OsintAfrica

12/04/2026

True fact ?????

04/04/2026

OSINT tools to monitor the Strait of Hormuz

The Strait of Hormuz is one of the most important chokepoints in the world economically, militarily, and politically.

Around 20 to 25% of the world’s oil supply passes through this narrow strait.

Major oil exporters like Saudi Arabia, Iran, Iraq, Kuwait, and United Arab Emirates rely on it.

It’s also critical for liquefied natural gas (LNG), especially exports from Qatar.

If the strait is disrupted, global oil prices can spike immediately.

Due to the conflict between Iranian, Israel and USA. The situation remains unclear.

The vessels are not travelling through the Strait Hormuz.

Monitoring the Strait of Hormuz using OSINT relies on combining maritime tracking, satellite imagery, news, and geopolitical analysis tools. Here are the main categories and widely used tools:

1. Vessel Tracking (AIS Data)

These tools track ships in real time using AIS (Automatic Identification System), which is crucial for monitoring oil tankers and naval activity.

https://www.marinetraffic.com
The MarineTraffic is a commercial online ship-tracking and maritime analytics platform that visualizes global vessel movements in near real time.

https://www.vesselfinder.com/

The VesselFinder is an online and mobile software platform providing real-time Automatic Identification System (AIS) vessel tracking and maritime analytics.

2. Satellite Imagery Platforms

The Satellite Imagery Platforms can be used to verify activity even when AIS is turned off (dark ships) such as:

- Detecting ship (clusters)

- Monitoring military buildup or port congestion

- Oil spills or maritime incidents

https://earth.google.com/web/

Google Earth is a geospatial visualization tool developed by Google that displays a 3D representation of Earth based on satellite imagery, aerial photography, and GIS data.

https://www.satellites.live/

satellites.live is a free web-based satellite tracking tool that lets you visualize and follow objects orbiting Earth in near real time.

3. Radio & Signal Monitoring

websdr.org
WebSDR is an online software platform that allows multiple users to listen simultaneously to a wide range of radio frequencies through a shared software-defined radio (SDR) receiver.

https://www.aishub.net/ais-dispatcher

AIS Dispatcher is a Windows-based software tool used to decode, filter, and forward Automatic Identification System (AIS) data from ship transponders and receivers. It acts as an intermediary between AIS receivers and data servers or clients, enabling flexible routing of real-time vessel traffic information across multiple network destinations.

Monitoring the Strait of Hormuz with OSINT is about layering multiple data sources no single tool is enough. The most reliable insights come from combining ship tracking, satellite imagery, and real time reporting.

More details 👇 :

https://www.osintafrica.net/osint-tools-to-monitor-the-strait-of-hormuz/

15/03/2026

Online Document Signing Platforms used for Phishing Attacks



Electronic signature platforms such as Docusign, Dropbox Sign, Google Docs, OneDrive signature and Adobe Sign have revolutionized business processes by enabling fast, paperless transactions. However, cybercriminals have also recognized their potential as a vector for phishing attacks. By mimicking legitimate signing requests, attackers trick users into revealing sensitive information or downloading malware.


Techniques used by threat actors to trick users:

- Fake Signing Requests:

Attackers send emails that look like legitimate requests from trusted platforms such as Docusign, Adobe Sign. These emails often contain urgent language like “Your signature is required immediately.”

- Malicious Links

The email includes a link to a fake login page mimicking the real service. Victims enter credentials, which attackers steal.

- Malware Delivery
Some phishing emails include attachments disguised as documents to sign, which actually contain malware.

- Business Email Compromise (BEC)

Attackers impersonate executives or vendors, requesting signatures on fraudulent documents (e.g., payment authorizations).

Red Flags to Detect Phishing:

Unexpected signing requests from unknown senders.

Generic greetings like “Dear Customer” instead of your name.

Suspicious URLs (hover over links before clicking).

Urgency or threats in the message.

Requests for credentials beyond normal signing process.

Tools Commonly Used by Threat Actors:

Email Spoofing Tools (e.g., Sendmail, Postfix misconfigurations)

Used to forge sender addresses and bypass basic email filters.

Phishing Kits (e.g., Evilginx, Modlishka)

Enable creation of realistic login pages and capture credentials.

URL Shorteners

Hide malicious links behind shortened URLs to evade detection.

Malware Loaders

Embedded in attachments disguised as PDFs or signing documents.

Conclusion

While online document signing platforms offer convenience, they also present a significant attack surface for phishing campaigns. Organizations must implement robust email security, user awareness training, and multi-factor authentication to mitigate these threats. Vigilance and verification are key always confirm the legitimacy of signing requests before clicking any link.

More details:

https://www.osintafrica.net/online-document-signing-platforms-used-for-phishing-attacks/

22/02/2026

Fake credit generator online

23/12/2025

Are you aware of this Cyber Attack ?

If not, click on the link for more details:
https://www.osintafrica.net/best-osint-tools-to-investigate-typo-squatting-domains/

08/12/2025

How to use a temporary fake email online ?

A fake email or email generator is an email address generator used to create an email address that is used to receive a message. The Fake email will help you to protect your email address from receiving spam, phishing, advertisement from third party, avoiding detection during investigation for example instead of using your company email to test a suspicious website, you can use a fake email.

03/12/2025

Fake Microsoft page:

alterstor[.]com

This website contacted 12 IPs in 4 countries across 11 domains to perform 81 HTTP transactions. The main IP is 87.236.16[.]18, located in St Petersburg, Russian Federation and belongs to BEGET-AS Beget LLC, RU. The main domain is alterstor[.]com.

