Mathieu Gaucheler

Ever wanted to explore the @icij.org Offshore Leaks Database in Maltego? You can now do so with this local integration.

➡️https://github.com/shibaOSINT/Offshore-Leaks-Database-Maltego-Integration⬅️

Both the school and the temple are in the same region, 40 km apart. Let's begin by exploring the road linking them on Google Street View: road number 2006. After a few minute we find the challenge's location: 13.9159829,101.8389441 (5/5)

The third sign will require a bit more work, OCR does not give us anything useful but both phone numbers give us a result for a web search: a school and a cattery. The cattery does not have an address listed on its page and has not posted since 2016, let's discard it. (4/5)

The first sign gives us"วัดโคกขี้เหล็ก" which after a quick web search leads us to a Buddhist Temple in Thailand (3/5)

First thing that we notice is the numerous signs in Thai script. After passing them through OCR and Google Translate we discover some useful information (2/5)

A short thread about an interesting geolocation challenge from Hack.lu CTF by @fluxfingers.net 🧵⬇️(1/5) #geolocation #geoguessr #OSINT

#BurkinaFaso
Geolocations of the JNIM attack on Tanwalbougou (12.0554, 0.7805) by @chrisadayton.bsky.social & @ influhunter (on X)

14.06 #Mali
According to a government communique, while returning from a mission yesterday (presumably taking part in the airstrike against FLA fighters near Aguelhok) the Su-24 was forced to ditch in the Niger river near Gao due to "adverse atmospheric conditions"

Cool open-source investigative tool I just learned about: alltext.nyc. It lets you search any text found in Google Street View images from 2007 to 2024— graffiti, shop signs, street text, you name it. Just type in what you see, and see what pops up.

a post by Vleckie: "Allright, time for me to go through the mud. Based on satellite imagery I'd marked this quarry as an underground base, and tweeted is out as such. I'm fairly certain Centcom doesn't take their targeting data from Twitter, but this still is a very severe mistake."

ICYMI: on Twitter, an OSINTer ('Vleckie') is being blamed for a US airstrike in Yemen that killed 8 civilians.

in a thread, she'd marked a group of houses as an underground bunker — from satellite imagery alone. those houses (not a bunker) were subject to a US airstrike. 8 innocent people dead.

"These are the first two fighter jets in history to be downed by an uncrewed surface drone, but they are unlikely to be the last."

As a bonus, we can also search for the picture of the rainbow flag they used: searching "гей-флаг" on Yandex yields the exact same flag withing the first page of results.

By doing a reverse image search on the content of the Facebook post, we find this picture, showing which flag the people in our original photo are really holding. Several videos of the event have also been posted, not a single rainbow flag in sight.

Searching the picture on Google Lens leads us to a Facebook post mentioning a demonstration in Tinzaouaten (Mali). It doesn't contain the original picture, but there is a similar one with some of the same people. An FLA (Azawad Liberation Front) flag can also be seen: cyan, yellow, red and white.

Whenever you suspect that an image might have been altered, Error Level Analysis (ELA) can reveal areas likely to have been modified. For more information on how to use ELA, check out this Bellingcat article from @annique.bsky.social
www.bellingcat.com/resources/20...

Caption: 🌴🇲🇱 Азавадские пастухи, как и их чубатые братишки, на самом деле стоят за западные ценности, чуждые здоровому человеку. Всë остальное, звучащее с их ротовых полостей, обман. ЛГБТ, бача-бази, скотоложество, наркотрафик, контрабанда золота и оружия, работорговля, терроризм - неполный перечень их борьбы.

🇲🇱🇷🇺 A Wagner affiliated Telegram channel posted this awkward photoshop yesterday, saying the people in the picture support LGBT rights, identifying them as "Azawad shepherds". Let's take this as an occasion to learn how to find the context of a doctored picture and prove the trickery 🧵⬇️ #Wagner #Mali

gijn.org GIJN Webinar: Gathering Evidence and Documents in Conflict and War Zones — A MENA Case Study

In this upcoming GIJN webinar, we’ll explore how investigative journalists can document human rights abuses in war zones, with a focus on methods to ensure the info gathered can later be used by legal investigators or international courts.

Register now: https://twp.ai/9PQx3o

Defend the Internet Archive. Protect the Wayback Machine. Tell the music labels: Drop the 78s lawsuit. Sign our open letter on change.org

📢 The Internet Archive needs your help.

At a time when information is being rewritten or erased online, a $700 million lawsuit from major record labels threatens to destroy the Wayback Machine.

Tell the labels to drop the 78s lawsuit.

👉 Sign our open letter: www.change.org/p/defend-the...

🧵⬇️

BREAKING.

From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.

Looking at an arms convoy in Mali Thanks to social media, it is increasingly easy to find footage of military activity. Before the 2022 invasion of Ukraine, several OSINTers…

New blogpost about a military convoy (100+ containers) in #Mali.

#OSINT #Geolocation #FAMAs #AfricaCorps #WagnerPMC

For more on that subject you can read this thread by @tatarigami.bsky.social in collaboration with @casusbelli.bsky.social on a similar convoy from earlier this year.

The gas station in the background allows us to geolocate the footage easily. It was taken on a roundabout at 12.612658°, -8.044582°. Shown on the 3rd image is the position of the two video as well as the direction of the convoy.

We can confirm that this is the same convoy shown in the first video thanks to the painted marks on the trucks as well as their license plates. Here are a few examples.

104 trucks carrying a container, 3 tank trucks, 1 truck carrying a boat, 1 QY50KD crane from XCMG, 1 truck carrying a Lonking LG100DT diesel forklift, what appears to be towing and recovery unit Century 5230 from Miller Industries and 1 car bearing red crosses.

YouTube video by Cap sur le Mali 26 mars 2025 arrivé des nouveaux équipements militaires, écouter Boubou Mabel pour les commentaires

Looking for other sightings of that convoy, we find a longer, unedited video published by the Bamako based media Cap Mali: www.youtube.com/watch?v=xeaq.... The 20 minute long video shows: 12 pickup trucks/ cars, 19 pickup trucks with mounted gun, more vehicles listed below ⬇️

Thanks to the monument in the background, we can roughly geolocate that footage to the following coordinates: 12,637980°, -8,005060° (red area in the picture). Near the French Institute of Mali. I'll publish a detailed walk-through of the geolocation process on my Medium.

This first insight we can gather is that this is a military convoy, as indicated by the license plates of the vehicles (white letters on a black background) as well as trucks loaded with personnel wearing military fatigue. Source and more examples: francoplaque.fr/af/rmm/5882-....

The 27th of March, the Telegram channel White Uncles in Africa shared the following video of containers moving through Bamako. Let's take a look at what we can gather 🧵⬇️

Une de Mediapart ce lundi : Marine Le Pen au tribunal correctionnel de Paris avec son assistante Catherine Griset.

Affaire des assistants : Marine Le Pen condamnée et inéligible.

Une affaire révélée dès 2013-2014 par @mediapart.fr.
www.mediapart.fr/journal/fran...