Hi Everyone,

Have you ever experienced a total disconnect from the internet - even with no access through a VPN? That was me recently.

This newsletter will have a slightly different structure than usual - we will focus on a Q&A with our guest!

We’re kicking off a new series for this newsletter - collaboration with i-intelligence, starting with the Chinese edition today - coming on October 19 (Russian) and November 2 (Arabic).

Skip Schiphorst is the OSINT languages and course coordinator at Switzerland-based I-Intelligence GmbH. Before specializing in OSINT training, he served 17 years with the Dutch Marine Corps and earned a degree in China Studies from Leiden University. At I-Intelligence, he oversees courses covering OSINT collection techniques in Chinese, Arabic, and Russian.

Some insight from Skip:

💡“𝗧𝗵𝗲 𝗱𝗲𝘃𝗶𝗹'𝘀 𝗶𝗻 𝘁𝗵𝗲 𝗱𝗲𝘁𝗮𝗶𝗹𝘀” - having an analytical mindset and being curious will get you far, not only in OSINT.

💡“All the gear but no idea” - in my previous profession, we said this about units with poor tactics but with the best equipment. In OSINT, the analogy is: “Fools only use tools”. 𝗧𝗼𝗼𝗹𝘀 𝗮𝗿𝗲 𝘁𝗲𝗺𝗽𝗼𝗿𝗮𝗿𝘆 - 𝗶𝗻𝘃𝗲𝘀𝘁 𝗶𝗻 𝗺𝗲𝘁𝗵𝗼𝗱𝗼𝗹𝗼𝗴𝘆.

The need for online research using foreign languages is growing, as more people in developing countries create and consume content in the languages they speak. Mastering foreign language OSINT skills has never been more important.

Bonus: A 10% discount code - APIINT10 on all courses is valid until the end of this October!

Cybersecurity News 

• China requires 1-hour reporting for major cyber incidents: New rule forces organisations to notify authorities within one hour of a major cybersecurity incident. Find out more.

• Red Hat breached: Crimson Collective stole 28k private repositories, including credentials, CI/CD secrets, pipeline configs, VPN profiles, and infrastructure blueprints. Find out more.

  • Red Hat officialy confirmed the incident.

• Kali Linux 2025.3 Released: introduces 10 new tools to its arsenal, expanding its capabilities for penetration testing and security assessments. Find out more.

• Chinese cybersec news: xz.aliyun.com is a Chinese language hub for cybersecurity news, technical writeups and advisories.

OSINT Guest Section

Thank you for your answers in the survey (is still open in Russian and Arabic). We decided to covered to the most advanced questions:

1. Emulation & Mobile Platforms
   Q: Many critical Chinese platforms (e.g., WeChat, Douyin, Xiaohongshu) are mobile-first or mobile-only. What are the recommended Android emulators (like BlueStacks, NoxPlayer, etc.) and best practices for setting up a secure and effective workflow for OSINT on these mobile versions from a desktop environment?
   
   A: NoxPlayer is one of the stronger emulators for Chinese platforms. The real advantage of using an emulator isn’t just mimicking a mobile device, it’s being able to work from your desktop, take screengrabs, and test apps in a safer, more contained way. That said, they’re not perfect. Using a mouse as a “finger” feels clunky, and more importantly, Chinese platforms often check more than just the device. They look at SIM cards, phone numbers, and whether the connection really looks like it’s coming from inside the country.
   
   That’s where SockPuppet’s Alias platform comes in. Instead of just giving you a virtual phone, Alias takes care of the whole package: local connectivity in places like China, real phone numbers for account creation and recovery, and the right resources to make accounts behave like natural, in-region users.

   

   Q: Beyond emulation, are there effective cloud-based solutions or services that provide access to the Chinese mobile app ecosystem without requiring a physical device or complex local setup?

   
   A: I can’t answer this question. I use a mobile device – preferably an Android.

2. Access & Registration:
   Q: Registration for many Chinese services is a significant barrier for non-Chinese users due to e.g. phone prefix restrictions. What are the current reliable methods for overcoming this, such as virtual number services? Additionally, with traditional VPNs to China often failing, what are the most effective alternatives today for accessing content behind the Great Firewall?

   
   A: By default, the most reliable alternative to get content behind the Great Firewall is to be within the Great Firewall. To manage attribution within China (not anonymous), it is best to use an eSIM, which often leverage Hong Kong telco providers. Other alternate ways to access content from outside the Firewall would be VPN to access content from countries with more overseas Chinese diaspora or Chinese nationals, bearing in mind that these different countries may have slightly varied content bias due to geopolitical or economic biases.

   Q: How does one navigate the increasing use of real-name verification tied to national ID cards or payment platforms like Alipay/WeChat Pay, which presents a major hurdle for foreign researchers?

   
   A: Obtaining a phone number from countries mentioned above:

   1. Singapore

   2. Malaysia

   3. Hong Kong

   may ease account creation process with some Chinese platform like Alipay/WeChat, although it does not remove the requirement of identity verification to gain full feature and content access.

   For example, one can be able to use WeChat and its search engine functions without verification. However, payment features require identity verification due to China’s proactive stance to reduce fraud and financial crimes. Other apps like Baidu Maps also allows to use some features without identity verification, while a similar map app like AMap will require identity verification to use it at all.

