Search like a spy with these tips from a declassified NSA document

declassified NSA document

In case you weren’t already aware, the Internet is home to an unfathomably large amount of information. Seriously – there’s probably at least 100 terabytes taken up just by funny cat GIFs, let alone all the meaningful, educational, enlightening stuff. And with so much information online, even government agencies sometimes need help making sense of it all. 

Back in 2007, to help their field agents use the web more effectively, the NSA commissioned a guide to be written, and thanks to a recent FOIA request from MuckRock, the 643 page document was recently released to the public. The guide, entitled Untangling the Web: a Guide to Internet Research, is absolutely stuffed full of great information – or at least it was great information. 

The NSA had some pretty slick tricks up their sleeve back in 2007

The book stands as a testament to how quickly the web changes. It was written just six years ago, but has suffered a large degree of technological attrition – many of the websites, tools, and services recommended in it no longer exist. 

That being said, however, there are still a few things in the book that are worth reading. Taken from a broad standpoint, many of the methods outlined here are still useful – it’s just that the tools used to execute them have changed. The NSA had some pretty slick tricks up their sleeve back in 2007, so I’ve taken the liberty of reproducing them for all you aspiring international super spies out there. Here’s the highlights:

Google Hacking

One of the most dastardly chapters in the manual is the section on “Google Hacking,” which the authors describe as “using publicly available search engines to access publicly available information that almost certainly was not intended for public distribution.” Most of the manual is pretty out of date, but this section is just as relevant and useful as it’s ever been. Here’s what the book recommends:

The first part of a good Google hack is knowing how to use Google’s search operators. These are nifty little words and symbols you can append to your queries to get more specific results. Google lists a few of them on their support page, but there are hundreds more that they don’t bother mentioning. It’s worth noting that you don’t need to memorize all of them since the same results can be achieved by using Google’s advanced search options, but that’s like using training wheels to ride a motorcycle. Badass international secret agent hackers don’t use training wheels. In order to be a true James Bond ass motherfucker, you should memorize a couple of these. 

The most useful one for devious spy-type activity is undoubtedly the filetype: operator. Using this, you can designate which type of files Google brings up. Here’s a quick briefing on some of the most common ones and what they’ll help you find:

  • filetype:xls will return a list of spreadsheets. These often contain personnel data, computer records, and financial information
  • filetype:doc or docx is good for internal working documents, reports, etc.
  • filetype:pdf is good for large documents of all types, and is widely used in academia, govnerment, and business 
  • filetype:ppt is good for retrieving briefings, which often contain company or government plans for the future

To maximize the effectiveness of these filetype searches and really start to dig up some dirt, the NSA recommends pairing them with boilerplate keywords. Try using terms like internal, budget, not for distribution, confidential, or company proprietary alongside your searches to pick up stuff that was unintentionally posted online. For example, if you’re looking for, say, classified NSA documents that might’ve been leaked on the web, try filetype:pdf site:nsa.gov “classified.”

Google SearchingAnother operator that might come in handy during some good ol’ fashioned espionage is the domain: operator. If used in conjunction with the right top level domain, you can use this operator to restrict results to webpages and documents hosted in specific countries. Let’s say you’re looking for spreadsheets full of passwords to the Russian Ministry of Defense. To point Google in the right direction, try searching filetype:xls domain:ru “password.”

Truth be told, these kinds of hacks were much more effective back in 2007, and nowadays companies and government organizations are pretty good about keeping internal documents off the Web. However, if you apply them in clever ways, these methods can still dig up a few goodies you probably weren’t meant to find.

Finding People

Untangling The Web has a pretty lengthy section on finding people, and despite the fact that it was written before rise of social networking, it’s still got a good list of tips for finding information on people. That being said, some of the suggestions are more relevant than others, so here’s the abridged version:

  1. Start by searching by name, address, email address, phone number (any personally identifiable information you have, really) on search engines like Google and Yahoo. This is kind of a no brainer, but it’s always a good place to start.
  2. If you know the person’s profession, you might find additional info on them in a database that contains stuff like licensing information. The US is really good about licensing people for all kinds of professions. Try other countries for similar information too.
  3. Property ownership and transactions are carefully recorded in the US and many such records are publicly available. This may also be true in other countries. Look for public databases of these records and transactions.
  4. If you know where the person works, that organization (be it government, academic, or corporate) might have a publicly accessible directory you can use to look them up
  5. Whois databases contain information about thousands of people associated with the Internet. If the person you’re looking for has a website, there’s a good chance their info can be found with a Whois lookup. The Whois databases maintained by ARIN, APNIC, AfriNIC, LACNIC, and RIPE are all searchable by name using their advanced search forms.

The authors then go on to mention a boatload of people finder sites, but pay them no heed. They’re all phooey. That was 2007, and we’ve got way better tools at our disposal these days. If you’re looking for a specific person, try searching their name, email address, or phone number on a site like Pipl, 123people, or Spokeo. These sites act as meta search engines, and gather data from a number of public records databases, social meidia profiles, and deep web resources (more on those in a minute).

Geolocating IP addresses

Let’s say you’ve got a name a few possible email addresses, but you can’t seem to track down the location of the high-profile narco-terrorist you’ve been assigned to take out. Not to worry – if you can manage to get your hands on his IP address, then hunting him down will be a piece of cake. Geolocating someone’s IP address is child’s play, and while it won’t give you their exact coordinates on a map, it’s a great tool for figuring a person’s approximate location on the globe. Back in 2007, IP geolocation tools were harder to find, but today they’re a dime a dozen. Just search Google for “IP geolocation” and click around until you find one that suits you. Personally, I prefer InfoSniper simply because it’s got a badass-sounding name and a nice visual interface.

data center

Searching the Deep Web

Google hacking is one thing, but if you can’t seem to find what you’re looking for on the Surface Web, chances are you’ll need to delve into the Deep Web. Also known as the Darknet, the Invisible Web, and similar variations, the Deep Web is basically anything that isn’t indexed by traditional web crawlers. To use Mike Bergman’s explanation, “searching on the Internet today can be compared to dragging a net across the surface of the ocean: a great deal may be caught in the net, but there is a wealth of information that is deep and therefore missed.”

The Deep Web is home to petabytes of information you can’t find on the surface, so you’re far more likely to dig up the dirt on somebody through the Deep Web – the hard part is just knowing where to look. The NSA lays out a short list of Deep Web resources to get you started – the only problem is that nearly all of them are no longer in operation. So, in their wake, we suggest using the following deep web resources:

  • CompletePlanet. This site bills itself as “The front door of the Deep Web,” and since it indexes over 70,000 different deep web databases, it’s definitely one of the best tools you have at your disposal
  • DeepWebTech offers a set of specialized search engines and browser plugins that crawl deep web databases. The search engines cover science, medicine, and business.
  • Scirus is a science-focused deep web portal that pulls information from a vast array of journals, periodicals, e-books, and other resources not traditionally indexed by search engines.
  • Infomine, one of the few resources listed in Untangling the Web that’s still up and running, is a fantastic resource for finding scholarly/academic information online.

Covering your Tracks

If you’re plugged in and in the midst of some serious webspionage, the last thing you want is to inadvertently leave traces of your activity. The NSA recommends a few methods for keeping your information secure, but oddly enough doesn’t go into great detail on the subject. The authors suggest things like using anti-spyware software, encrypting communications, and using strong passwords – pretty basic stuff. Not to worry though. We’ve put together an excellent introduction to staying anonymous online, which includes a host of programs and services that’ll keep your information hidden from prying eyes


Apple to boost its Amazon presence with listings for iPhones, iPads, and more

Apple is about to start offering more of its kit on Amazon. The tech giant currently only has very limited listings on the shopping site, but the deal will see the arrival of the latest iPhones, iPads, MacBooks, and more.

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.

Convert your PDFs into convenient Word documents

PDF files are great, but few document types are as malleable as those specific to Microsoft Word. Here's how to convert a PDF file into a Word document, whether you prefer to use Adobe's software suite or a freemium alternative.

Will Chrome remain our favorite web browser with the arrival of newest version?

Choosing a web browser for surfing the web can be tough with all the great options available. Here we pit the latest versions of Chrome, Opera, Firefox, Edge, and Vivaldi against one another to find the best browsers for most users.

Our favorite Windows apps will help you get the most out of your new PC

Not sure what apps you should be downloading for your newfangled Windows device? Here are the best Windows apps, whether you need something to speed up your machine or access your Netflix queue. Check out our categories and favorite picks.

If you've lost a software key, these handy tools can find it for you

Missing product keys getting you down? We've chosen some of the best software license and product key finders in existence, so you can locate and document your precious keys on your Windows or MacOS machine.

Zoom in on famous works through the Art Institute of Chicago’s new website

Art lovers, listen up. The Art Institute of Chicago has given its website a serious makeover with new features that let you get up close and personal with more than 50,000 artworks by famous (and not so famous) artists.

Over a million veterans now eligible for Comcast’s Internet Essentials program

Comcast's low-cost Internet Essentials program, which provides internet access for just $10 per month, has expanded to include U.S. veterans. One million veterans now qualify for the service.

Google’s Squoosh will get an image web-ready with in-browser compression

Google's latest web app development is an image editing and compression tool, Squoosh. In just a few clicks, it can take a huge image and make it much lighter and web-friendly, all in your browser.

Want to save a webpage as a PDF? Just follow these steps

Need to quickly save and share a webpage? The best way is to learn how to save a webpage as a PDF file, as they're fully featured and can handle images and text with ease. Here's how.
Social Media

‘Superwoman’ YouTuber Lilly Singh taking a break for her mental health

Claiming to be "mentally, physically, emotionally, and spiritually exhausted," popular YouTuber Lilly Singh has told her millions of fans she's taking a break from making videos in order to recuperate.
Smart Home

Amazon has a huge team dedicated to enhancing Alexa and Echo

An Amazon executive on Tuesday, November 13 revealed the huge size of the team that's tasked with developing the Echo, the company's smart speaker, and Alexa, the digital assistant that powers it.

Here's our head-to-head comparison of Pandora and Spotify

Which music streaming platform is best for you? We pit Spotify versus Pandora, two mighty streaming services with on-demand music and massive catalogs, comparing every facet of the two services to help you decide which is best.
Social Media

Going incognito: Here's how to appear offline on Facebook

How do you make sure your friends and family can't see if you're on Facebook, even if you are? Here, we'll show you how to turn off your active status on three different platforms, so you can browse Facebook without anyone knowing.