Image generated with Google Gemini

A few years ago, Foeke Postma, a researcher at Bellingcat, revealed that US soldiers stationed in Europe had posted sensitive information about nuclear weapons on publicly-available flashcard learning websites. 

The information, which included details about the shelters that housed nuclear weapons, had been uploaded by soldiers that were trying to test their knowledge of key details about their job.

Postma’s story included an explanation of how he discovered the flashcards:

By simply searching online for terms publicly known to be associated with nuclear weapons, Bellingcat was able to discover cards used by military personnel serving at all six European military bases reported to store nuclear devices. 

In this case, nuclear secrets were publicly available on the web, provided you knew where and how to look.

There’s an incredible amount of sensitive, confidential, and otherwise interesting documents sitting out in the open on the internet. Sometimes they’re on websites, as was the case in the Bellingcat story. More often than not, documents are hosted on servers that have been rented by people and companies from major cloud providers like Amazon, Microsoft, and Google. It could be a government department that’s storing sensitive files on a publicly-accessible server, or a company that’s unwittingly left internal data and documents out in the open.

Amazon’s Simple Storage Service stores objects like documents in “buckets.” The term has become something of a shorthand in the OSINT and threat hunting communities. The basic idea is that you can use keywords and other methods to identify open buckets and the documents and files contained within them. You’d be surprised how many organizations fail to properly protect their internal information with a password or basic security measures.

This Indicator Guide offers an overview of Google dorks and third party tools that investigators can use to uncover interesting information that’s sitting out in the open on websites and in unsecured buckets. This can help with backgrounding people and companies, searching for specific documents and files, or hunting for information related to a topic, department, project, legal case etc. Just to be 100% clear: this guide only focuses on finding publicly available, open source information. 

Let’s take a look at the searches and tools you can use to hunt down documents and files.

logo

Join today to read the rest

"Alexios and Craig have built something exceptional with The Indicator." - Ruben Gomez, Researcher and former Trust & Safety worker at Reddit and Twitter/X

Upgrade

With a membership, you get:

  • Everything we publish
  • All of our workshops
  • Our eternal gratitude

Keep Reading

No posts found