Sock Puppet Creation & Note Taking Applications PDF

Summary

This document provides an introduction to sock puppet accounts and their use in online investigations. It covers creating a believable fake online persona, for gathering intelligence, conducting undercover operations and maintaining anonymity in online communities while managing operational security. The document also explores tools for generating fake identities, email accounts, and virtual phone numbers, along with note-taking methods.

Full Transcript

SOCK PUPPET AND NOTE
TAKING APPLICATIONS
NIGERIAN ARMY CYBER
WARFARE SCHOOL

HAFIZ AUWALU KOKO
Introduction to Sock Puppet
Account
What is sock puppet account?

Inthe context of OSINT investigations, a sock puppet account
refers to a fake or fraudulent online persona created by an
investigator to gather information or interact with individuals or
communities without revealing their true identity. Sock puppet
accounts are commonly used in online investigations to maintain
anonymity, bypass access restrictions, and gather intelligence
discreetly.
Introduction to Sock Puppet
Account
Let’s
Look at some elements of sock puppet account in OSINT
investigation

Fictitious Identity: Sock puppet accounts are created using false
or fabricated identities, including fake names, profile pictures, and
personal details. The goal is to create a believable persona that
can interact with the target audience or community without
arousing suspicion.

Undercover Operations: Sock puppet accounts are used in
undercover operations to infiltrate online communities, forums, or
social media platforms frequented by individuals of interest.
Investigators use these accounts to observe conversations, gather
information, and establish connections with potential sources or
subjects of investigation.
Introduction to Sock Puppet
Account
Information Gathering: Sock puppet accounts are employed to
gather information, intelligence, or evidence relevant to the
investigation. Investigators may engage in conversations, ask
questions, or solicit information from other users while maintaining
the guise of their fake identity.
OpSec and Anonymity: Sock puppet accounts help investigators
maintain operational security (OpSec) and anonymity while
conducting online investigations. By using pseudonymous
identities, investigators can protect their true identity and avoid
detection by adversaries or individuals under investigation.
Sockpuppet accounts play a strategic role in OSINT investigations,
allowing investigators to gather information discreetly, engage
with online communities, and uncover valuable intelligence while
preserving their anonymity and operational security.
 Introduction to Sock Puppet
Account
Why do we need sock puppet account in OSINT investigation?
Anonymity: Creating a sock puppet account allows investigators
to maintain anonymity while conducting online investigations. By
using a pseudonymous identity, investigators can protect their true
identity and avoid detection by adversaries or individuals under
investigation.
Access: Sock puppet accounts enable investigators to gain access
to restricted or private online communities, forums, or social media
groups. In some cases, access to these platforms may be limited to
registered users, making a sock puppet account necessary to
gather information from these sources.
Engagement: Sock puppet accounts allow investigators to engage
with individuals or communities of interest without revealing their
true identity. By interacting with other users, asking questions, or
soliciting information, investigators can gather intelligence and
establish connections relevant to the investigation.
Introduction to Sock Puppet
Account
Observation: Sock puppet accounts enable investigators to
observe conversations, discussions, and activities within online
communities or forums. By monitoring discussions and
interactions, investigators can gather valuable insights, identify
key players, and uncover information relevant to the investigation.
Discretion: Using a sock puppet account provides investigators
with a level of discretion and operational security (OpSec) while
conducting online investigations. By maintaining a separate
identity from their personal or professional profiles, investigators
can minimize the risk of compromising their investigation or
exposing themselves to potential threats.
Protection: Sock puppet accounts can help protect investigators
from retaliation or harassment by adversaries or individuals under
investigation. By using a pseudonymous identity, investigators can
shield themselves from direct exposure and mitigate the risk of
becoming targets of hostile actions.
Introduction to Sock Puppet
Account
These fake social media accounts are used by both sides of the
cyber game. You can find hackers, scammers, bots, and other
cyber criminals on the dark side while journalists, penetration
testers, and investigators are on the other. Like any decent tool, it
can be used for both good and evil. Why would YOU want to create
an undercover account? When investigating, it is always a good
idea to separate your real identity from the initial investigation.
You increase the likelihood of the target will get suspicious. You
also run the risk of being identified and doxed, harassed, and in
the absolute worst-case scenario, targeted for lethal retaliation.
Depending on who the suspect is, you always need to take the
appropriate countermeasures to protect your organization/agency,
yourself, and even your family. Another thing to take into
consideration is that many social media sites have Terms of
Service (TOS) that specifically cover fake or investigation accounts.
Organizations like Facebook are actively looking for these types of
accounts, even if they are law enforcement, and banning them.
Creating an Online Persona

