Kind: captions
Language: en
foreign
yourself in search results so what about
learning the language that investigators
researchers and experts use when they're
looking for something like trying to
find that needle in a haystack
well there's a language out there and
it's called Google advanced search
I've heard some refer to it as Google
docking or even sometimes Google hacking
but I reassure you that as much as it
might sometimes look like it it's not
hacking it's merely clever searching for
public information the only thing is
sometimes that information shouldn't be
public
and over the next few minutes we're
going to look at my three favorite
Google advanced search terms as well as
some of the other common ones but I must
warn that some of this might look like
breaches of privacy and things like that
so please remember that you can actually
cause harm by amplifying this
information when you find it and in
certain cases it might be more
responsible to inform the affected
individual or organization
hi everyone and welcome back to this
series on how to do open source
investigations from home I'm Ben and
this is part 19. so let's get started
[Music]
let's take a look at some of the basic
Advanced Search terms that are already
available
there's lots of interesting sites that
you can look at for this sort of
information
one site that really does this to the
extent is the Google hacking database or
the exploit database and you can merely
get to this just by searching for the
Google hacking database
you can see that this is constantly
updated with different versions of how
content is accessed and you can click on
this and just have a look at the Google
search term itself sadly this can
actually be used for nefarious content
the reason why I show this stuff is so
that you can actually make sure that you
are aware of how this content is working
so perhaps you can also keep yourself
protected as well as learn how to search
a little bit better on Google
so let's have a look at a few simple
ones for example a lot of people know
about using quotation marks something
I've been working on a lot is sedan and
recently there's been a number of
destroyed airplanes within Khartoum
airport perhaps I want to know a little
bit more about cartoon airport so I
could have a look at cartoon Airport
planes so I can see some information
there but I also have four million
search results what if I wanted to have
a look at
say for example put in quotation marks
planes in cartoon and
you can see that just by doing that I've
really limited down my results to Five
results I've also done a spelling
mistake there as well
what I can also do is perhaps cartoon
Airport
and planes now if I did that I've got
four million if I put in something like
or planes of course I'm going to open
that up because it gives me content
about Khartoum airport or planes not the
two of them combined if I actually did
and okay so that's a little bit useful
maybe we can get on to some of the other
interesting ones the first of the three
Advanced Search terms we're going to use
is file type file type is a really
useful one because it allows you to
search for things such as PDFs or videos
or other things like that if I was to
search for PDF documents
you can see that I have a lot of search
results but if I was to type in file
type PDF and then use a search such as
for example sedan which I do a lot of
work on then you can see that already
wow I have
21.8 Million results and these are all
PDFs I could do a little bit more and
say
Sudan
west.4 there we are 251 000 results or
PDFs now that's a really cool one to use
but what other things can we look at
what other file types well for example
we could have a look at I do a lot of
work with mapping so we could have a
look at file type kmz which is a type of
file that you can open up in Google
Earth or other mapping platforms and to
list the set of coordinates or a set of
pins we can do file type KML which is
similar to a kmz and there seems to be
some kmls available there we actually
have a few of them 306 results
and this would allow me to download kmls
and open them up in Google Earth or qgis
or rather mapping platforms as well and
you can see that there's links to those
ones for example one from NASA one of
the really good benefits of knowing
these sort of techniques is that you can
also run searches for yourself if you're
trying to keep yourself safe and secure
online right so say for example I wanted
to go
have a look at myself and where I appear
in different PDF documents so I'm going
to go Benjamin streak file type PDF and
what we can see here is that there's a
number of PDFs that pop up I've got 367
results whereas if I search for my name
on its own there's probably a lot more
and that's useful because we can
actually look at how where we've been
referenced or other things like that I
could probably even search for my
Twitter name to see if there are other
results where that's been in a PDF and
we can see that there's a couple in
there already for example a tweet that
I've done linking to that in there what
we can also do is look for file types
like MP4s so say we go back to looking
at sedan file type MP4 and you can see
here that this will bring up a lot of
sites that host video data for example
we can see that Dailymotion is one if we
go through there's probably some other
examples in there as well so one of the
other things that we can also look at is
around csvs or spreadsheets so
collections of data we can do that by
typing in file type
and let's have a look for example that
XLS which would be a spreadsheet and
I'll go back to my sedan example for
that one we can see that this has come
up with XLS files there's quite a few in
there and you can also go xlsx as well
which seems to be more common and more
of those too we could even go back to
the original example cartoon
International Airport
and we can see that there's even XLS
documents files or csvs of those as well
we could have a look at sedan gold
mining
file type Xmas 2000 results minimal
industry of Sudan and perhaps we could
even look for a KML
or kmz so we have KML of global
distribution of selected mines
mentioning Sudan in there as well with
gold mines and other resources and this
is quite useful considering some of the
recent research on gold mining activity
within Sudan moving on to the next
example we're now going to look at site
searches so this would be site and for
example we could have a look at BBC dot
Co dot UK this is really useful because
if we for example type in BBC sedan or
even go a little bit further and type in
BBC West R4 okay sure we get 1.9 almost
2 Million results if we did cite
bbc.co.uk and then did West R4 we get 28
200 results and that's because some of
these aren't even BBC ones they're
Reuters their Wikipedia sedan Tribune
Twitter the guardian and others what
site does is it allows us to filter down
to the exact website that we want to
look for information from
so here I've gone BBC dot UK I only want
results from BBC and
West Darfur as well so if you think
about how that works there's a few other
interesting examples we could come up
