Offensive OSINT s05e08 - OS Surveillance 2.0
In this article we will take a journey with Open Source Surveillance system through real-life use cases, from conflict zones to biggest American cities, to see how it can help you find crucial information. We’ll explore how researchers can use it to uncover new leads and support various investigations, while also touching on other cool techniques for identifying people, places, and behaviours.
In today's episode we also have tensions on Poland-Belarus border, Israeli military facilities, Washington under the radar and who lives in Beverly Hills.
Telegram location (turned off already), Twitter module, reverse address lookup or hashtag search, amongst other, are newest features that gives you even better situational awareness coverage.
If you don't know the system yet and what is capable of, please read previous posts
Flickr module is available for limited time for everyone, just register and start searching on
TL;DR
Open Source Surveillance is an innovative real-time situational awareness system that captures social media, events, cameras and other data from open sources, with geolocation. It enhances various investigations, supports OSINT operations, and aids in law enforcement and public safety efforts. Specific applications include monitoring conflict zones or maintaining urban safety in crowdy areas.
Before we go into the today's main topics, let's quickly look on latest update and how the platform evolved.
Open Source Surveillance 2.0
The initial public release of the system occurred almost a year ago, and since then, it has changed drastically. Numerous new modules, useful features, a new design, and an API for integrations have been added. These are just a few of the many changes that have taken place over the past months.
Now, you can choose from nearly 50 modules across various categories to gain actionable insights into any location, whether remote or urban, as long as someone has left a digital footprint there. This is incredibly useful for tracking historical or real-time events and cross-referencing them with social media activity. Additional features such as Username Search, People API, Face Recognition, Territory Analysis, Timeline, AI Geolocate, Search Nearby and recently improved dashboard enable anyone to utilize the same techniques for open-source investigations as law enforcement and professional intelligence analysts.
API
First ever situational awareness API is ready and has been released couple days ago. Just provide coordinates (latitude, longitude and bounding box) and optionally keywords and timestamp. API supports ~50 modules and basic documentation is available on
Contact me directly if you want to know more about the API and limits.
New design
The overall design has undergone a significant refresh. It’s now easier than ever to filter findings, retrieve statistics, and achieve exactly what you need—all while maintaining a modern and fresh look.
The search menu has been moved to the left side, with all additional modules now available as icons at the top of the map, and the search feature located at the top centre. You can easily switch between dark and light themes in the top right corner, near the legend that explains how the modules operate.
Sidebar with information about the items has been replaced and now it does not take so much place what improve readability on the map.
Every view has been refreshed and important information properly highlighted to give better investigative experience. Let me know whether you like it and if this change was for good.
That's being said, let's focus on how to track, find and follow any digital lead and transform it into the intelligence.
Introduction
Situational awareness and OSINT are critical in today’s security and intelligence landscapes. Open Source Surveillance serves as a vital tool in these areas by offering comprehensive data collection and analysis capabilities.
Situational Awareness:
- Crisis Response: Real-time data enables quick response to natural disasters, public health emergencies, and other crises.
- Event Monitoring: Whether it's a large-scale public event or a sudden protest, OSS can track the flow of information and people that were active, helping authorities maintain order and ensure public safety.
- Predictive analysis: Gather information about the past events and criminal activity to predict where next major incidents might happen and where to focus your attention.
- Public safety: By utilizing many real-time events source, OS - Surveillance allows to discover large gatherings and potential dangerous situations.
OSINT (Open Source Intelligence):
- Threat Detection: By analysing social media posts, news reports, and other open sources, it helps identify potential threats, such as planned attacks or rising tensions in specific areas.
- Eyewitnesses: Knowing time and date of an event, OSS can scan for activity in given data range, what might be helpful to find additional eyewitnesses for a case.
- Espionage: Social media posts in sensitive facilities or Internet exposed devices disclose lot of intelligence to be used by nation states.