Creating a sock puppet account

Some people make these accounts from scratch. The more content
and backstory you create in the beginning gives you more of
direction to make the account look like a real person’s account.
Use a password manager to keep track of everything you are
creating for these accounts including the user/pass info and keep
notes. KeePassXC is a great free solution that is cross-platform that
will allow you to share your password management database
among multiple computers and different operating systems.
Creating an Online Persona

Character/Persona generators

Creatingan account can take some time, effort, Below is a list of
resources you can use when generating your Sock Puppet persona.
Just remember that all information generated is fake. You can
change the data to fit your narrative:

Fake Identity Generator (fakepersongenerator.com)
Random Name Generator (www.elfqrin.com/fakeid.php)
Random Character Generator (random-character.com)
Personality Generator (rangen.co.uk)
Trait Generator (rangen.co.uk)
Creating an Online Persona

Let’s Visit fake identity generator site

https://fakepersongenerator.com/
Creating an Online Persona

Let’s Visit fake identity generator site

https://fakepersongenerator.com/
Creating an Online Persona

Another great resource for generating fakeid

https://businer.com/fakeid.php
Creating an Online Persona

Image generators

Generating images that have consistency to them can be a
challenge. You want to create a realistic person with history and
consistency. It is important to NEVER use pictures of friends or
family. This can put the investigation at risk and possibly them at
risk as well.
(thispersondoesnotexist.com) – GitHub project available
AI-Generated Faces (boredhumans.com)
Gallery of AI-Generated Faces (generated.photos)
Creating an Online Persona

Let’s visit fake image generator websites

thispersondoesnotexist.com
Creating an Online Persona

This
AI image generation tools can give you laterally any character
you want, depending on what type of profile we want to create

https://boredhumans.com/text-to-image.php
Creating an Online Persona

This
image gallery tool gives the ability to use one of the already
generated images or create your own

https://generated.photos/
Creating an Online Persona

Emails

Creatingan email is the base for setting up your undercover
investigation account. This will be used for setting up social media
accounts and communications with suspects. Any email service will
work. Here are a few:
GMX.com
Mail.com
Protonmail.com
Yandex.Mail
Creating an Online Persona

Tryingto Create an email with GMX we got rejected because of our
location, in a serious business we can use TOR or VPN to access
the service

https://support.gmx.com/
Creating an Online Persona

The same thing with mail.com

https://support.mail.com
Creating an Online Persona

Alternatively we can create account in protonmail

https://account.proton.me/mail/signup
Creating an Online Persona

We can also create email with Yandex email service provider

Yandex.Mail
Creating an Online Persona

Virtual
Phone numbers, it is very important to have a virtual phone
other than the real phone number you use, during investigation
the investigator should be able to make anonymous call or even
spoofing the number of his target for call and sms, here is a list of
some websites that offer such services

https://www.spooftel.com/

https://www.spoofcard.com/

https://www.spoofbox.com/

https://myphonerobot.com

https://aloware.com/features/instant-phone-numbers/
Creating an Online Persona

Spooftel

https://www.spooftel.com/
Creating an Online Persona

Sfoofcard

https://www.spoofcard.com/
Creating an Online Persona

Spoofbox

spoofbox.com/en/whats-sim
Creating an Online Persona

Aloware

https://aloware.com/features/instant-phone-numbers/
Creating an Online Persona

Spoofmyphone

https://myphonerobot.com
Creating an Online Persona
Social Media Accounts
When creating a social media account, you want to look as
‘normal’ as possible on the website because many of them are
trying to stop people from creating fake accounts. Make sure you
are not breaking the law or violating terms of service when doing
this. Now things to look at when creating your OSINT undercover
accounts:
Use public Wi-Fi and do NOT use a VPN
Pick a social media site to focus on
Use your persona’s “real” phone number for verification
Save the information in a password manager like KeePassXC
Keep Operational Security (OPSEC) in mind:
– Use a very strong password for the password manager access
– Use a different password for each account
– Never cross over accounts with your real-world or personal
Creating an Online Persona

Social Media Accounts cont..

