🟥 Someone opened your file. You know their IP address, location, browser and exact timestamp - and they have no idea you know. Here's the free tool that makes it possible. 👇 It's called Canarytokens, the most powerful free digital tripwire tool on the internet. Used by security researchers, journalists, investigators and intelligence analysts worldwide. Go to canarytokens.org/nest Here's how it works: You create a trap. You plant it somewhere. The moment anyone touches it — you get an instant alert with their IP address, location, device and exact time. They announce themselves without knowing it. 20 trap types to choose from: 📄 Word document - someone opens the file, you get their IP instantly. Plant it in a folder labelled "Passwords" or "Confidential" and wait. 🔗 Tracking URL - send a link. The moment they click it, IP address, browser, operating system, city, country. All logged silently. 📧 Email token - embed in any email. Fires the moment they open it. Know exactly when and where your email was read. 💳 Fake credit card - generate realistic card details. The moment an attacker tries to use them, instant alert. Used by Grafana Labs to detect a breach within minutes in 2025. 🔑 Fake AWS API key - plant it in a file. Any attacker who finds it and tries to use it triggers the alarm immediately. 🖼️ QR code - print it and place it anywhere physical. Someone scans it, you get their phone model, location and timestamp. Real OSINT use cases: 🔍 Send a document to a suspect source, find out if they forwarded it and to whom 🔍 Plant a fake credentials file in a shared drive, know immediately if someone unauthorised accessed it 🔍 Embed a token in a PDF sent to a leak suspect, the moment they open it, you have their IP 🔍 Track whether a sensitive email was forwarded beyond the intended recipient How to set one up in 60 seconds: 1. Go to canarytokens.org/nest 2. Select your token type from the dropdown 3. Enter your email address for alerts 4. Add a reminder note - "sent to [name] on [date]" 5. Generate the token 6. Plant it and wait Zero false positives. Nobody touches a fake AWS key by accident. Nobody opens a file labelled "Confidential Salary Data" unless they're looking for exactly that. The attacker thinks they found something valuable. They found your trap. 💬 Have you ever used a digital tripwire to catch someone accessing something they shouldn't? What happened? 🔖 Bookmark this - Canarytokens is the most underused free security tool available to anyone right now. #OSINT #Canarytokens #BeginnerOSINT #ThreatDetection

🛑 They blurred the license plate. They still gave away the country. Can you see why? 👇 Everything identifiable has been obscured. Or has it? One detail in this photo reveals the country instantly - and it has nothing to do with the license plate. Drop your answer below with your reasoning. Methodology only - no guessing. 💬 Country the specific detail that gave it away. First correct answer wins. 🔁 Repost - tag someone who thinks they know urban OSINT. #OSINT #GeoChallenge #VehicleOSINT #BeginnerOSINT #GEOINT

🟥 Free app, 150 million WiFi hotspots, 200 countries, all crowdsourced. Useful tool, but read what it actually is before you trust it with anything sensitive. 👇 It's called WiFi Map - a community-powered WiFi database with 100M downloads. Real travellers submit real passwords from real cafés, hotels, airports, train stations. You see them on a map, tap a pin, and get the credentials. How it actually works: 📍 Open the app - nearby hotspots load on the map, colour-coded by type. 🔑 Tap a pin - the community-submitted password appears. 📥 Download offline maps before you travel (paid feature) so the database works without data. 📡 Built-in WiFi analyser and speed test for triaging which network in range is the fastest. 🌐 eSIM service available in-app (70 countries) as a fallback when no good hotspot exists. The honest limits: ❗ It's community-submitted, not auto-detected. The developer is explicit: the app doesn't scan networks or crack passwords. Coverage is dense where contributors are active and thin where they aren't - some users in metro areas report mostly empty maps. ❗ Free version is ad-heavy. Offline maps are paywalled. ❗ Passwords go stale - venues change them, networks get reset. Treat any entry as a starting point, not a guarantee. Where this is useful: 🌍 Travel triage - which café in a new city has working WiFi, before you sit down. ✈️ Bridging short connectivity gaps when roaming is prohibitive and a SIM is inconvenient. 🗺️ Discovery in dense, well-mapped cities (Western Europe, US metros, major Asian capitals). ⚠️ Where this is NOT operational security: Public WiFi is more trackable than a clean prepaid SIM in most threat models. You're exposed to MAC fingerprinting, venue session logs, the ISP upstream of the venue, and potentially hostile rogue APs broadcasting the same SSID as a listed hotspot. If your threat model includes a capable adversary -journalist in a restrictive country, field investigator, anyone where attribution matters - do not use crowdsourced public WiFi in place of a clean SIM. Use a SIM in a clean device, behind a VPN you control. WiFi Map is a convenience tool, not tradecraft. 📥 Get it: play.google.com/store/apps/d… (Android) or search "WiFi Map" on the App Store (iOS). 💬 What country have you most needed a tool like this in? Drop it below. 👇 🔁 Repost this - every traveller in your network needs it before their next trip. #OSINT #WiFiMap #TravelOSINT #BeginnerOSINT

