OSINT · Threat Intelligence · Investigations

THE
CYBER
TRIBUNAL

Collect·Analyze·Expose

Thoughts, stories and ideas.

The Cyber Tribunal is open.

This is a blog built around one idea: every cyber threat leaves a trail. And with the right open source tools and methodology, that trail can be found, followed, and

Mar 2026

Shodan Passive DNS Analysis Certificate Transparency VirusTotal Graph Dark Web Monitoring Threat Actor Tracking Malware C2 Infrastructure OSINT Investigations URLScan AlienVault OTX MalwareBazaar Collect. Analyze. Expose. Shodan Passive DNS Analysis Certificate Transparency VirusTotal Graph Dark Web Monitoring Threat Actor Tracking Malware C2 Infrastructure OSINT Investigations URLScan AlienVault OTX MalwareBazaar Collect. Analyze. Expose.

Recent Case Files

View All →

Method

Collect

Systematic gathering from open sources — passive DNS, certificate logs, threat feeds, dark web monitoring, and infrastructure scanning.

Analyze

Pivoting on indicators, building actor profiles, correlating TTPs against MITRE ATT&CK, and separating signal from noise.

Expose

Publishing findings with transparent methodology so defenders can act on intelligence and researchers can verify the work.

THECYBERTRIBUNAL