Gointo the settings of the account you just created and change
the phone number to a VoIP number

When you are done, log out of the account

Log back in and start adding information to your account relevant
to the profiles

Go back to step 2 for the rest of the sites you want to try
Creating an Online Persona

Alternativelywe can use the sock puppet tool that comes pre-
installed with CSI-linux
 Creating an Online Persona
Aging the Account

Like a fine wine or good whiskey, the account needs to be “aged”.
This means creating content and history. This will minimize the
likelihood of the account getting flagged as a fake by the service
provider and deleted. Become the persona. Go to the same public
WiFi you created the account with to log in and generate activity.
Like posts, make comments, share things, and grow your
connections. Log out when you are done. This is very important
and ties into OPSEC. Not logging out can leak other networks and
information out for Big Data if you are not careful. The goal is that
you are training the site that you are a real person by doing real-
person things.
Creating an Online Persona
Try to add content and history following the personality of the fake
character. This includes finding banners with image searches. Think of
banners for your social media pages, memes, and pictures from the
location your persona is from. Build your account pages how you
believe your sock puppet would have. Add enough information to
make it look real. Over time, keep logging into the account and add
content to build history and the trustworthiness that the account is a
“real” person.
Note Taking

The Importance of Note Taking in OSINT Investigation

Note-taking is crucial in OSINT (Open Source Intelligence)
investigations for some reasons:

Organization: OSINT investigations often involve gathering vast
amounts of information from various sources such as websites,
social media platforms, and public records. Note-taking helps
organize this information systematically, making it easier to
manage and reference during the investigation.
 Note Taking
Documentation: Detailed notes serve as documentation of the
investigative process, including the sources consulted, data
collected, and analysis conducted. This documentation is essential
for maintaining transparency, accountability, and reproducibility in
the investigation.

Memory Aid: Note-taking serves as a memory aid, helping
investigators recall important details, insights, and observations
encountered during the investigation. By documenting key findings
and observations in real-time, investigators can avoid relying
solely on memory and ensure accuracy in their reporting.

Analysis: Notes facilitate analysis by enabling investigators to
identify patterns, connections, and discrepancies within the
collected information. By documenting their analysis process,
investigators can track their thought processes, hypotheses, and
conclusions, leading to more robust and insightful findings.
Note Taking

Collaboration: Notes can be shared with colleagues,
collaborators, or stakeholders involved in the investigation,
facilitating collaboration and knowledge sharing. By documenting
findings and insights in a structured format, investigators can
communicate effectively with team members and leverage
collective expertise to advance the investigation.

Report Writing: Notes serve as a foundation for writing reports,
summaries, or findings documents at the conclusion of the
investigation. By referring to their notes, investigators can ensure
that all relevant information is included in the final report, and that
findings are accurately represented and supported by evidence.
Note Taking

Future Reference: Notes serve as a valuable resource for future
reference and follow-up investigations. By documenting the details
of the investigation, investigators can revisit previous findings,
build upon existing knowledge, and identify new leads or avenues
for further exploration.

Insummary, note-taking is an essential practice in OSINT
investigations, enabling investigators to organize information,
document the investigative process, aid memory, facilitate
analysis and collaboration, ensure legal and ethical compliance,
support report writing, and provide a valuable resource for future
reference and follow-up investigations.
Note Taking

There are several free note-taking applications suitable for OSINT
investigations. Here are some of the best options:

Evernote: Evernote offers a feature-rich note-taking platform with
support for text, images, audio recordings, and web clippings. It
allows users to organize notes into notebooks and tags, making it
suitable for managing research findings and investigative notes.

