In this article I'll show you my way to search on social network platforms via Google on Maltego, plus a real world case where the former handle of a Twitter users gets found.
OsintOps
The "Who posted what?" website features a few search functions within Facebook and Instagram.
Desktop-type wallets, like Electrum, create specific files which are needed to work correctly and store user information. In these files we can find information such as addresses included in the wallet, transactions carried out, information about the wallet type, etc. Obviously, given that this is very delicate information, these files are usually encrypted and cannot be consulted without knowing the correct password. It may happen that we have to access a wallet for which we do not know the password, for example because we have forgotten it, or because we are trying to access the wallet of a “bad guy”…
As you will recall, at the end of part 3 of our analysis, we encountered a transaction which involved two recipient addresses: the address 1DqYiuVPjxrS3tkE8VeSorvx4ZEeR3oGkZ which received 0.20223736 bitcoin and was examined in part 4 of our analysis and the address 1AgEeJ1cNWpXxABaTysv4CM6MqARSnXFce which received 2.5 bitoins. In this part of our analysis, let’s see what happens to the 2.5 bitcoins transferred. Such a precise amount was certainly intentionally transferred, it is not a random change. However, in most of the transactions examined so far, we have seen much smaller amounts sent to the actual recipients. Therefore, it is good practice…
Let’s continue our analysis. Remember that, in the last transaction seen in part 3, the address 1DqYiuVPjxrS3tkE8VeSorvx4ZEeR3oGkZ received 0.20223736 bitcoins and the address 1AgEeJ1cNWpXxABaTysv4CM6MqARSnXFce received 2.5. Since the behavior does not conform to that seen in the other cases, let’s try to focus on both addresses. To start, let’s continue to follow the changes Let’s start analyzing the activity of the address 1DqYiuVPjxrS3tkE8VeSorvx4ZEeR3oGkZ. We have already determined that this address received the change of the transaction. By following his activity you can see that the first and only outgoing transaction made involves an outgoing amount greater than the one received.…
Once we get to the starting transaction as explained in part 1 and part 2 of this analysis, let’s see what happened from there on. At the beginning you can see that the transactions continue with the same pattern: one address receives a lower bitcoin amount and with fewer decimal places and another receives the so-called remainder of the transaction, a higher amount and with more decimal places. With the same rules used up to now, we can state that the address 1NZ4MSeYcDKFiPRt8h7VK6XMhShwzhCzCp is the one that actually receives the bitcoins, while the address 1AK79g9gpvZ8jn2C9MsWQpijMFA5JaTdqP is the one that receives…