1、Hidden in Plain SiteLeverage Commented Code and Web Metadata for Website ResearchCristopher Uglea,Founder,No Nonsense IntelligenceFebruary 2025Summary1.Hidden website data2.Findings from OSINT research3.Automating data collection4.More findings from OSINT researchNo Nonsense IntelligenceAbout meCris
2、topher Uglea,Founder,No Nonsense Intelligence OSINT FOCUS AREAS:due diligence and corporate investigationsuserOSINT-shell:$whoami JUDISDICTIONS:01 Asia(Chinese speaking)02 EU(particularly Romania)EXPERIENCE:01 4 years investigations firm in Hong Kong02 3 years running IT and due diligence firmNo Non
3、sense IntelligenceI use this term to refer to information about a webpage that isnt visible in the browsers display-and can only be found in the source code.1.Hidden website data Its basically a collection of commented code,metadata and file-based clues.No Nonsense IntelligenceTypes of hidden dataTy
4、pePotential OSINT ApplicationsHTML CommentsCan reveal hidden information,like developer notes,removed content,or comments that expose sensitive details.File namesFile paths and names(e.g.,.pdf,.doc,.xls)may reveal sensitive data like creation dates,authors,or locations.Root filesFiles(/robots.txt,/s
5、itemap.xml,/ads.txt etc.)that give information on the sites structure,security policies,and other technical details.Meta tagsContain page descriptions,keywords,and social media preview data.Outdated tags can reveal abandoned projects or legacy information.HTML attributesProvides metadata about the p
6、age,such as language,framework,software versions,or technologies in use.JavaScript commentsInformation about debugging,old features,or developer notes that reveal functionality or vulnerabilities.Can reveal the background of the developers.JSON-LDDisplays structured data such as the organizations co