https://evernote.com/download
Note Taking

OneNote: Microsoft OneNote is a versatile note-taking application
that integrates seamlessly with other Microsoft Office products. It
offers a range of features, including text formatting, drawing tools,
and collaboration capabilities, making it ideal for OSINT
investigations.

https://www.onenote.com/download
Note Taking

Google Keep: Google Keep is a simple and intuitive note-taking
app that syncs seamlessly across devices. It offers basic note-
taking features such as text notes, checklists, and image
attachments, making it suitable for capturing quick observations
and research snippets during OSINT investigations.

https://www.google.com/keep/
Note Taking

Simplenote: Simplenote is a minimalist note-taking app focused
on speed and simplicity. It allows users to create text-based notes
and sync them across devices effortlessly, making it suitable for
jotting down quick thoughts, ideas, and research notes during
OSINT investigations.

https://simplenote.com/
Note Taking

Zoho Notebook: Zoho Notebook is a versatile note-taking app
that offers support for text notes, checklists, sketches, and
multimedia attachments. It provides organizational features such
as notebooks, tags, and search functionality, making it suitable for
managing research notes and investigative findings.

https://www.zoho.com/notebook/notebook-for-windows.html
Note Taking
Standard Notes: Standard Notes is a secure and privacy-focused
note-taking app that offers end-to-end encryption for user data. It
provides basic note-taking features and supports extensions for
additional functionality, making it suitable for users concerned
about data security and privacy during OSINT investigations.

https://standardnotes.com/download

These free note-taking applications offer a range of features and
capabilities suitable for OSINT investigations, including text notes,
multimedia support, organizational tools, and synchronization
across devices. Depending on your specific needs and preferences,
you can choose the app that best fits your workflow and
requirements for managing research notes and investigative
findings.
 Password Manager
What is Password Manager

A password manager is a software application or service designed
to securely store and manage passwords, as well as other sensitive
information such as login credentials, credit card details, and
personal identification numbers (PINs). Password managers offer
several benefits:

Strong Password Generation: Password managers can generate
strong, unique passwords for each online account, reducing the
risk of password reuse and improving overall security.

Secure Storage: Password managers encrypt and store
passwords in a secure vault, protecting them from unauthorized
access. Most password managers use strong encryption algorithms
and require a master password or biometric authentication to
access the vault.
Password Manager
Convenience: Password managers streamline the login process
by automatically filling in login credentials on websites and mobile
apps. This eliminates the need to remember multiple passwords or
manually enter them each time you log in.

Cross-Platform Syncing: Many password managers offer cross-
platform compatibility, allowing users to access their passwords
across multiple devices, including computers, smartphones, and
tablets. Changes made on one device are synced to all devices,
ensuring consistency and accessibility.

Password Auditing and Security Alerts: Some password
managers offer features such as password auditing and security
alerts. Password auditing identifies weak or compromised
passwords and prompts users to update them, while security alerts
notify users of potential security breaches or password leaks.
Password Manager

Secure Sharing: Password managers facilitate secure sharing of
passwords with trusted individuals or team members. Instead of
sharing passwords via insecure channels such as email or
messaging apps, users can share access to specific passwords or
vaults with others securely.

Two-Factor Authentication (2FA) Integration: Many password
managers support two-factor authentication (2FA) integration,
adding an extra layer of security to login credentials. This
enhances security by requiring an additional authentication
method, such as a one-time code sent to a mobile device, in
addition to the master password.
Password Manager

Why should an OSINT Investigator Use Password Manager

Theimportance of using a password manager in OSINT (Open
Source Intelligence) investigations cannot be overstated. Here's
why password managers are crucial in this context:

Secure Storage: Password managers securely store login
credentials, ensuring that sensitive information such as usernames
and passwords are encrypted and protected from unauthorized
access. In an OSINT investigation, where access to various online
accounts and platforms is essential, keeping these credentials
secure is paramount.
Password Manager

Organizational Efficiency: OSINT investigations often involve
managing numerous online accounts across different platforms. A
password manager provides a centralized location to store and
organize these credentials, improving efficiency and streamlining
the investigative process.

