Utilizing ChatGPT for OSINT Investigations
Discovering the Faces Behind Websites and Unveiling Inter-Website Connections: Part 1
In this four-part series, I’ll guide you through:
- Find personal information of the owner of the website.
- Identifying web technologies and tools used.
- Compare several websites using unique ID’s.
- Finding and exploring the source code.
Information is open source, and I will utilize generative AI for the investigation. I will show how genAI can:
- Directing the investigation.
- Offering resources and innovative insights.
- Serving as a brainstorm ally.
- Assisting with the analysis.
DISCLAIMER: I won’t be able to dive in the specifics of the investigation, as it’s still ongoing, but I will spill all the juicy methodology details. Let’s do this!
Part 1 – ChatGPT creates a Hypothesis and Framework for an investigation.
Journalists and investigators can be overwhelmed during a multiple-facet investigation. You get so many balls thrown at your already badly juggling hands, that it soon feels like the investigation is attacking you.
These kinds of investigations require focus, looking at a lot of different data, collecting data, analyzing data, while you always have this little voice in your head: ‘I hope you can sleep tight, presenting this (trashy) information’. To better cooperate with the (sometimes vicious) critic from within, I love to get very firm on the hypotheses and create a strong framework. Let’s take a dive!
Creating a hypothesis
A good hypothesis can really be the backbone of an investigation. It brings clarity in those times when you start doubting even your own name. It provides direction when it all starts to feel like you are running in circles. It’s just a good comfy compass that I would be lost without.
Normally, I write my own hypotheses based on information I have gathered and the training I received writing 12 scientific projects during my studies at Roskilde University. It hit me that my own way of formulating a hypothesis might be an innate and now automated skill. Let’s then put ChatGPT to work for those who are looking to begin creating hypotheses to lead their work, or for those who just want to brush up on the how and why behind it.
The prompt:
Hi! Please define components of a good hypothesis in journalistic inveatigations
My assistant gave me a list of 8 components. I added one more (the direction) and told it to gather them in four main categories. Here it the output:
Great — Now that we have some guidelines, let’s see, if the it thinks, my hypothesis for the investigation meets the criteria.
The hypothesis: A person is suspected of selling goods that are illegal in many parts of Europe. They seem to use the online platform, operating through various domains. My primary objective is to uncover any direct connections between this individual and the specific domains. Furthermore, by linking these domains to one another, I aim to provide evidence of the person’s intent and actions. This could illustrate their strategy of targeting several European markets where the sale of such goods is not permitted.
The assistant actually iterates through all the criteria and gives feedback how the hypothesis is doing. Here is a taste of the chat:
At the end, it also gave the final verdict:
Feedback: The hypothesis generally meets the outlined criteria but has room for improvement. Clarifying the nature of the goods and the online platform can add specificity. Ensuring complete objectivity and grounding the hypothesis in more preliminary evidence will make it more robust.
Then I played around with a point system — just to satisfy my inner quantitative-method needs:
Unfortunately, I won’t be able to share more information about the investigation, so we’ll need to settle with the pointy finger from our assistant.
The method could also be used, If you are not able to formulate a hypothesis, beeing stuck with loads of information. Give the chat the criteria and have it ask you some questions to help you in formulating a hypothesis.
The point being here, that before asking the assistant to evaluate, you’ll need to define the criteria of evaluation or ask the assistant its standpoint from which it provides the information. The prompt could easily have been for it to provide feedback of the [insert your chunk] from the standard of [insert a school of standard].
Now, let’s go create a framework.
ChatGPT provides a framework for a investigation
To-do lists — who doesn’t love them, or is it just me? I do believe that every big task becomes more approachable when broken into smaller chunks. Making a framework can not only help progress the investigation but also guide it. You always have a roadmap to track your steps.
You, as an investigator, might especially feel comfortable making the framework for investigations of methodologies known to you. However, it can still be overwhelming for some people. This task can be delegated to genAI. Utilizing genAI is also very useful when conducting investigations with methodologies you haven’t used before, as it may give you clues, where to look. Let’s see how it works.
I already know what kind of investigation I am to conduct, so I’ve prepared a prompt to generate a framework targeting this part of the investigation:
The prompt:
Provide me a focused framework for conducting a technical domain investigation aimed at unmasking the ownership of suspected websites. Exclude journalistic and writing phases; my main interest is in identifying and verifying domain-to-domain and domain-to-individual connections.
It provided me a longer list, which Iv condensed by asking it:
Second prompt:
Could you be a darling and group these steps into 4 main categories to provide a streamlined approach?
Here is what we ended up with:
Is it perfect? Of course not. I have only provided the basic information without any context or knowledge of the full story. You could also imagine how a framework could be written by someone fully aware of the resources available for the investigation.
Is it a good starting point? Hell yes! Go ahead and take it further. Use other genAIs, search the internet for more information on resources — revise the framework and make it suit your capabilities in every sense.
That’s it for part 1. We have a semi-strong hypothesis and a framework. Part 2 will focus on the connection between the person of interest and the website. Stay tuned and have a great day!
