Back to Writeups

OhSINT Walkthrough

Open Source Intelligence Investigation

Published: September 29, 2025 Difficulty: Easy

OhSINT is an OSINT (Open Source Intelligence) challenge on TryHackMe that teaches fundamental investigation techniques using publicly available information. Learn to extract metadata from images, track social media profiles, and correlate information across multiple platforms.

Image Metadata Analysis

EXIF Data Extraction

Objective: Extract metadata from the provided image to gather initial intelligence.

Download the challenge image and use ExifTool to examine its metadata:

exiftool WindowsXP_1551719014755.jpg

Key Metadata Discovered:

  • Copyright: OWoodflint
  • GPS Latitude: 54 deg 17' 41.27" N
  • GPS Longitude: 2 deg 15' 1.33" W
  • GPS Position: 54 deg 17' 41.27" N, 2 deg 15' 1.33" W
  • Image Dimensions: 1920x1080
  • File Size: 234 KB
Primary Lead: OWoodflint (Copyright holder)

Alternative EXIF Tools:

# Using exiv2
exiv2 WindowsXP_1551719014755.jpg

# Using ImageMagick
identify -verbose WindowsXP_1551719014755.jpg

# Online tools
# - Jeffrey's Image Metadata Viewer
# - Metapicz.com

Key Learnings:

EXIF metadata often contains valuable information including location data, camera settings, timestamps, and copyright information. Many devices automatically embed GPS coordinates in photos, making them valuable for geolocation.

GPS Coordinate Analysis

Objective: Convert GPS coordinates to a meaningful location.

The extracted GPS coordinates can be analyzed using various tools:

Google Maps Method:

54.294797, -2.250369

Enter these decimal coordinates directly into Google Maps to identify the location.

Alternative Mapping Tools:

  • Google Earth - For satellite imagery
  • OpenStreetMap - Open-source alternative
  • Bing Maps - Microsoft's mapping service

Key Learnings:

GPS coordinates in EXIF data pinpoint exact photo locations. Converting degrees/minutes/seconds to decimal format makes coordinates easier to use in mapping applications.

Social Media Investigation

Initial Search and Profile Discovery

Objective: Locate the target's online presence using the copyright name as a starting point.

Search for "OWoodflint" using Google and other search engines:

Google Search: "OWoodflint"

Platforms Discovered:

  • X (Twitter): Active account with posts
  • GitHub: Repository with personal information
  • WordPress Blog: Personal blog with updates

Search Engine Operators for Enhanced Results:

# Search specific sites
site:twitter.com OWoodflint
site:github.com OWoodflint
site:wordpress.com OWoodflint

# Search for specific file types
OWoodflint filetype:pdf
OWoodflint filetype:doc

Key Learnings:

Usernames often remain consistent across platforms, making it easy to connect various online accounts. Search engine operators help refine searches to specific platforms or file types.

X (Twitter) Account Analysis

Objective: Extract information from the target's Twitter/X profile and posts.

Navigate to the discovered X (Twitter) account for OWoodflint and examine:

  • Profile information and bio
  • Posted tweets and media
  • Following and followers lists
  • Linked accounts and websites

Key Finding - Avatar/Pet:

🚩 What is this user's avatar of? Cat

BSSID Discovery:

One of the tweets mentions or reveals a WiFi BSSID (MAC address of wireless access point):

BSSID: B4:5D:50:AA:86:41

Additional Twitter Analysis Techniques:

  • Check tweet timestamps for activity patterns
  • Examine replies and interactions
  • Look for location tags in tweets
  • Analyze hashtags used
  • Review media attachments for metadata

Key Learnings:

Social media posts often reveal sensitive information inadvertently. WiFi BSSIDs can be used to geolocate individuals through databases like WiGLE.

WiFi Network Geolocation

WiGLE Database Investigation

Objective: Use the discovered BSSID to determine the target's location.

Visit WiGLE.net and search for the BSSID:

BSSID: B4:5D:50:AA:86:41

WiGLE Search Process:

  1. Create a free WiGLE account if needed
  2. Navigate to "Advanced Search"
  3. Enter the BSSID in the search field
  4. Review the map results

Location Discovery:

🚩 Where has he gone on holiday? London

SSID Discovery:

Zooming in on the map reveals the network name (SSID):

🚩 What is the SSID of the WAP he connected to? UnileverWiFi

Alternative WiFi Lookup Methods:

  • Kismet - Wireless network detector
  • Wireless Geographic Logging Engine (WiGLE) API
  • Local wardriving databases

Key Learnings:

WiFi networks have unique identifiers (BSSIDs) that are cataloged in public databases. These databases can pinpoint physical locations based on wireless access points, making them valuable for OSINT investigations.

Digital Footprint Analysis

GitHub Repository Investigation

Objective: Examine the target's GitHub profile for additional personal information.

