Trace Labs OSINT VM

The Trace Labs team has set out to create a specialized OSINT VM specifically to bring together the most effective OSINT tools and customized scripts we saw being used during our Search Party CTF’s. Inspired by the infamous Buscador VM, the Trace Labs OSINT VM was built in a similar way, to enable OSINT investigators participating in the Trace Labs Search Party CTF’s a quick way to get started and have access to the most popular OSINT tools and scripts all neatly packaged under one roof.

To get started, download the OVA file via the link below and run it in your choice of VM software (ie. VMware Workstation, Virtualbox etc.). The default credentials to log in to the TL OSINT VM are kali:kali

TL-OSINT-2020.1 OVA Download

SHA256 Hash: 96AD609A0737BD1A28E1079B6B0B5CADFF2380D481B6932EF643B3BB12EB67AE

We are continuing to build upon the Trace Labs OSINT VM and welcome any and all feedback. Our goal with this project is to create an OSINT focused VM that provides security, stealthiness and the ability to easily save digital forensic evidence during an investigation all within an easy to use package.

Credit for the creation & maintenance of this project goes to Jason Kregting, Swetha Balla and Paul “Krkn” D!

Check out Krkn’s blog to see what other cool project’s they’re working on! https://www.krknsec.com/

Applications included in the build

Android Apps

  • Anbox

Browsers

  • Chromium Web Browser
  • Firefox ESR
  • Tor Browser

Data Analysis

  • DumpsterDiver
  • Exifprobe
  • Exifscan
  • Stegosuite

Domains

  • Sublist3r

Downloaders

  • Browse Mirrored Websites
  • Metagoofil
  • Spiderpig
  • WebHTTrack Website Copier
  • Youtube-DL

Email

  • Buster
  • Infoga
  • OSINT-Search
  • theHarvester

Frameworks

  • Little Brother
  • Skiptracer
  • sn0int
  • Spiderfoot
  • Maltego

Phone Numbers

  • OSINT-Search
  • PhoneInfoga

Social Media

  • FBI
  • Instaloader
  • Twint

Usernames

  • Sherlock

Other tools (not listed in the menu)

  • checkdmarc
  • Photon
  • Carbon14
  • Sherlock
  • skiptracer
  • h8mail
  • Shodan
  • Wireshark

Configuration Settings

Firefox

  • Delete cookies/history on shutdown
  • Block geo tracking
  • Block mic/camera detection
  • Block Firefox tracking
  • Preload OSINT Bookmarks