We know already what fields Open Source Surveillance can cover and now it’s time to quickly learn what to focus on in geospatial investigations. OSS offers a wealth of features and modules to help uncover crucial leads, making it the go-to resource for any GEOINT research
The first step is to clearly define your objectives, which will enable you to customize the territory and modules you use. For instance, there's no point in searching for Amtrak trains or Craigslist postings in Europe, so understanding how the system works is crucial. The legend in the top right corner can assist you in grasping the basics.
Another important factor is to familiarize yourself with the territory you’re investigating. Consider questions like: What language is spoken? What culture is represented? Where do people most frequently gather? These are essential considerations before diving into your research.
Many geospatial investigations focus on various buildings, properties, or facilities. The 'Critical Infrastructure' feature, now located at the top, allows you to select the types of facilities you want to find. This feature enables quick identification of military installations, emergency stations, water-related infrastructure, power plants, and more. Marking these features makes it easier to visualize the entire picture of the researched area.
Geopolitical events significantly impact how countries and cities operate, so staying informed about current events in the area you’re monitoring is essential. OSS provides five sources to search for current events, which I’ll present, allowing for potential cross-referencing with other sources.
And of course, always remember to cross-verify all findings and sources.
This list is not exhaustive—I haven’t even mentioned live transport and traffic data, Wi-Fi network detection, or upcoming sports and entertainment events in the city—but for now, let’s move on to practical applications and examine some real-world examples.
Poland-Belarus border and Ukraine
I previously mentioned the ongoing attacks on Ukraine and how you can research battlefields and military bases. This time, we'll quickly explore how to use the events module to track developments in Ukraine, monitor the Poland-Belarus border, and follow digital leads.
You can use four sources of events that work worldwide. There is an icon near each module in multiselect to present if it supports timestamp, keywords or whether they work on radius or bounding box. In addition, some modules like Craigslist or Crimes work only in US, which there is another icon to clarify that.
Knowing the exact place of incidents we can go further and research social media activity nearby. The most useful in this case is Vkontakte module, you can find plenty of photos disclosing location, vehicles transport or military facilities.
OS-Surveillance was not made to support military operations but rather as a first Open Source Intelligence point to start initial reconnaissance or constant monitoring of sensitive territories. There are more dangers coming from this war and one of them is hybrid war on the east border of Poland.
Illegal immigration has become a significant issue along the Poland-Belarus border, fuelled by geopolitical tensions. This border has seen a surge in illegal crossings, posing challenges for both border security and law enforcement. The OSS system plays a crucial role in addressing these challenges by providing real-time data and geolocation insights, enhancing the ability of authorities to monitor and respond effectively.
We start from new feature - hashtag search across different social media. These posts have no geotags assigned to them, but in some cases it's possible to geolocate it, and even if not, this still gives a valuable information about the events happening near the border or anywhere else.
Pick the social media you want to search, type hashtag and click search. It will return latest posts, including photo and information about the author.
Let's try with obvious one "granica" (border in polish), but you can adjust it for your needs. We started from one hashtag but can find more similar ones and search again, to obtain even more posts. Supported services are Tiktok, Instagram and Facebook.
After couple seconds, we have results and can quickly find Tiktok with photos & videos of the border and incidents nearby. Moreover, additional comments and advices about the illegal crossing are posted.
Beside already mentioned, there are more modules that can be useful in this matter like Airbnb or Booking (guests lookup), Alltrails, Flickr, Snapchat, Twitter, Weibo, Vkontakte, Events sources, Internet Exposed devices or Telegram.
(Unfortunately for OSINT community, People Nearby functionality has been turned off and is not available anymore).
The latest is new, experimental feature available in Custom Plan and allows to track Telegram users with "People Nearby" functionality turned on.
Many sources can confirm that's the one way for illegal immigrants to communicate and look for each other near the border. OSS can find a telegram users in radius of 1000 metres from any place, so let's take a look what's going on.
As you can see, in the forest near place were Polish soldier was murdered, there are plenty of results and a lot of them with middle eastern names. In some cases, we can get phone numbers and if we want to keep borders secure, each of these person should be screened.
You can also research any place, below example discloses Telegram users near Brest training ground
Other conflicts zones
OSS can be useful in any territory, from crisis management, event monitoring to intelligence gathering on conflicts zones. Last one can be presented by checking activity near the military bases and dangerous zones also.