Navigate to the GitHub profile: https://github.com/OWoodfl1nt

Repository Analysis:

Examine the "people_finder" repository for embedded information:

  • README files
  • Code comments
  • Commit messages
  • Profile information

Email Discovery:

🚩 What is his personal email address? OWoodflint@gmail.com

GitHub Intelligence Gathering Techniques:

# Check commit history
git log --all --author="OWoodflint"

# Search repository content
grep -r "email" .
grep -r "@gmail.com" .

# Review GitHub profile
# - Public repositories
# - Contribution activity
# - Starred repositories
# - Following/followers

Key Learnings:

Developers often inadvertently expose personal information in code repositories, commit messages, or profile configurations. GitHub profiles can reveal technical skills, interests, and contact information.

WordPress Blog Investigation

Objective: Analyze the target's blog for travel plans and hidden information.

Visit the WordPress blog: https://oliverwoodflint.wordpress.com/

Blog Post Analysis:

Review blog posts for mentions of travel plans, locations, or personal information.

Travel Destination Discovery:

🚩 Where is he going on holiday? New York

Hidden Password Discovery:

Examine the blog's source code or highlight text to reveal hidden information:

Method 1: Text Selection

  1. Select all text on the page (Ctrl+A or Cmd+A)
  2. Look for white text on white background
  3. Hidden text becomes visible when highlighted

Method 2: Source Code Inspection

# Right-click → View Page Source
# Or press Ctrl+U (Cmd+Option+U on Mac)
# Search for suspicious CSS styling or hidden elements

Hidden password found in white text:

🚩 What is the person's password? pennYDr0pper.!

WordPress OSINT Techniques:

  • Check post metadata and timestamps
  • Review comment sections for interactions
  • Examine author profile information
  • Look for embedded media and their metadata
  • Check for hidden CSS styling tricks
  • Review older archived versions via Wayback Machine

Key Learnings:

Personal blogs often contain detailed information about individuals' lives, plans, and activities. Hidden text techniques (white text on white background) are a common CTF challenge method but rarely effective security measure in real-world scenarios.

Investigation Summary

Complete OSINT Profile

Target Profile: OWoodflint (Oliver Woodflint)

All Discovered Information:

🚩 Avatar: Cat
🚩 Current Location: London
🚩 WiFi SSID: UnileverWiFi
🚩 Email: OWoodflint@gmail.com
🚩 Travel Destination: New York
🚩 Password: pennYDr0pper.!

OSINT Methodology Used:

  1. Initial Lead: EXIF metadata from image provided copyright holder name
  2. Username Correlation: Searched across multiple platforms using consistent username
  3. Social Media Analysis: Extracted information from Twitter/X posts
  4. Geolocation: Used BSSID to determine physical location via WiGLE
  5. Code Repository Review: Found email address in GitHub profile
  6. Blog Analysis: Discovered travel plans and hidden credentials

Technical Skills Demonstrated:

  • EXIF metadata extraction and analysis
  • GPS coordinate interpretation and mapping
  • Cross-platform username correlation
  • Social media intelligence gathering
  • WiFi network geolocation via BSSID lookup
  • GitHub repository investigation
  • HTML source code analysis
  • Hidden content discovery techniques

Tools and Resources Used:

  • ExifTool: Image metadata extraction
  • Google: Search engine and mapping
  • WiGLE: WiFi network database
  • Social Media Platforms: X (Twitter), GitHub, WordPress
  • Browser DevTools: HTML source inspection

Privacy and Security Implications:

  • Metadata Risks: Images contain GPS coordinates and device information
  • Username Reuse: Consistent usernames enable easy cross-platform tracking
  • WiFi Exposure: Public WiFi networks can reveal location history
  • Social Media Oversharing: Posts reveal personal information and future plans
  • Code Repository Security: Personal information in public repositories
  • Password Security: Weak passwords and public exposure create risk

Defensive Recommendations:

  • Remove EXIF data from images before posting online
  • Use different usernames across platforms to prevent correlation
  • Avoid posting real-time location information or travel plans
  • Review privacy settings on all social media accounts
  • Use password managers and strong, unique passwords
  • Regularly audit your digital footprint
  • Be mindful of information shared in code repositories
  • Enable two-factor authentication on all accounts

Real-World OSINT Applications:

  • Background checks and due diligence
  • Cybersecurity threat intelligence
  • Fraud investigation and prevention
  • Missing persons investigations
  • Corporate intelligence and competitive analysis
  • Journalism and fact-checking
  • Law enforcement investigations

Ethical Considerations:

OSINT techniques should be used responsibly and legally:

  • Respect privacy boundaries and legal restrictions
  • Use information only for authorized purposes
  • Avoid harassment or stalking behaviors
  • Consider the context and purpose of your investigation
  • Be aware of local laws regarding data collection