3. Corporate OSINT & Names
   Q: Investigating Chinese companies and their ownership structures for due diligence is notoriously difficult. What are the key databases (both state-run like NECIPS and commercial ones) and techniques for mapping beneficial ownership and uncovering connections to state-owned enterprises (SOEs) or military-civil fusion entities?

   
   A: Regardless if one is looking at Chinese or other companies, doing the homework on company structures within a specific country is advised.

   Researching Chinese companies is actually not very difficult if one applies the right operators, keywords and in general stick to a methodology. Open databases appear every few months divulging Chinese corporate data and then subsequently get restricted which often means ‘the end of the road’ for many researchers. We can easily discover new corporate databases by using precise corporate Chinese terms in combination with the exact name of the Chinese company.

   A website which still works great for advancing or defending one’s business interests with Chinese companies is https://easy.baidu.com/ . The exact name of the company is however required.

   
   Q: What are the best strategies for handling the complexities of Chinese names, such as multiple pinyin romanizations, the prevalence of common names, and distinguishing between individuals in official records?

   
   A: Regardless which language one is researching in, it pays off to take time and read about country/language-specific naming conventions.

   

4. Translation & LLMs
   Q: How do modern LLMs (like GPT-4, Gemini) perform in translating Chinese for OSINT purposes compared to traditional tools? What are their specific strengths and where do they still fail in capturing crucial context, slang, or nuanced political/military terminology relevant to intelligence gathering?

   
   A: We can of course use any modern LLM for finding slang but going back a step is advised. Having a search online using keywords in English to discover keywords in a foreign language is often overlooked.
   There is a plethora of websites which show Chinese modern internet slang as well as vocabulary lists about different topics (economy, politics etc.)

   LLMs are susceptible to human biases and performance is heavily dependent on the dataset it was trained on. It may be more useful to use both LLMs trained on Chinese text for better translation performance. That said, internet lingo and slang changes rapidly, and it is best practice to not rely on AI given that it is trained on past data.

   
   Q: Are there specialized translation models or platforms trained specifically on Chinese technical, military, or political texts that offer higher accuracy for OSINT analysis?

   A: deepl.com is still one of my favorites out there. Wikipedia in English and in Chinese also offers a lot of keywords which can be useful for your research.
   Careful: in all languages, terms change every few years – do not forget to use the date-range when searching online.

5. Search & Indexing
   Q: Given that Baidu's search algorithm and content indexing are heavily influenced by state censorship, what advanced search techniques or alternative search engines (e.g., Sogou, 360 Search) are most effective for uncovering sensitive topics or information that might be suppressed on Baidu?

   A: Using the same search-query but in a different search engine as the ones mentioned, but also not forgetting that we can search in Chinese on non-Chinese platforms. Information is indexed and archived differently from platform to platform.

   Searches for current events are time-sensitive and ought to be conducted promptly to gather information before more reactive censorship enforcement takes place on Chinese platforms. Alternatively, besides Chinese search engines, you may consider trying to discover Chinese sources that have jumped over the Great Firewall and are posting on non-Chinese platforms.

   https://flinfo.com/home does a great job at pulling information from thousands of sources in Chinese and is updated every 1-2 hours. It is my go-to to find information online from local sources – searchable in English or in Chinese; it also offers similar results for Arabic and Russian making it very useful.

SOCMINT

That’s all from Skip 🙌 Find out more about our Arabic/MENA, Russian and Chinese OSINT courses here. Occasionally, he hosts FREE webinars - definitely worth following him on LinkedIn. Contact him: [email protected]

I’ll add my two cents…

I like the Xiaohongshu app - it’s a mix of Instagram, Pinterest, and Google Reviews. You can look up a place to see reviews and what it looks like - this is how young people search for things in China.

WeChat isn’t just a chat app - it’s a whole ecosystem, with mini-apps and all sorts of features inside it.

Oh, and TikTok? Doesn’t work in China, not even with a VPN.

OSINT Tools

• Multi-platform downloader for Douyin, TikTok, X, Weibo. Link to tool

• Face++ – Chinase tool a powerful facial recognition and computer vision API.

• GitCode – the Chinese equivalent of GitHub, widely used for hosting and sharing open-source code.

Google Baidu Updates

• Autonomous Taxis: Baidu’s Apollo Go autonomous taxi service surpassed 11 million rides by May 2025 and continues its international expansion.

• Search & Users: Baidu App reached 724 million monthly active users (MAU) in March 2025, up 7% year-on-year. The search bar now supports text input over 1,000 characters, with enhanced multimedia input (images, voice, video) and AI content generation tools directly integrated.

• In April 2025, Baidu officially launched PaddlePaddle 3.0, its deep learning framework, and introduced the “intelligent box”, an upgraded search bar integrating AI-powered writing and image generation directly in search.

Upcoming CyberSec / OSINT Events

Free

On demand webinars

• RUSI Panel: The Evolution of Chinese Cyber Statecraft with Ciaran Martin, Louise Marie Hurel, and Eugenio Benincasa – watch on YouTube.

• Webinar: Building Your OSINT LLM Agent – watch on YouTube.

CTF

• The Huntress CTF by the John Hammon – Year 3

  Runs October 1 - 31 with new challenges every day. Free to play, register anytime and participate at your own pace. More info.

• A list of Halloween 🎃 OSINT CTFs is coming in the next issue!