OSINT Toolbox Talk: Investigating Minecraft users and extracting company employee data from LinkedIn

OSINT Tool Review

Streamlining video content searches on Rumble, YouTube and BitChute with RUBY

The importance of effective video searches

The war in Ukraine is taking place in near real-time. Unlike previous conflicts of our time, events are being captured and distributed online as they are taking place. With regards to the ongoing effort by many organisations to document Russian war crimes taking place in Ukraine, the capability to streamline searches for video content containing suspected war crimes is of the utmost importance. Not only does such a capability enable OSINT Analysts and Digital Investigators to combine searches across multiple video streaming sites into one – thus reducing time spent, it can also allow for the discovery of content that may otherwise be difficult to locate.

What is RUBY?

OSINT on YouTube, BitChute and Rumble
No, we are not talking about the Ruby programming language – you may be happy to know! For this article, we are referring to a super lightweight, yet highly effective, Python utility that is named as an acronym for Rumble, Bitchute, and YouTube – the popular video hosting and streaming platforms.

What does it do?

We at OS2INT often say that the most effective tools are those that are the most simplistic with regards to installation and functionality – Ruby is by no means an exception! Broadly speaking, RUBY is a keyword-based search tool that will query Rumble, BitChute, and YouTube for keyword matches, and then extract results into a comma-separated value (CSV) file. The file itself contains scraped information for each search result including video author, profile username, author URL, and video URL – the latter two data results can enable OSINT Analysts and Digital Investigators to use additional tools to extract available metadata, even the videos themselves.

Installation and deployment

As we have already pointed out, RUBY is incredibly easy to install and configure. Quite simply, users should clone the utility’s Github repository either manually via Git Clone. Thereafter, the tool is installed by invoking pip install -r requirements.txt on the command-line interface. Deploying the tool is done by invoking python ruby.py followed by the user’s target keyword; for example, python ruby.py mariupol. And that is quite simply all that is required!

Analysing the output

Whilst the utility is running in the command-line interface, it will display search results for each of the video hosting and streaming sites. However, as we pointed out, the tool also outputs the results into a CSV file that contains all of the scraped search results. At this stage, it is for the user to determine what to do with the search results; for YouTube, there are additional tools that can be used to further analyse video and author metadata – including the awesome YouTube Metadata utility by Matt Wright!

Conducting multiple searches on YouTube, BitChute and Rumble

However, in our case, we opted to harness the awesome AI capabilities of Paliscope YOSE to collate our search results and visualise them. To demonstrate a fine use-case for RUBY and YOSE, we performed several searches for videos using keywords associated with known pro-Russian and pro-invasion disinformation actors, this resulted in several CSV files generated and processed through YOSE. As you can see in the image below, there were considerable overlaps between several users sharing likely disinformation content across several of the video sharing platforms.

Analysing OSINT outputs with Paliscope YOSE

Our final thoughts

Whether you are involved in monitoring current events or detecting disinformation actors involved in the distribution of video content, RUBY is a tool you should at least test in order to combine searches into one very smooth utility. There is certainly tonnes of potential for this tool, and we at OS2INT are very keen to see how it develops over time. More importantly, the tool’s CSV output presents many opportunities for OSINT Analysts and Digital Investigators as it can allow them visualise their results using a third-party application such as YOSE. So, all we can say is try this tool out and see how it works for you!

Let's talk today Are you ready to begin discussing our range of training and capability development solutions?