During Black Hat, BsidesLV, and Defcon, I ended up having a quick chat with Justin Seitz about his nifty OSINT automation. I decided to take his data sets and enrich the data with additional metadata and diamond modeling. I will be pivoting on each indicator to tease out unexpected patterns.
It was interesting what we have uncovered. Here are the raw results from the basic 7,000+ identified hidden sites based upon ssh keys. Additional unique meta-data identifiers and indicators will be pushed to the osint repo