A collection of resources useful for OSINT investigations on cryptocurrencies. While not exhaustive, it includes a selection of free and paid tools, as well as learning materials, commonly utilized in various investigative scenarios. Contributions are welcome.
Free Tools
| Tool | Description |
|---|---|
| 3xpl.com | A fast, ad-free universal block explorer supporting multiple cryptocurrencies. |
| Blockchain.com Explorer | One of the earliest explorers, allowing exploration of Bitcoin, Ethereum, Bitcoin Cash, other assets, and NFTs. |
| Blockchair | Supports various cryptocurrencies like Bitcoin, Ethereum, and Dogecoin; enables querying addresses, transactions, and embedded text within blocks. |
| Tokenview | A blockchain explorer supporting multiple tokens and cryptocurrencies, including BTC, ETH, and XMR; allows searches by addresses or transactions. |
| GraphSense | An open-source cryptocurrency analytics platform emphasizing data sovereignty, algorithmic transparency, and scalability. |
| CoinCodex | Offers historical price data for Bitcoin and other cryptocurrencies. |
| Awebanalysis | Validates Bitcoin address formats. |
| WalletExplorer | Attempts to identify the wallet associated with a specific address; exercise caution when using for OSINT purposes. |
| Breadcrumbs.app | An investigation tool that visualizes address relationships; includes information about sanctioned addresses and assets; supports BTC, ETH, and ERC20 tokens. |
| BTCparser | Monitors various types of wallets, including old wallets or those related to the Satoshi era. |
| Bitref | A simple address explorer displaying the amount of Bitcoin held at given addresses. |
| Arkham Intelligence | Enables network mapping of different networks; currently supports BTC and ETH. |
| MetaSleuth | A BTC address explorer and wallet monitor. |
| SpyderLab | Offers blockchain forensics, crypto AML solutions, and OSINT tools for comprehensive investigative analysis. |
| CryptoBlacklist | An address blacklist containing reports about the types of activities associated with each address. |
| BitcoinWhosWho | An address lookup service identifying reports related to malicious BTC addresses. |
| BitcoinAbuse | Tracks Bitcoin addresses used by ransomware, blackmailers, fraudsters, etc. |
| Chainabuse | Allows reporting of cryptocurrency hacks or scams across multiple blockchains and searching addresses and domains for connections to fraudulent activity; supports BTC, ETH, SOL, and ADA. |
| Scamsearch | A global scam database searchable by profile picture, email, username, pseudonym, phone number, crypto address, or website. |
| Scam Alert | Provides a search engine for scams and crypto-address-related frauds. |
| CryptoScamDB | A scam database containing information about scam sites and related addresses. |
| Ransomwhere | Lists Bitcoin addresses used in ransomware activities; the database is in raw format and integrated into the Chainabuse service. |
| Know Your Coin Privacy | Attempts to deduce relationships from BTC addresses using techniques like Boltzmann analysis, entity analysis, address reuse, and input/output merges. |
| SPLC Center Address List | A spreadsheet containing information about addresses used by extremists and far-right communities. |
| BadBitcoin | A database containing information and details about Bitcoin fraud since 2014. |
| Vivigle | A global crypto ratings and analytics platform. |
Paid Tools
| Tool | Description |
|---|---|
| Chainalysis | Provides blockchain analysis and investigation software to monitor cryptocurrency transactions; widely used by law enforcement and financial institutions. |
| Elliptic | Offers blockchain analytics to detect and prevent financial crime in cryptocurrencies; assists in identifying illicit transactions and ensuring regulatory compliance. |
| CipherTrace | Provides cryptocurrency intelligence solutions for anti-money laundering (AML) compliance and fraud detection; enables tracking of cryptocurrency flows across various blockchains. |
| TRM Labs | Offers tools like Transaction Monitor and TRM Forensics for in-depth blockchain transaction analysis. |
| Maltego | A data mining and link analysis tool that integrates with various data sources, including cryptocurrency data, to visualize relationships and conduct in-depth investigations. |
| Lampyre | Similar to Maltego, it supports BTC investigations and correlations; exercise caution when using for OSINT purposes. |
| Bitquery.io | A comprehensive explorer supporting address analysis, smart contracts, and asset exploration. |
| Coinfirm | Delivers blockchain analytics, investigations, and AML solutions for risk analysis. |
| Whale Alert | An alerting system helpful for monitoring large fund transactions between wallets. |
Learning Resource
- Cryptocurrencies investigations with free tools
- Tracing a Dark Web Service on the Blockchain [OSINT Case Study]
- When in doubt, use image reverse search — the case of the crypto sockpuppet and the innocent TV presenter
- From Tweet to Theft: Tracing the Flow of Stolen Cryptocurrency
- Case Study: How We Track Crypto Money Laundering for Off-Chain Crime
- How I investigate crypto hacks and security incidents: A-Z
A primer on cryptocurrency investigation
Using Open Source Intelligence to Investigate Cryptocurrency Cybercrime – Asad Qureshi
Comments (1)
Muralidhar Canjivaramsays:
December 7, 2024 at 7:11 pmuseful resources