口 [LE Guideline](https://www.facebook.com/safety/groups/law/guidelines ) ## (二)Twitter ### 1、Twitter ID * Source Code檢視 * [Code of ninja](https://codeofaninja.com/tools/find-twitter-id/) * Check ID https://twitter.com/i/connect_people?user_id= ~~1336554587646398464~~ ### 2、Twitter搜尋 ``` "" : "OSINT intelligence" OR : OSINT OR intelligence - : Virus –computer # : #OSINT from : from:V3nari to : to: V3nari @ : @ V3nari near : “Happy new year” near: Taipei within : near:NYC within:10km since : superhero since:2021-01-01 util : osint util:2021-01-01 geocode : geocode:25.035889,121.565446,1km ``` ### 3、Twitter進階搜尋 * [Advanced search](https://twitter.com/search-advanced) ### 4、目標帳號下推文回復、媒體與喜歡內容 * [reply] https://twitter.com/~~virustotal~~/with_replies/ * [media] https://twitter.com/~~virustotal~~/media/ * [likes] https://twitter.com/~~virustotal~~/likes ### 5、其他工具 * [Tweet beaver](https://tweetbeaver.com/)綜合性工具 * [followerwonk](https://followerwonk.com/)搜尋與比較 * [All my Tweet](https://www.allmytweets.net/)檢視自己的跟隨者及時序 * [Tweetdeck](https://tweetdeck.twitter.com/)儀表板 ### 6、Twitter Map * [One million tweet map](https://onemilliontweetmap.com) * [Tweet mapper](https://keitharm.me/projects/tweet/) * [Tweet map](https://www.omnisci.com/demos/tweetmap) * [Geosocail](http://geosocialfootprint.com/) ## (三)Instagram ### 1、找出IG帳號的ID及檢核 * https://www.instagram.com/帳號/?_ _a=1 * https://i.instagram.com/api/v1/users/~~29395982324~~/info/ * [Code of ninja](https://codeofaninja.com/tools/find-instagram-user-id/) ### 2、被動搜尋 * Google搜尋 ``` site:instagram "account" site:instagram "@account" ``` * [Dumpor](https://dumpor.com/) * [StoriesDown](https://storiesdown.com/)限時動態 * [Picuki](https://www.picuki.com/) ### 3、IG貼文時間 1. 查看IG原始貼文 ![IG Post](https://i.imgur.com/cmcVprI.jpg) 2. 按滑鼠右鍵，檢視網頁原始碼 ![view source](https://i.imgur.com/3vjoiRD.jpg) 3. 鍵盤\<Ctrl>+\<F>以關鍵字taken_at_timestamp進行搜尋 ![taken time](https://i.imgur.com/vNfgtuG.jpg) 4. 複製"taken_at_timestamp":後面所接數字，轉換為正常顯示時間 [Epoch Converter](https://www.epochconverter.com/) ### 4、IG刪除貼文查找 * [Archive](https://archive.org) * Google Search 排除來自IG網站，且含有關鍵字之IG貼文，排除twitter降低誤報 -site:instagram.com instagram keyword -twitter ### 5、Twitter搜尋IG內容 [Twitter Explorer](http://twitter.com/explore) ``` instagram.com/p source:instagram party instagram filter:links instagram.com/p near:taipei within:10km ``` ### 6、Hashtag 搜尋含有hashtag或遭阻擋hashtag的貼文 [IG](https://www.instagram.com/explore/tags/osint/) [Banned hashtag](http://thedatapack.com/tools/blocked-hashtag-search) [2021被封鎖清單](https://taskant.com/banned-instagram-hashtags/) ### 7、依照位置查找 [IG](https://Instagram.com/explore/locations/) [OSINT Combine](https://www.osintcombine.com/instagram-explorer) ### 8、Tagged and follow [Tagged user](https://www.Instagram.com/user/tagged/) [Follower and following list export](https://chrome.google.com/webstore/detail/ig-follower-export-tool/diobnppoomflbfopidklhnonklfpigng/) ### 9、IG影像下載 [Profile picture](https://instadp.org/#r) [InstaDownlader](https://instadownloader.co/) [Instasaveonline] (https://instasaveonline.com/gramsave.php) [Download IG](https://inflact.com/downloader/instagram/) [Inflact](https://inflact.com/downloader/instagram/) ### 10、其他工具 [Search My Bio](http://searchmy.bio) [StorySaver](https://www.storysaver.net/) ~~[InstaFollowers](http://instafollowers.co/download-Instagram-stories) [Ingramer](http://ingramer.com/tools/stories-viewer/)~~ [Download for Instagram](http://chrome.google.com/webstore) ## (四)PTT PTT為國內特有BBS網路社群，建置於學術網路，並由臺大學生維護。因BBS系統性質，所有帳號[上線IP](https://www.plytic.com/ )均為公開，使用者均可檢視，因BBS過去多利用Telnet方式連結，亟為不便且須註冊帳號始能登入，現以有[WEB版本PTT](https://www.pttweb.cc/user)，可供所有網友瀏覽。 PTT曾為國內言論自由之代表，亦曾為帶動網路風向之重要據點，因此成為網路水軍活動處所，為揭發其水軍身分與操作手法，故有多熱心網友建置分析軟件供網友使用，用以分辨網軍。如鄉民查水表(以下架)、[發現PTT](https://www.plytic.com/)及[PTT Brain](https://www.pttbrain.com)等。由於該類服務相繼下架，PTT上貼文結合大數據概念，可利用[網路爬蟲](https://github.com/jwlin/ptt-web-crawler )將內容自動擷取後存檔，作為日後案件分析用途。 ## (五)Telegram Telegram為國外號稱隱私性亟高之即時通訊社群軟體，與國內常使用之LINE性質相同。因屬於封閉性社群，對個人帳號可使用TG內建通訊錄進行同步後，獲得門號註冊相關情資。 TG上有分頻道(channel)、群組(Group)及機器人(Bot)等頻道類似FB粉絲專業功能，但只能貼文分享功能，無法按讚等互動。群組與LINE上群組相同，其群組成員可高達20萬人，較LINE群組高許多。另外又推出類似部落格功能之[Telegraph](https://telegra.ph/)，無須註冊即可發文，完成後傳送給他人瀏覽。 ### 1、搜尋 * Google Search > site:t.me/joinchat “keyword” site:telegram.me “keyword” * [Telegram Analytics](https://tgstat.ru/en) * [Telegram.im](http://telegram.im/tools/search.php) * [Lyzem](https://lyzem.com) * [Telegago](https://cse.google.com/cse?&cx=006368593537057042503:efxu7xprihg#gsc.tab=0) ### 2、擷取 * Chrome插件[Scraper](https://chrome.google.com/webstore/detail/scraper/mbigbapnjcgaffohmbkdlecaccepngjd) * [Telegram history dump](https://github.com/tvdstaaij/telegram-history-dump) ## (六)Whatspp Whatsapp為即時通訊軟體，透過電話號碼註冊認證。網路已有[數位調查操作框架](https://github.com/graniet/operative-framework)程式，已電話號碼為基礎進行大數據分析後，取得更進階情資。其餘相關工具，另有如下均為針對Whatsapp帳號進行擷取監控之程式。 * [WhatsAllApp](https://github.com/LoranKloeze/WhatsAllApp) * [Whatsapp Scraper](https://github.com/situmorang-com/Whatsapp-Group-Contacts-Scraper) * [Whatsapp Monitor](https://github.com/ErikTschierschke/WhatsappMonitor) ## (七)Youtube Yotube為台灣常用之影音平台，為Google公司眾多服務之一，近年影音內容盛行，伴隨許多網紅Youtuber出現。 * 分析影像 [Anilyzer](http://anilyzer.com/) * 關鍵字搜尋影片[Aware Online](https://www.aware-online.com/en/osint-tools/youtube-search-tool/) * 分析評論與統計 [hadzy](https://hadzy.com/) * 切割影片部分片段 [hashcut](https://www.hashcut.com/) * 下載影片 [Yout](https://yout.com/) * 下載影片 [y2mate](https://www.y2mate.com/) * 依地點搜尋[Geofind](https://mattw.io/youtube-geofind/location) * MataData [metadata bulk](https://mattw.io/youtube-metadata/bulk) * 個人愛用工具 [Youtube-DL](https://ytdl-org.github.io/youtube-dl/index.html) # 五、電話門號與社群社群或即時通訊APP多由電子郵件或電話門號註冊，於社群中所使用暱稱可能為真實姓名或綽號，更進一步可使用通訊錄名單來同步關聯社群關聯度。 ## 電話搜尋關聯圖 ![電話](https://i.imgur.com/H0HOPDy.png) ## 姓名搜尋關聯圖 ![姓名](https://i.imgur.com/jKotbRt.png) ## (一)電信商(Carrier)識別 * [FreeCarrierLookup](https://freecarrierlookup.com/) ## (二)門號情資 * 依照使用者回報訊息進行門號風險評估。 [Whoscall](https://whoscall.com/zh-hant) * 各類通訊軟體及社群查找 ![wechat lookup](https://i.imgur.com/OFsiI55.jpg) * People Data Labs https://api.peopledatalabs.com/v5/person/enrich?pretty=true&api_key=c2734ab17428f49ec29010f5b6cfe3e2fc2ecf0820940a679ad5d7c016de6f6d&phone=~~+16184620000~~ * 通訊錄加入後同步 * 全台門號進行大數據蒐集 (詳參講義截圖) ## (三)IMSI國際行動用戶識別碼 IMSI=MCC(3碼) + MNC(2~3碼) + MSIN(最長10碼) * MCC:466(Taiwan) * MNC ![MNC](https://i.imgur.com/eLm6kPn.jpg) * [IMSI查找](https://www.numberingplans.com/?page=analysis&sub=imsinr) ## (四)IMEI對照電話型號 * [IMEI.info](https://imei.info) * [zonzoo](https://zonzoo.nl/) ## (五)電信黃頁查找 * [Yellow page](https://om.1881.no/nyttige-sider/kataloger-i-utlandet) # 六、電子郵件、帳號與社群社群或即時通訊APP多由電子郵件或電話門號註冊，帳號與電郵帳號間，因人性常見為高度相似或相同，於情資蒐集時，常被用來進行情蒐條件。 ## 帳號搜尋關聯圖 ![帳號](https://i.imgur.com/xrfdRej.png) ## 電郵搜尋關聯圖 ![電郵](https://i.imgur.com/zxosGJM.png) ## 1、帳號查找 * [Domain Namechk](https://namechk.com/) * [NameCheckr](https://www.namecheckr.com) * [Instant Username Search](https://instantusername.com/#/) * [User Search](https://usersearch.org) * [Thats Them](https://thatsthem.com) * [checkusernames](http://checkusernames.com/) * [know me](https://knowem.com/) * [spokeo](https://www.spokeo.com/) * [whats my name](https://whatsmyname.app/) ## 2、電郵查找(一) * [yy Finder](https://snov.io/email-finder) * [epieos.com](https://tools.epieos.com/email.php) * [Hunter](https://hunter.io) * [MailDB](https://maildb.io) * [Skymem](https://www.skymem.info/) ## 3、電郵查找(二) * 查找個公司網域下帳號 [Email format](https://www.email-format.com/) * 查找個公司網域下帳號[find email](https://www.findemails.com/guess) * 姓名進行例舉 [電郵猜測](http://metricsparrow.com/toolkit/email-permutator/) ## 4、電郵驗證 * [MailTester](https://mailtester.com/testmail.php) * [VerifyEmail](https://verify-email.org) * [BytePlant Email Validator](https://www.email-validator.net) * [Email Reputation](https://emailrep.io) * [Mailbox