Strong Password Generation: Password managers can generate
strong, unique passwords for each online account. This reduces the
risk of password reuse and enhances overall security, critical in
protecting accounts against unauthorized access and potential
data breaches.
Password Manager

Cross-Platform Accessibility: Many password managers offer
cross-platform accessibility, allowing investigators to access their
stored credentials from various devices. This ensures that
investigators can securely access their password vaults regardless
of their location or the device they are using, crucial for remote or
collaborative investigations.
 Password Manager
1.Password Sharing and Collaboration: Password managers
often include features for securely sharing login credentials with
trusted colleagues or collaborators. This facilitates collaboration on
OSINT investigations by enabling investigators to share access to
relevant accounts and platforms securely.

2.Security Auditing and Monitoring: Some password managers
offer features for auditing password security and monitoring for
potential security threats. This includes identifying weak or
compromised passwords, monitoring for password leaks or
breaches, and providing security alerts to notify investigators of
potential risks.

3.Insummary, a password manager is an indispensable tool in OSINT
investigations, providing secure storage, strong password
generation, organizational efficiency, cross-platform accessibility,
collaboration features, security auditing, and compliance with
 Password Manager
1.Password Sharing and Collaboration: Password managers
often include features for securely sharing login credentials with
trusted colleagues or collaborators. This facilitates collaboration on
OSINT investigations by enabling investigators to share access to
relevant accounts and platforms securely.

2.Security Auditing and Monitoring: Some password managers
offer features for auditing password security and monitoring for
potential security threats. This includes identifying weak or
compromised passwords, monitoring for password leaks or
breaches, and providing security alerts to notify investigators of
potential risks.
Password Manager
In summary, a password manager is an indispensable tool in OSINT
investigations, providing secure storage, strong password generation,
organizational efficiency, cross-platform accessibility, collaboration
features, security auditing, and compliance with security best
practices. By using a password manager, investigators can enhance
their cybersecurity posture, protect sensitive information, and
streamline the investigative process while conducting OSINT
operations.
Password Manager

List of some of the free password managing applications

Bitwarden: Bitwarden is an open-source password manager that
offers strong encryption, cross-platform support, and a user-
friendly interface. It allows users to store unlimited passwords,
generate strong passwords, and sync data across devices.
Bitwarden also offers optional premium features for users who
require additional functionality.

https://bitwarden.com/download/
Password Manager

LastPass Free: LastPass Free is a popular password manager
known for its ease of use and comprehensive feature set. It offers
secure password storage, automatic form filling, password
generation, and multi-device sync. LastPass Free also includes
basic multi-factor authentication options for added security.

https://lastpass.com/misc_download2.php
Password Manager

Dashlane Free: Dashlane Free provides users with secure
password storage, password generation, and autofill capabilities
across devices. It offers a user-friendly interface and additional
features such as a digital wallet for storing payment information
and secure note storage. Dashlane Free also includes a VPN for
secure browsing on public networks.

https://www.dashlane.com/
Password Manager

KeePass: KeePass is a free, open-source password manager that
offers strong encryption and customizable features. It stores
passwords in a local database, allowing users to maintain full
control over their data. KeePass is highly customizable and offers
plugins for additional functionality, although it may have a steeper
learning curve compared to other password managers.

https://keepass.info/download.html
 Password Manager
Myki Password Manager & Authenticator: Myki is a decentralized
password manager that stores data locally on users' devices,
eliminating the need for cloud storage. It offers strong encryption,
password generation, and multi-device sync via end-to-end encryption.
Myki also includes features for secure sharing of passwords and two-
factor authentication.

https://myki-offline-password-manager-and-authenticator.en.uptodown.c
om/

You can also add the its extension to your browser

https://chrome.google.com/webstore/detail/myki-password-manager-aut
/bmikpgodpkclnkgmnpphehdgcimmided
Creating Strong Password

The "How Secure Is My Password" tool is a website that allows
users to input passwords and receive an estimate of how long it
would take for a computer to crack that password using various
methods, such as brute force attacks or dictionary attacks. The
tool provides feedback on the strength of the password based on
factors like length, complexity, and the presence of common words
or patterns.

https://www.security.org/how-secure-is-my-password/