Using Bulk Extractor for Quick OSINT Wins
Early this week, Archive.org hosted a dump of a SQL databasehacked from a neo nazi forum online known as Iron March at https://archive.org/details/iron_march_201911 .While there were some .CSV files, there was also an 750MB SQL database file. Withsome massaging, SQL databases can be queried for the data they contain.Sometimes all you’re looking for is a quick and dirty list of selectors andthis data dump seemed like the perfect opportunity to do a quick write-up onusing Bulk Extractor for OSINT. Bulk extractor is an open source tool that can be downloadedfrom https://github.com/simsong/bulk_extractor .I first learned about it in a digital forensics class years ago and I’ve been afan ever since. It’s designed to quickly chew threw a pile of data and extractthe selectors (IP addresses, email addresses, phone numbers etc.) containedwithin that data. I’ve run it on hard drives, forensics image files, databasefiles, folders full of different file types, memory dumps from mobile phonesetc. I