Always check the URL before connecting

27/11/2025

Top Free Threat Intelligence Feeds for SOC

In today’s cyber-threat environment, a SOC (Security Operations Center) cannot rely solely on internal logs or ad-hoc detection rules. Attackers continuously evolve, use new malware, phishing campaigns, command-and-control (C2) infrastructures, and exploit zero-day vulnerabilities. To keep pace, security teams need access to fresh, actionable intelligence about malicious IPs, domains, URLs, file hashes, and campaign data. This is where Threat Intelligence Feeds come into play. By feeding a stream of indicators of compromise (IOCs) and threat metadata into detection tools (e.g. SIEM, IDS/IPS, EDR), SOCs gain proactive visibility enabling rapid detection, triage, and response long before threats fully materialize.

Some prominent public community-based feeds are:

- AlienVault OTX (Open Threat Exchange)

- abuse.ch

- SOCRadar Free Edition

- CIRCL (Computer Incident Response Center Luxembourg)

- OpenPhish

- Spamhaus

How SOCs Benefit from Threat Intelligence Feeds: Key Advantages & Best Practices:

- Faster Detection & Response: By integrating external IOCs into SIEM, EDR or IDS/IPS, SOCs can detect malicious activity e.g. communication with known bad IPs, domain resolution to suspicious domains, or file hashes immediately.

- Enrichment & Context: Alerts enriched with threat metadata (e.g. threat actor, malware family, attack vectors) help analysts prioritize incidents, reduce false positives, and make informed decisions.

- Proactive Threat Hunting: Feeds help SOCs identify emerging threats before they hit their network e.g. new malware variants, C2 servers, phishing campaigns giving time to patch, block or monitor.

- Shared Community Intelligence: Community-driven platforms like OTX and abuse.ch democratize threat intelligence even organizations without large budgets can benefit from global collective defense.

- Automation & Integration: Many feeds support standard formats (STIX, TAXII, JSON, CSV), making it easier to integrate into SOC toolchains, SIEMs, SOAR, TIPs.

- Historical & Forensic Analysis: Feeds that include historical DNS data, past IOCs or archived samples help in retrospective investigations and understanding attacker infrastructure over time (especially relevant for persistent and advanced threats).

More details, click on the link 👇

https://www.osintafrica.net/top-free-threat-intelligence-feeds-for-soc/

24/11/2025

Top Threat Intelligence Feeds and Platforms in 2025

Future
AlienVault SIEM Analyst

(part of Google Cloud)

22/11/2025

Best WordPress website scanner for free

WordPress websites are the most targeted websites, the best way to protect your website is to scan it regularly to detect any exploited vulnerability.

Below, we will share with you the best WordPress website scanner for freely available online.

1. Free WordPress Scanner Report (Light) — Pentest-Tools.com

Pentest-Tools.com is a legitimate and quite powerful platform for automated, semi-automated, and continuous pentesting. It’s especially useful for security teams who want:

automated vulnerability assessments,

verified (exploitable) findings,

continuous scanning,

streamlined reporting.

The tool has a dedicated option to scan WordPress website and provide a report.

2. Website Security Checker | Malware Scan | Sucuri SiteCheck

Sucuri SiteCheck is a free remote website-security scanner provided by Sucuri Inc.

The tool can be used to detect if the site is running an outdated CMS (like WordPress, Joomla, Drupal, Magento) or vulnerable plugins/extensions.

By inputing a URL (for example “example.com”), and SiteCheck will scan the site’s publicly visible source code for signs of malware, viruses, malicious code like suspicious iframes/JavaScript/redirects.

The tool is a perfect match for those who want to check their WP website.

3. Site Check — WP Safe AI

wpsafe.ai/sitecheck is a service from WPSafe.ai that offers a free website security scan, especially geared toward WordPress sites.

The tool can help identify the following issues:

You enter a URL, and the SiteCheck tool scans the public-facing source code of the site for signs of malware, viruses, and other malicious code.

It checks for blacklisting by security authorities (e.g. Google, PhishTank).

It can identify out-of-date CMS software, plugins, or extensions.

It also reports on general security issues, configuration anomalies, and gives recommendations.

4. WordPress Security Scan | HackerTarget.com

The WordPress Security Scan on HackerTarget.com is a tool for externally checking WordPress sites for common vulnerabilities and misconfigurations.

5. Online WordPress Security Scan for Vulnerabilities | WP Sec

WPSEC.com (sometimes written WPSec) is a web service that provides WordPress vulnerability scanning.

If you never scan your Word Press website, its the time for you to do it.

https://www.osintafrica.net/best-wordpress-website-scanner-for-free/

WordPress is a popular, user-friendly platform for building websites and blogs. Think of it as a tool that lets you create and manage a website without needing to know much (or any) coding. WordPress websites are the most targeted websites, the best way to protect your website is to scan it regularl...

20/11/2025

Indicators of Compromised analysis diagram

Have you been working in SOC you have a difficulty to manage the IOCs ?

You are a SOC manager, you have a difficulty to provide to your team a way to manage the IOCs ?

This diagram will help you to know how manage the IOCs within your environment.

Start: IOC identified

➡️ Type of IOC?

Domain

Check WHOIS & Passive DNS

Find related subdomains & IPs

IP Address

Scan with Shodan / Censys

File Hash

Search VirusTotal / MalwareBazaar

Extract URLs, C2 servers

➡️ Correlate with Threat Actor Profiles

➡️ Map Infrastructure Graph

➡️ Report & Enrich SIEM / TIP