Newsletter 2019-08-20

Published on August 19, 2019 by

August 2019: Latest Updates 👋

The last newsletter was sent out early July 2019. Since then, we have new features and blog posts to share! Our free OSINT tool suite has been substantially upgraded.

🕵🏻 OSINT Tools: More tabs, more functionality

Check out our free OSINT tools at https://intelx.io/tools.

The third-party search allows you to quickly look for the following:

  • General
  • Email
  • Domain
  • IP
  • Bitcoin
  • Image (reverse search)
  • Username
  • Person
  • Phone Number
  • Location
  • File

Our social media tabs include Facebook, Twitter, LinkedIn, and Telegram. Other tabs available include Validate Emails, GeoIP Lookup, Encoding, and URLs.

Magic File Tool

The Magic File tool allows you to extract text, metadata, selectors, and images from a variety of file types. It is helpful for forensics and investigative purposes.

Try it out: 👉🏻 https://intelx.io/tools?tab=filetool

🌍 WikiLeaks and Cryptome data in numbers

We have a search category named “WikiLeaks”, which contains the data from WikiLeaks, Cryptome, and the Snowden Files.

Indexing the data (= the process of making it searchable by parsing and creating a search index) has quite a few challenges. There are both organizational and technical challenges:

  • Content that is of no interest and should not be indexed
    • Pornographic content
    • Extreme violence
    • Fake news
    • Spam
  • Different file types, encodings, compressions
  • Overall no clear structure and index. Sometimes there are duplicates, and sometimes files appear to be missing.

tl;dr, this is the amount of WikiLeaks data indexed by Intelligence X:

  • Items: 5,664,971
  • Unique selectors: 368,818
  • Total extracted selectors: 41,213,169
  • Size of data files (total): 471 GB

Most of the extracted selectors are emails (46%), followed by credit cards (19%), and URLs (15%).

The Cryptome data, in comparison, is much smaller:

  • Items: 93,234
  • Unique selectors: 333,122
  • Total extracted selectors: 539,908
  • Size of data files (total): 39 GB

Read the full blog post here.

🐞 Viruses on the Darknet

We store 13,158,345 items for Tor (since 2017) and 1,954,070 items for I2P (since 2018). Those items include lots of historical and current copies of websites and other files. We scanned everything with the ESET antivirus program to see if there are any viruses.

Here is the short summary:

  • 1 file detected on I2P, which was actually a false-positive
  • 2944 files detected on Tor

Read the full blog post here.

🔗 Connect with us


Kleissner Investments s.r.o., Na Strzi 1702/65, 14000 Prague, Czech Republic

If you don’t want to receive this email anymore, click here to unsubscribe.

Related articles

Newsletter 2020-03-23

Published on March 23, 2020 by

March 2020 Updates How we prepared for the current global situation We have ordered and deployed 180 TB worth of enterprise storage to be prepared for upcoming price increases and shortages of hard disks. We are reading reports that warn of upcoming delivery delays due to disruptions in the supply chain. We tweeted a picture


Decoding the US Death Master File

Published on March 19, 2020 by

“The Death Master File (DMF) is a computer database file made available by the United States Social Security Administration since 1980″ according to Wikipedia. It is available here https://ladmf.ntis.gov/ but costs $2,930.00 anually. The file has since been posted on the internet for free, including here: http://ssdmf.info/download.html November 30, 2011 http://cancelthesefunerals.com/ May 31, 2013 https://archive.org/details/DeathMasterFile May 31, 2013 This file can


An OSINT investigation into one of our attackers

Published on March 5, 2020 by

On December 11, 2019 we have received 31,866 HTTP requests from the IP 81.171.107.57. Below are few sample log entries: 81.171.107.57 – – [11/Dec/2019:13:52:37 +0000] “POST /login HTTP/1.1” 200 7448 81.171.107.57 – – [11/Dec/2019:13:52:37 +0000] “POST /login HTTP/1.1” 200 7443 81.171.107.57 – – [11/Dec/2019:13:52:37 +0000] “POST /login HTTP/1.1” 200 7447 81.171.107.57 – – [11/Dec/2019:13:52:37 +0000]


Search the blog: