Page 1 of 2 12 Last
  1. #1
    Nutcracker, sweet's Avatar
    Join Date
    Apr 2010
    Location
    Delray Beach
    Posts
    3,441
    Style
    BJJ
    6
    Hell yeah! Hell no!

    MABS tools and techniques

    Seems we have a lot of MABS threads that never get off the ground, because the initial reporter hasn't taken time to do any investigation. I've also seen plenty of threads, over the years, where the subject of investigation gets wind and changes their online presence.


    With those symptoms in mind, it's a good idea to share some tools and basic investigative techniques, to enable all Bullies to better pursue investigations.


    This will be the first in a series of posts which exposes tools and methods for gathering information, with a focus on martial arts. goodlun and I will be posting videos, screenshots, links, and write-ups, here.

    This is a MABS sticky thread, so off-topic posts and derails WILL be culled to a new location. But, if you have constructive tips or advice to add, here, it will be welcomed.

  2. #2
    Nutcracker, sweet's Avatar
    Join Date
    Apr 2010
    Location
    Delray Beach
    Posts
    3,441
    Style
    BJJ
    2
    Hell yeah! Hell no!
    Lesson 0: CamStudio. Excellent screengrab software. You should have it installed by default. http://www.camstudio.org/


  3. #3
    Nutcracker, sweet's Avatar
    Join Date
    Apr 2010
    Location
    Delray Beach
    Posts
    3,441
    Style
    BJJ
    1
    Hell yeah! Hell no!
    Lesson 2: Introduction to CaseFile, and harvesting information on IP addresses and domain names

    This one was ready, first, so I'm putting it out there. The first thing you should do is in Lesson 1, which should be going online sometime today. Until then...



    There are a couple of pro-tips I didn't include in the video, because unscripted. I also failed to write them down, but I remember one right now. Many internet providers and hosting companies, these days, will force you to take a CIDR block of 8 addresses (a /29, in tech parlance, which translates to 5 usable IP addresses). That is because ARIN requires a public registration of information at that minimum level; so, if you're doing something disreputable, online, the WHOIS lookup will show your information, not the provider's.

  4. #4
    Nutcracker, sweet's Avatar
    Join Date
    Apr 2010
    Location
    Delray Beach
    Posts
    3,441
    Style
    BJJ
    3
    Hell yeah! Hell no!
    Lesson 1: HTTrack

    Start here, seriously. This is your first step. Do this before you start a MABS investigation.

    In this video, I introduce basic HTTrack usage, and have some fun sifting through images on Ashida Kim's website:


  5. #5

    Join Date
    Feb 2007
    Location
    Slough
    Posts
    681
    Style
    Karate
    1
    Hell yeah! Hell no!
    Quote Originally Posted by submessenger View Post
    Lesson 1: HTTrack

    Start here, seriously. This is your first step. Do this before you start a MABS investigation.

    In this video, I introduce basic HTTrack usage, and have some fun sifting through images on Ashida Kim's website:

    Really like the demo - HTTrack looks like an incredibly useful tool - wish we had used it when we investigated Richard Spencer the other year.

    Question, you mentioned that when you are downloading the site and you use their bandwidth there is a risk that you might take their website down in what would be an effective DOS attack. Are we leaving ourselves open to potential prosecution?

  6. #6
    Nutcracker, sweet's Avatar
    Join Date
    Apr 2010
    Location
    Delray Beach
    Posts
    3,441
    Style
    BJJ
    1
    Hell yeah! Hell no!
    Quote Originally Posted by scipio View Post
    Really like the demo - HTTrack looks like an incredibly useful tool - wish we had used it when we investigated Richard Spencer the other year.

    Question, you mentioned that when you are downloading the site and you use their bandwidth there is a risk that you might take their website down in what would be an effective DOS attack. Are we leaving ourselves open to potential prosecution?
    Not necessarily. I should have worded that better. What I mean is that it is conceivable that you could tweak the settings up high enough to saturate their bandwidth or saturate your own bandwidth. If you stick with the defaults, you're probably in no danger of causing them trouble.

  7. #7
    Nutcracker, sweet's Avatar
    Join Date
    Apr 2010
    Location
    Delray Beach
    Posts
    3,441
    Style
    BJJ
    3
    Hell yeah! Hell no!
    Lesson 3: Introduction to Photo Forensics



    (edit) I knew I forgot something... That's not Crocop, that's W Silva, duh, axe murderer. I can be very dense, sometimes.

  8. #8
    Cake of Doom's Avatar
    Join Date
    Jan 2010
    Location
    surrey, UK
    Posts
    1,056
    Style
    Cardio
    2
    Hell yeah! Hell no!
    Quote Originally Posted by scipio View Post
    Really like the demo - HTTrack looks like an incredibly useful tool - wish we had used it when we investigated Richard Spencer the other year.

    Question, you mentioned that when you are downloading the site and you use their bandwidth there is a risk that you might take their website down in what would be an effective DOS attack. Are we leaving ourselves open to potential prosecution?
    That's true with the Spencer thread. His site was changed so regularly, that the thread got saturated with screen shots.
    Train hard, fight easy.

  9. #9

    Join Date
    Feb 2007
    Location
    Slough
    Posts
    681
    Style
    Karate
    2
    Hell yeah! Hell no!
    Quote Originally Posted by Cake of Doom View Post
    That's true with the Spencer thread. His site was changed so regularly, that the thread got saturated with screen shots.
    I know - if I remember we were scrabbling around trying to save screen shots in a format that could be posted!

  10. #10
    Nutcracker, sweet's Avatar
    Join Date
    Apr 2010
    Location
    Delray Beach
    Posts
    3,441
    Style
    BJJ
    1
    Hell yeah! Hell no!
    Quote Originally Posted by scipio View Post
    I know - if I remember we were scrabbling around trying to save screen shots in a format that could be posted!
    It may seem obvious, today, but a decent way to get screenshots of web sites is to print them to PDF or XPS. There are some quirks with that, but seems like good fodder for another short tutorial.

    That Spencer thread also raises another topic, which is versioning - especially for volatile sites, like that. I'll add that to my list of things to get to, as well.

Page 1 of 2 12 Last

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in
Single Sign On provided by vBSSO