Validator](https://www.mailboxvalidator.com/demo) * [Trumail](https://trumail.io/) * [Eail camel](https://www.emailcamel.com/) ## 5、寄送假郵件 [Fake mail](https://emkei.cz/) ## 6、電郵標頭分析 * [MX Toolbox](https://mxtoolbox.com/EmailHeaders.aspx) * [WhatismyIP](https://www.whatismyip.com/email-header-analyzer) ## 7、電郵追蹤 * [WhoReadMe](http://whoreadme.com/) * [GetNotify](https://www.getnotify.com/) * [ReadNotify](https://www.readnotify.com/) ## 8、資料外洩 * [HIBP](https://haveibeenpwned.com/) * [Breach Directory](https://breachdirectory.org/) * [Dehashed](https://dehashed.com/) * [Ashley Madison Emails](https://ashley.cynic.al/) ## 9、詐欺資料庫 * [Scam Search](https://scamsearch.io/) * [Scam Alert](https://scamalert.sg/) * [Bitcoin Abuse](https://www.bitcoinabuse.com/) ## 10、其他程式 * [infoga](https://github.com/m4ll0k/infoga) * [theHarvester](http://www.edge-security.com/theharvester.php) * [Ghunt](https://github.com/mxrch/GHunt) ## 11、自行蒐集社工庫 * [Pastebin](https://pastebin.com/) * [Raidforum](https://raidforums.com/) * [Occrp](https://data.occrp.org/) * [Sunbase](https://snusbase.com/search) # 七、交通工具與大眾服務 ## 1、船運 * [Ship finder](https://shipfinder.co/) * [Cruise mapper](https://www.cruisemapper.com/) * [在港動態](https://www.shipmentlink.com/tvs2/jsp/TVS2_TerminalProspect.jsp?lang=zh-TW&ctry=TW) * [漁船](https://globalfishingwatch.org/map/) ## 2、繳費與服務 ### APP查詢與繳費 [etag](https://www.fetc.net.tw/) [全國繳費網](https://ebill.ba.org.tw/) [Easy Wallet](悠遊卡消費紀錄) ### 便民服務 [ibon] [台大掛號](https://reg.ntuh.gov.tw/WebAdministration/) ### 3、包裹查詢 * [Tracking EX](https://www.trackingex.com/) * [中華郵政]( https://www.post.gov.tw/post/internet/SearchZone/index.jsp?ID=1396157311807) * [順豐](https://htm.sf-express.com/tw/tc/dynamic_function/waybill/) * [嘉里](http://www.express.com.tw/tools/positchecking.aspx) * [宅急便](https://www.t-cat.com.tw/inquire/trace.aspx) * [FedEx](https://www.fedex.com/zh-tw/home.html) * [新竹](https://www.hct.com.tw/search/searchgoods_n.aspx) ### 4、網路攝影機 (相互參照IoT搜尋一節) * [World Web Cam search](https://world-webcams.nsspot.net/) * [Earth Cam](https://www.earthcam.com/) * [Fisgonia](http://www.fisgonia.com/) * [World Cam](https://worldcam.eu/) # 八、域名情資 ![DN](https://i.imgur.com/SV6ozQK.jpg) ## (一)檢查網站狀態為讓使用者連接至特定網站，通常會申請網址提供給使用者使用，例如http://tw.yahoo.com或http://www.pchome.com.tw等，為判斷網站是否處於服務狀態，可使用工具進行檢測。 [Check host](https://check-host.net/) ## (二)短網址縮網指係行動網路時代出現特有服務，以簡短網址來轉譯表示特定長網址，避免於行動裝置輸入過長網址，減少錯誤發生；常見縮網址有[reurl.cc](https://reurl.cc/main/tw),[Bit.ly](https://bitly.com/),[tiny.cc](https://tiny.cc/)及[0rz.tw](https://0rz.tw/)等。為將短網址還原為原始網址，常見方式可於短網址後加上一個"+"，即可還原；或使用以下工具皆可還原為原始網址。 [ifreesite](https://www.ifreesite.com/longurl/) [expand URL](https://www.expandurl.net/) ## (三)網域DN查詢網域名稱可透過註冊商Godaddy等進行註冊購買，註冊時填輸相關資料，該資料均可造假，惟其中扣款方式與Email資料無法造假，因此常被用於確認身分獲情資比對使用，然因GDPR規定，其註冊資料屬個人資料，原可查詢所得資料，現已漸無法於網路查詢得知。 ### 一般DN查詢 * [Whois](http://whois.sc) * [Viewdns.info](https://viewdns.info/whois/) * [Whoxy](https://www.whoxy.com/) * [ICANN](https://lookup.icann.org/) * [Who.is](https://who.is/) ### 進階DN查詢 * [DNS Report](https://viewdns.info/dnsreport/) * [Reverse Whois](https://viewdns.info/reversewhois/) * [Domainiq](https://www.domainiq.com/tools) * [rapid dns](https://rapiddns.io/) ## (四)歷史註冊資料網址註冊後，下一步將網址與IP對應，因此使用者電腦才知道要連結哪一個IP，而網址是恆定，對應IP可能因為伺服器位置變化而更動，因此我們可以查詢DN對應IP歷程來作為犯罪偵查情資使用。 * [IP History](https://viewdns.info/iphistory/) * [DN BigData](https://domainbigdata.com/) * [whois history](https://www.cxw.com/whois/history) ## (五)歷史網域畫面網站歷史畫面可供作為情資參考。 * Google cache https://webcache.googleusercontent.com/search?q=cache:~~inteltechniques.com~~ * [Domainiq](https://www.domainiq.com/snapshot_history) ## (六)網站歷史檔案 * [Archive.org](https://web.archive.org/web/http://test.com) * [Mementoweb](https://mementoweb.org) ## (七)子網域查找子網域即從網域名稱再加以延伸的部份，可以導覽至網站的不同區段。常見如賭博網站中，賭客的網址為http://test.com，而組頭所用網址為http://ag.test.com。 * Google搜尋(搜尋yahoo.com，扣除www.yahoo.com) site:yahoo.com -inurl:www * [Virustotal](https://www.virustotal.com/gui/home/search) * [Pentest tools](https://pentest-tools.com/information-gathering/find-subdomains-of-domain) * [Subdomain Finder](https://subdomainfinder.c99.nl/) * [DNS dumpster](https://dnsdumpster.com/) ## (八)憑證搜尋 * [Censys](https://censys.io/) * [Certificate Search](https://crt.sh/) * [Cert db](https://spyse.com/tools/ssl-lookup) ## (九)其他 ### 1、取出網頁上連結 * [Link Extractor](https://www.webtoolhub.com/tn561364-link-extractor.aspx) * [Free URL Extractor](http://www.bulkdachecker.com/url-extractor/) * [Link Gopher(瀏覽器插件)](https://sites.google.com/site/linkgopher) ### 2、取出網頁上Email * [theHarvester(免費軟體)](https://github.com/laramies/theHarvester) * [Web Data Extractor(付費軟體)](http://www.webextractor.com/) * [Email Extractor(瀏覽器插件)](https://www.email-extractor.io) ### 3、分析網站建構技術 * [builtwith](https://builtwith.com/) * [wappalyzer](https://www.wappalyzer.com/) ### 4、網站監控 (相互參照第一章資料) [follow that page](https://followthatpage.com/) ### 5、Robots.txt robots.txt 檔案位於網站的根目錄，也就是說，www.test.com 網站的 robots.txt 檔案就位於 www.test.com/robots.txt。robots.txt 為文件檔，內記載系統允許或拒絕檢索存取的目錄。 ### 6、被動DNS 將域名對應至IP的過程中，我們會用到DNS，該過程稱為域名解析。但有些網路問題難以用DNS解析方式解決，而要用相反方式解決，於是被動DNS即將全球域名進行蒐集檢索，這些DN資料除現存資料外，亦包含歷史紀錄。可用來解決域名DNS歷史記錄查詢或查詢主域名下的所有子域名等問題。 ![pDNS](https://i.imgur.com/GoycF97.png) * [Passive dns] https://passivedns.mnemonic.no/ * [Urlscan.io] https://urlscan.io/ * [Security Trails] https://securitytrails.com/ ### 7、Analytics 什麼是Google Analytics? 這項工具是Google公司提供的數據分析工具，可用來分析網站的數據狀況，因其為全世界最普及的分析工具，故其數據準確度相當高，且可由相同analytic ID視為同一人或組織所維護網站，或可由IP與DN等其他資料進行分析亦可。 * [Reverse analytics](https://dnslytics.com/reverse-analytics) * [Spy on web](https://spyonweb.com/) * [Analyze id](https://analyzeid.com/) * [Reverse Analytics Search](https://hackertarget.com/reverse-analytics-search) * [DomainIQ](https://www.domainiq.com/reverse_analytics) * [Website informer](https://website.informer.com/) * [Spyse](https://spyse.com/) * [Clear web stat](https://www.clearwebstats.com/) * [Security Headers](https://securityheaders.com/) * [Moon Search](http://moonsearch.com/) * [Siteliner](https://www.siteliner.com/) ### 8、行銷分析工具 * [Similar Web](https://www.similarweb.com/zh-tw/) * URL分享次數 [Shared count](https://www.sharedcount.com/) * Back link分析[SEO tools](https://smallseotools.com/backlink-checker/) * 網頁關係圖[Visual site map](http://www.visualsitemapper.com/) ### 9、惡意網站威脅情資 * [VT](https://virustotal.com) * [Threat intelligence](https://threatintelligenceplatform.com/) * [Threat Crowd](https://threatcrowd.org) * [Censys](https://censys.io) * [Threat Miner](https://www.threatminer.org/index.php) * [URLvoid](https://www.urlvoid.com/) * [Sucuri SiteCheck](https://sitecheck.sucuri.net/) * [Joe Sandbox](https://www.joesandbox.com/#windows) * Google https://www.google.com/safebrowsing/diagnostic?site=網址 ### 10、網站資料洩漏 * [Dehashed](https://dehashed.com) * [Scylla](http://Scylla.sh) * [normshield](http://normshield.com) * [Leakpeek](https://leakpeek.com) * [LeakedSource](http://leakedsource.ru) # 九、IP情資 ![IP](https://i.imgur.com/ki66ATT.jpg) ## (一)IP logger * [IP Logger](https://iplogger.org) * [grabify](https://grabify.link/) * [ps3cfw](https://www.ps3cfw.com/) ## (二)DN to IP ## 1、DNS Record 網址對應至IP過程稱為網址解析，重要解析紀錄有A、CNAME、MX等。可透過nslookup查找對應或透過以下工具查詢。 [DNSLookup](https://mxtoolbox.com/DnsLookup.aspx) ## 2、CDN網路為避免網路攻擊即加速內容傳遞，CDN網路服務推出，當網站透過CDN網路服務隱匿本身IP時，難以查找其真實IP。 * 歷史紀錄 * Crimeflare: EOS * [Cloudfail](https://github.com/m0rtem/CloudFail) * Censys https://censys.io/certificates?q=~~domain.name~~ ### 3、Trace Route 透過指令Tracert追蹤路由路徑。 ![tracert](https://i.imgur.com/4Kc3cw0.jpg) ## (三)ViewDNS提供服務 * [Reverse IP](https://viewdns.info/reverseip/) * [Geolocation](https://viewdns.info/iplocation) * [Port scan](https://viewdns.info/portscan/) * [IP Whois](https://viewdns.info/whois) * [Traceroute](https://viewdns.info/traceroute) ## (四)IP WhoIs 查詢IP屬於哪一家ISP業者。 * [Twnic whois](https://whois.twnic.net) * [IPIP](http://ipip.net/ip.html) * [iP138](https://www.ip138.com/) * [ipplus360](https://www.ipplus360.com/) ## (五)其他IP資訊 * [ONYPHE](https://www.onyphe.io/) * [IP to ASN](https://hackertarget.com/reverse-dns-lookup) * [Reverse DNS lookup](https://hackertarget.com/reverse-dns-lookup) * [Reverse IP](https://dnslytics.com/reverse-ip) * [IP address tool](https://www.ipvoid.com/) ## (六)BGP(Broad Gateway Protocol) * [BGP4](https://www.bgp4.as/tools) * [Hurricane Electric BGP](https://bgp.he.net/) * [BGP Ranking](https://bgpranking.circl.lu/) * [BGP Stream](https://bgpstream.com/) ## (七)IPLocation * [IPfingerprints](https://www.ipfingerprints.com/) * [IP2Location](https://www.ip2location.com/demo/) * [DB-IP](https://db-ip.com) * [IP Location](https://www.iplocation.net/) * [That’s Them](https://thatsthem.com/reverse-ip-lookup) * [Taiwan IP v4](https://raw.githubusercontent.com/ipverse/rir-ip/master/country/tw/ipv4-aggregated.txt) * [Taiwan IP v6](https://raw.githubusercontent.com/ipverse/rir-ip/master/country/tw/ipv6-aggregated.txt) ## (八)TOR跳板IP * [TOR Exit node](https://metrics.torproject.org/exonerator.html) * [VPN]https://spur.us/context/~~89.249.74.218~~ ## (九)惡意IP * [Honeypot回報惡意IP](https://www.projecthoneypot.org/list_of_ips.php) * [FireHOL](http://iplists.firehol.org) * [Block list](http://www.blocklist.de/en/index.html) ## (十)網站安全情資 * [zone-h](https://www.zone-h.org/archive) * [deface](https://defacer.id/) * [Threat book](https://x.threatbook.cn/) * [Route pwn](http://www.routerpwn.com/) # 十、TOR及虛擬貨幣 ![darkweb](https://i.imgur.com/2OMSzuK.jpg) ## (一)加密貨幣 * [Blockchain](https://www.blockchain.com) * [Bitcoin whos who](http://bitcoinwhoswho.com/) * [Blockchair](https://blockchair.com/) * [wallet explorer](https://www.walletexplorer.com/) * [Bitcoin abuse](https://www.bitcoinabuse.com/) ## (二)比特幣調查 * [Validation]http://codacoin.com/api/public.php?request=validate&address=~~xxx~~ * [Summary] https://chain.api.btc.com/v3/address/~~1HEUW9e5K9uTmfzrUv9zMZ4GggDRBcUEb4 ~~ ## (三)暗網搜尋 * [Ahmia](http://ahmia.fi) * [Dark Search](http://darksearch.io) * [Onion Link](http://onion.link) * [Tor2Web](http://www.tor2web.org) ## (四)暗網網站瀏覽 [社工庫] http://pwndb2am4tzkvold.onion/ [暗網交易市場] http://almvdkg6vrpmkvk4.onion [茶馬古道] http://7zj4oshsyhokgus6fyk7pmdiubu4mkjpjjprjkvopnhnwylr522tymqd.onion [暗网自由城] http://5ztle4erzahkogglels3z6mpcnkf37gxljp2t6oev2766jwhrly3osad.onion ## (五)案網偵查韓國暗網案件 ![darknet](https://i.imgur.com/YFsxg28.jpg) ## Reference [OSINT](https://start.me/p/QR7lQD/osint)