with for example we don't just have to
filter down a BBC we can also go down to
site dot Co dot UK and west.4 which
means we get results from TripAdvisor
Guardian but you see they all end with
DOT Co dot UK
that's because this is a top level
domain for the country dot Co dot UK so
we could put in dot are you for Russia
West R4 and we can see that we have more
than a hundred and four thousand results
we could even do other terms for example
dot CN which would be Chinese websites
press briefing on remote violence in
West R4 these are all Chinese websites
and we can even find Chinese Embassy
content there so because we've been able
to find that here we are Sudan China
embassy.gov dot CN we could take that
site
and we can run a search on all the
content that's from the Chinese Embassy
in Sudan that we have there and we could
even combine as we did before and
perhaps look at file type PDF and now
we've got PDF documents from the Chinese
Embassy in Sudan and maybe some of those
would be interesting don't forget we
have the Google translate plugin that we
have here so we can always have a look
at what those are so we have Chinese
visa example statement on covid but also
a reminder for going abroad
business stocks here I would recommend
that if you're viewing some of these
smaller sites that you use a VPN
especially if you're coming from
countries where your activity may be
monitored as well in having a further
look at site searches thinking about
what we were looking at before obviously
sometimes it's quite nice to find for
example Maps
so we were looking at Sudan before
and one of the things I always like to
look for is Google my maps
so Google my maps is pretty cool for
those of you that don't know Google my
maps it's essentially a a way to create
Maps using Google so we can go Google
The Domain would be maps.google.com
we can even search for that
maps.google.com very helpful
we could go site maps.google.com
sit down
now we've got Google my maps with maps
made on Google by individuals with
mentions of Sudan this is really useful
so sedan clashes Google my maps this was
from 2015.
stock arms sales to Sudan made in China
this is one made in 2015 apparently as
well we could even open up some of these
you can see that there's a lot of data
there that could be popped into a map
which is quite handy great and that's
just a really cool way to search for say
map content using that advanced search
which we wouldn't have been able to do
had we have just searched for the words
normally using the normal Google search
functions and another way we could also
look at that is by for example having a
look at content from Twitter so this was
one that I saw mentioned from someone
called Dutch osync guy on Twitter where
you can have a look at text from Twitter
so say we wanted to go
and have a look
at the text of a tweet
so here is a statement put out by
someone so what if we took that quote
and we did a search for that so what we
could do is we'd go the text of the
tweet
minus
or minus site twitter.com
foreign
we can see that that text that exact
text shows up a lot we've got T dot Co
so if we really wanted to filter that
out we could also do minus t dot Co
but you can see that we've got the other
sites now if we did that without the
minus site twitter.com
we get Twitter results as well so it's a
nice way to look for that and it's also
a nice way to look for if any content
has been quoted or attributed to someone
but we can't find the source of it it's
really handy to kind of look for that
content so thanks Bill moving on to the
third one which is things in titles
so the main one that we have is in url
and this is a really good one to go
through just to have a look at
individual sites so say for example MI6
hey we've got a lot of different
examples even got the Daily Mail the
independent politics dot Co dot UK and
obviously Wikipedia and obviously MI6
that's really useful so what if we
wanted to have a look at all the results
but minus this one here
so we could go minus site so now we're
combining other results
um minus let's just go
mi6.co.uk and then I want to go site
bringing in the last one that we did
before
CN
so now we can have a look at Chinese
domain sites that have MI6 within the
URL we can probably get rid of this one
since that's irrelevant now we can also
go even site dot r u which means domain
Russia we can go in url
go so now we have gov dot uh dot r u
which is Russian government and they
have MI6
within the URL there and that's a really
useful one to use especially if you're
looking at specific countries and you
want to look at say government
departments of countries other things we
can also go through and this kind of
brings up some of the privacy issues is
around webcams for example we looked at
this before the same kind of in searches
but this time in title
so if we wanted to look for in title say
we went BBC
in title means that it's in the top of a
page we have BBC Studios and it's in the
title of the page right one of the
things we could look for is for example
camera live image in title I want to
look for that like this so we have
camera live image up in there and there
obviously seems to be a lot of open
cameras on the right that we can see
that we can go a little bit further than
that one thing we could do is go back to
our endurl
we know that there are webcam xp5 so a
really not a very good one so we could
even go webcam and we could go something
like xp5 so this opens us up to being
able to identify webcams I would remain
caution on this you don't know what
you're about to see so we won't go
through some of these we're also able to
look at for example is in url
and you can do quotation marks guest
image dot HTML this will show us say for
example uh guest image ones and so we're
able to view this Cafe that's live
another one that we could try is for
example we could go in title as we
learned before webcam
and we want to look for live webcams so
we have Earth webcam Network webcam
Hopper things like that we also want to
go site dot ru
so now we're able to see tourist cams
and geocams of here's a marina that's
through YouTube that's also through
YouTube
and we're able to see some of these live
streams and we can see the dates
up there as well we have a live movable
webcam
we have other places you can see the ski
locations
and things like that as well so those
are just a few of the ways that we can
use the Google search function or the
Google Search tool which is such a
simple tool that people use every single
day to do a few more advanced searches
and really narrow down some of those
results to help you find what you're
looking for or help you find the
proverbial needle in the haystack I hope
you found this session useful in looking
at my three favorite Google advanced
search functions and if you have any
more little tips and tricks for Google
advanced search please leave them in the
comment section below all of the links
shown and all of these search functions
shown will be in the description below
and you can follow along doing the same
that I've done on the screen here see
you in the next session
[Music]
you know
[Music]