Things You’ll Wish You’d Known Before Your First Search Party CTF
February 16, 2021
Where do you begin? How do you move forward? Below are a few general tips our community has found to be useful.
The Trace Labs team created a specialized OSINT VM specifically to bring together the most effective OSINT tools and customized scripts we saw being used during our Search Party CTF’s. Inspired by the infamous Buscador VM, the Trace Labs OSINT VM was built in a similar way, to enable OSINT investigators participating in the Trace Labs Search Party CTF’s a quick way to get started and have access to the most popular OSINT tools and scripts all neatly packaged under one roof.
Download OVATo get started, download the OVA version of choice below and run it in your choice of VM software (ie. VMware Workstation, Virtualbox etc.). The default credentials to log in to the TL OSINT VM are osint:osint
4.7 GB
Install Guide v2.162c4a5e6bd8edf1d723f5d031c24163e6c90fcec73bd9228074942868ff7d8fb
TL OSINT VM 2022.1 AMD64 ISO (NA/EU Mirror)3.8 GB
Install Guide v2.1442852a5a8ffb4a3756347ac27f616ad7128457b41135d7e75623ce0450bd867
TL OSINT VM 2022.1 MAC M1 ISO3.5 GB
Install Guide v2.132ea9357db1c741ed0d0957f1650d423ed3ebd2e981d41270a2746054fbe2af3
Windows 10 x64 / Mac OS X / Linux Distribution x64
Intel Core i3 2.5 Ghz or AMD Phenom II 2.6 Ghz or greater
8 GB RAM
40 GB Available
We are continuing to build upon the Trace Labs OSINT VM and welcome any and all feedback. Our goal with this project is to create an OSINT focused VM that provides security, stealthiness and the ability to easily save digital forensic evidence during an investigation all within an easy to use package.
Want to contribute tool and configuration suggestions? Log a GitHub Issue on our GitHub page for the project here: https://github.com/tracelabs/tlosint-live
Credit for the creation & maintenance of this project goes to Jason Kregting, Tom Hocker (humanDecoded), Swetha Balla, lowprivs, Katniss, and Paul “Krkn” D!
• Sublist3r
• Browse Mirrored Websites
• Metagoofil
• Spiderpig
• WebHTTrack Website Copier
• Youtube-DL
• Chromium Web Browser
• Firefox ESR
• Tor Browser
• Buster
• H8mail
• Infoga
• theHarvester
• DumpsterDiver
• Exifprobe
• Exifscan
• Photon
• Stegosuite
• FinalRecon
• Little Brother
• recon-ng
• sn0int
• Spiderfoot
• WikiLeaker
• OSINT-Search
• PhoneInfoga
• Instaloader
• Twint
• Sherlock
• WhatsMyName
• Delete cookies/history on shutdown
• Privacy protection (block mic/camera/geo)
• OSINT Bookmarks
• checkdmarc
• Photon
• Carbon14
• Sherlock
• skiptracer
• h8mail
• Shodan
Our valued sponsors have enabled us to grow and expand our mission with their continued support.