OSS is a tool that supports your investigation, and some manual labour has to be done, especially when finding real identity from username or social media account. Thanks to this we can know who the person behind the account is, and potential point of the activity.
New events modules, gives much better coverage and we are going to use it to check for events in Israel and Palestine.
OS - Surveillance detected around 500 places related to military facilities. I checked majority and almost on every facility, there are social media activity. Accounts have full name and surname what makes it easier to find more details about the specific person.
Alltrails, Flickr, Weibo, Vkontakte, Outdooractive, Snapchat or Bikemap are the most proper modules for this use case.
Washington DC
Previous updates have brought more modules that allow for better event tracking and general public safety coverage. Right now, we can get better insight into biggest US cities, including information about real estates, powered by Trestle.
This is one of my favourite modules because it allows you to obtain property owners' names, along with their emails and/or phone numbers. This opens up a new avenue for research, enabling you to gather more information based on these artefacts. If you notice social media activity or events nearby, it's incredibly easy to find the emails of people living in the area or pinpoint the exact location where the activity took place, but more about this module later.
Now, let's take a look at how OSS can help monitor crowded cities and assist in maintaining public safety and situational awareness.
These are just part of criminal events that took place in latest days & weeks, but tomorrow will be new ones, since Washington is a place that lives all the time.
To discover what's happening, we can scan for upcoming events on platforms like Ticketmaster, Eventbrite, and Airbnb Experiences, while Craigslist can assist in locating stolen items. It’s easy to identify the most significant upcoming events and add them to our list of observed locations.
At the end, to gather details about the social media activity, we need to choose modules and start searching. After couple of clicks you can have such view.
Since it's a lot of data, don't forget you can analyse territory and get detailed statistics and timeline in given territory.
It can help cross-reference and correlate the previously mentioned events with social media activity. In this case, the most relevant modules include Airbnb, Booking (guests), Bikemap, Flickr, Snapchat, Sportstracker, Telegram, Twitter, Vkontakte, Weibo, Wikiloc, and YouTube. Essentially, all of these can be used for eyewitness canvassing to determine who was in the vicinity when an event occurred.
Bonus - Address lookup
Each week, I discover new use cases for Open Source Surveillance. This time, I've explored a module that allows us to look up public records for property information. This means we can identify who lives in a given building, including their names, emails, and phone numbers—offering another pivot point for various investigations. This module works only in United States.
It provides access to 479 million identities and 1.79 billion address-name linkages, greatly expanding the potential for enriching your investigations and gathering valuable intelligence. Since our previous topics were more serious, we'll use this module to explore real estate ownership in Beverly Hills and the surrounding areas
You can check a random house in Hollywood, Los Angeles, or Beverly Hills, and there's a good chance you'll find a famous person—and possibly their contact information. If you prefer not to take a shot in the dark, here’s a website where you can find the exact addresses of many wealthy individuals' mansions.
It's also easy to deanonymize or at least get additional information about the user like phone number and email. When you found any activity, post or photo that matches exactly a house, what usually means that person took selfie or started jogging there, you can retrieve information from Address Lookup module as presented on below screenshots.
You can extend your research and run scripts to discover more social media accounts for the email or phone number. It proves that no one is anonymous on the internet and everyone leaves some digital footprint, even celebrities.
Summary
We've explored several potential use cases for the Open Source Surveillance system, but I can't cover them all. There are many more applications, such as predictive analysis, threat management, travel security, event monitoring, crisis response, and many others. With over 50 modules, the system offers flexibility to tailor your investigations into people, places, and behaviour.
The system allows you to approach complex investigations from multiple angles, ensuring you don't miss crucial details. Whether you’re tracking geopolitical events, monitoring social media for real-time intelligence, or conducting deep dives into property records, OSS provides the tools you need. The ability to cross-reference data across various sources further enhances the depth and accuracy of your analysis. As you become more familiar with the system, you'll find even more ways to leverage its capabilities to gain valuable insights.