🟥 Someone sent you a suspicious app. This free tool tears it apart and shows you every line of code inside it in seconds. No coding skills needed. 👇 It's called Decompiler and it's one of the most powerful free reverse engineering tools available to anyone with a browser. Here's what it does: Most apps and programs come as compiled files, meaning the original source code has been converted into machine language that humans can't read. Decompiler.com reverses that process entirely. You upload the file. It gives you back reconstructed source code - close to the original logic, minus comments, original variable names, and (in obfuscated apps) meaningful identifiers. What you can investigate: 📱 Android APK files That sketchy app someone sent you outside the Play Store? Upload the .apk file and see exactly what permissions it requests, what data it collects, what servers it connects to and whether it contains hidden surveillance code. 💻 .NET executables and libraries A suspicious .NET-based EXE or DLL arrives in your inbox. Upload it here to see the reconstructed C# source. ⚠️ Note: this only works for managed (.NET) binaries. Native Windows executables compiled from C/C , which most real-world malware is, will not decompile through this tool. For native code, use Ghidra (free, NSA) or IDA locally in a VM. 🐍 Python scripts Compiled Python files (.pyc) look like gibberish. Decompiler.com converts them back to readable Python instantly. ☕ Java applications Any .jar, .war or .class file decompiled back to full Java source code in seconds. ⚠️ Before you upload anything Decompiler.com is a public web service. Do NOT upload: - Samples you suspect are part of a targeted attack (you'll burn the indicator) - Evidentiary material in an active investigation - Anything attributable to your organisation For those, use a sandboxed local install of Ghidra, JADX, or radare2. For dynamic analysis, use any.run or Joe Sandbox. Real OSINT use cases: 🔍 The kind of finding analysts use this for: a "news app" circulating on Telegram during a conflict, decompiled to reveal it sends user location, contact lists, and message history to a server abroad every 15 minutes. 🔍 Or a "privacy VPN" promoted on forums, decompiled to reveal all traffic is being routed through a single server in a jurisdiction the marketing never mentions - the opposite of what the app claims. The app looks legitimate on the outside. The code tells the truth. Go to decompiler.com Drag any suspicious file onto the page Read exactly what it was designed to do 💬 Have you ever decompiled an app and found something it wasn't supposed to be doing? 🔖 Bookmark this - before you install any suspicious app or run any unknown file, upload it here first. #OSINT #Decompiler #BeginnerOSINT #DigitalForensics

🔴 OSINT CHALLENGE This is just a normal photo. Or is it? One image. No tools. No hints. Can you find: 📍 location 🎓 Name & education 💼 Profession 🕐 Date and time  Personal habits & patterns Rules: 👁️ Observation only 🕐 You have 60 seconds 💬 Drop your findings below ♻️Repost to challenge your network ✅ Follow for weekly challenges #OSINT #OSINTChallenge #GEOINT #BeginnerOSINT

Professional OSINT analysts play GeoGuessr to sharpen their geolocation skills. Here's why the world's top conflict investigators use a geography game to train. 👇 Bellingcat analysts play it. It's recommended by defence training instructors. It drops you anywhere on Earth with zero context-exactly like real OSINT work. Here's the tradecraft it builds: 🌿 Vegetation recognition - Tropical palms vs Central Asian steppe vs Eastern European pine forests. Every region has a distinct landscape fingerprint. After 100 rounds you read it automatically. 🛣️ Road sign analysis - Font styles, colours, languages and layouts are unique per country. Ukrainian road signs look nothing like Russian ones - a detail that matters when verifying conflict footage. ⚡ Infrastructure patterns - Electricity pole styles, guardrail types, road marking colours - all regionally distinct. These are the details that geolocate a video when everything else is hidden. 📷 Sun angle and shadow reading - Where the shadows fall tells you which hemisphere, which season and roughly what time. The same skill used to timestamp conflict photos. The analysts who geolocate conflict footage don't get lucky; they learn to read a landscape the way others read a map. Start here 👉 geoguessr.com 💬 Have you ever used GeoGuessr to train your geolocation skills? What's your average score? 🔖 Bookmark this - geolocation is the most transferable skill in OSINT. #OSINT #GeoGuessr #Geolocation #BeginnerOSINT #GEOINT #InvestigativeJournalism