The OSINT 101 Series will go live later this month during the holidays. You’ll learn how to investigate safely, responsibly, and with the right methodology. The series includes: - OSINT Basics - Anonymity & Privacy - Image Investigations (already live) - Social Media OSINT - GEO-OSINT - Website & Domain OSINT - Corporate & Compliance OSINT And to everyone who already joined the OSINT Detective Skool: Thank you, for being part of this group early on. Your support means a lot, and you’re helping build the foundation of something that means alot to me.

The Netherlands is the most OSINT-friendly country in the world. And now also one of the easiest countries in the world to investigate. Why? Because everything is structured, standardized, and publicly documented. I made a page and a couple sub pages of resources where I cover nearly every public register or starting point. https://www.cultrodistro.com/nederland The subpages cover Anti Money Laundering-Compliance, Politically Exposed Persons and Governance. Due to the original Dutch names of the registers, the page appears Dutch. Use your browser to translate if necessary. 📚 1. Public Registers Everywhere The country runs on high-quality public data: - Basic Registries (addresses, buildings, land, companies, property value) - Chamber of Commerce (companies, foundations, political parties) - RDW vehicle data - BIG medical register - Financial regulators (AFM, DNB) These form the national OSINT backbone. 🏯 2. Clear Government Layers Dutch governance is simple and consistent: National → Provinces → Municipalities → Water Authorities → Agencies Each layer publishes decisions, subsidies, and FOIA releases (Woo). 🚰 3. Extreme Transparency Council documents, open-data portals, spatial plans — the Netherlands documents everything. If you know where to look, you can map entire ecosystems in minutes. 🙏 4. Start With Yourself First check what the system exposes about you: business data, vehicles, land records, property, registrations. Understand your own footprint → you understand everyone’s.

Scam emails aren’t random. The recipient fields already tell you a lot. 📥 TO, CC & BCC Explained TO: You’re the main target Your email is openly listed. They contacted you directly. CC: Everyone can see each other If strangers are CC’d, it’s a bulk blast from a scraped or leaked list. BCC: You don’t appear anywhere You’ll receive the email, but your address won’t show in To/CC. Classic sign of mass phishing campaigns. If you see “To: (empty)” or the sender’s own address → you were BCC’d. 🔍 How to Track Where Your Email Leaked ✔ Plus Addressing Use aliases like: name+amazon@… name+instagram@… If spam arrives on that alias → you know exactly who leaked or sold it. ✔ Have I Been Pwned Check if your email appeared in a breach. Turn on notifications so you get alerts immediately. ✔ Email Headers (advanced) or click: “<> Show original” in the menu with the three dots if you use G Mail. Look at return path, server, and SPF/DKIM/DMARC. If it doesn’t match the claimed sender → scam. We’ll take a deep dive into this in an advanced E-mail course. What can you do moving forward? 🛡️ Protect Your Inbox - Use aliases or +addressing - Turn on HIBP alerts https://haveibeenpwned.com - Unique passwords + app-based MFA - Don’t click links! Open sites manually

Your Phone Number Is the Most Unique Identifier You Own! You might think your picture/face, name, email, or IP address gives you away. Wrong. Your phone number is the single most persistent, unique, traceable metric about you online. You change emails, usernames, locations, even devices, but your phone number? Most people keep it for years, sometimes decades. That makes it an OSINT goldmine. And that’s where PhoneInfoga comes in. I’ve made instructions on how to use PhoneInfoga in a Cloud Shell. If you’re unfamiliar with a shell the best way to start in with Google Cloud Console. I’ve linked a video about that as well. 📞 What Is PhoneInfoga? PhoneInfoga is an OSINT tool that allows you to investigate a phone number using publicly available information. It doesn’t hack, exploit, or brute-force, it simply gathers what’s already out there. With PhoneInfoga, you can: • Check which country the number belongs to • Identify the carrier / line type • See if the number appears in breaches • Scan search engines for footprints • Find connected (social) accounts or metadata • Perform reconnaissance without alerting the target It’s one of the fastest ways to understand who is behind a number, or how exposed your own number is. https://youtu.be/27Pb5g7bEAA?si=VDe-x6xRGaaBa7jj

Last week Candace Owens discussed the reported Charlie Kirk assassination incident and highlighted one important digital-forensics detail: On September 10, the day of the reported event at Utah Valley University, ➡️ 12 personal cell phones registered in Israel were allegedly detected onsite. ➡️ These were real Israeli accounts, not VPN traffic. ➡️ And the presence of these devices reportedly alerted NSA officials, Kash Patel, and people inside the current administration. Whether this claim is fact or theory, the lesson for every investigator is the same: 📡 Your SIM card is a tracking beacon. Your phone’s origin will expose you before anything else.** Your SIM tells a story: - The country where it was issued - The network it belongs to - The registration metadata tied to it - The IMEI behavior patterns If you stand in a crowd of 2,000 domestic devices while carrying a foreign SIM, you stick out like a flare gun in network telemetry. That’s why governments and investigators routinely analyze: ✔️ MCC/MNC (country & carrier) ✔️ Roaming events ✔️ Tower handshakes ✔️ Device-SIM mismatches ✔️ Local vs foreign subscriber profiles 🛰️ Pro Tip: Use a local E-SIM to blend in when traveling If you care about operational privacy—whether you’re: - An OSINT researcher - A journalist - A private investigator - A risk-exposed professional - A corporate compliance analyst working abroad your phone should not betray your location or origin. 🔥 Tools like Revolut E-SIMs let you download a local profile instantly, choosing the country you’re in so you don’t stand out in cell-network metadata. Just download the app so you can set up an account to use when you go abroad. Advantages: - You appear as a local device, not a foreign visitor - No physical SIM swap required - Fast activation from your phone - Reduces metadata anomalies that draw attention - Helps avoid “Why is this device from X country here today?” problems - No need to use public WiFi. Please don’t ever.