Nour
@ghostwwn
OSINT & Crypto Specialist
Investigating online fraud, tracing cryptocurrency transactions, and exposing digital deception since 2022.
About Me
I am a 16‑year‑old OSINT and cryptocurrency researcher with four years of studied practice and hands‑on casework since 2022. I began learning investigation techniques through independent research and quickly progressed to applying those methods to real cases involving online fraud, impersonation, and crypto theft.
My approach combines meticulous on‑chain analysis, reverse image and metadata verification, and cross‑platform identity correlation. I prioritize reproducible evidence, clear documentation, and pragmatic remediation recommendations for victims and platform abuse teams.
Objective: Actively seeking an internship or part‑time role in threat intelligence, OSINT, or crypto‑fraud analysis where I can contribute investigative work and grow in a professional setting.
Quick Facts
- New Jersey, USA
- 16 years old
- Self‑taught since 2021 (practical casework from 2022)
- Expected Graduation: 2027
Skills & Expertise
OSINT
- Reverse image search (Yandex, TinEye, Google Images, PimEyes)
- Username & account correlation
- Metadata / EXIF analysis
- Internet footprinting & social graphing
Cryptocurrency Analysis
- BTC & ETH wallet tracing
- On‑chain analysis with Etherscan and block explorers
- Transaction flow visualization & address clustering
- Scam pattern identification and cash‑out detection
Tools & Practices
- Report writing & evidence preservation
- Privacy and confidentiality best practices
- Manual triage workflows, timeline reconstruction, and documentation
Experience & Projects
Independent OSINT & Crypto Researcher
2022 - Present
- Investigated 10+ scam cases covering impersonation, online fraud, and crypto theft
- Performed wallet tracing, cross‑platform identity correlation, and produced investigation reports
- Developed a repeatable investigation workflow and documented recurring scam indicators
OPSWAT Comprehensive OSINT Expert (OCOE)
Issued: 10/23/2025 Expiration: 10/23/2026
Certificate ID: 6BdTXwop_A
View CertificateFull URL: https://learn.opswatacademy.com/certificate/6BdTXwop_A
OPSWAT Introduction to Critical Infrastructure Protection (ICIP)
Issued: 10/24/2025 Expiration: 10/24/2026
Certificate ID: o1QZONmexA
View CertificateFull URL: https://learn.opswatacademy.com/certificate/o1QZONmexA
Fake Dating Profile Exposure
Situation: A user was targeted by a dating profile using stolen images and cloned identities to defraud victims.
Task: Verify the actor’s identity and gather provable links between accounts.
Action: Ran reverse image searches (Yandex, Google), checked image EXIF where available, correlated usernames across platforms, and traced account creation patterns.
Result: Assembled an evidence package linking the profile to multiple cloned accounts and documented provenance of original images; recommendations were provided for takedown and victim guidance.
ETH Investment Scam Tracing
Situation: An investment scam resulted in unreturned ETH transfers with obfuscated recipient paths.
Task: Trace the flow of funds, identify intermediary addresses, and present a reproducible transaction trail.
Action: Performed on‑chain analysis using Etherscan and block explorers, exported transaction histories, and visualized flows to identify clusters and likely cash‑out points.
Result: Mapped transfers to intermediary wallets and produced a technical report including TXIDs, annotated flow diagrams, and recommended reporting vectors for exchanges and law enforcement.
Job Scam Identification
Situation: Applicants reported job offers that requested fees and used cloned company branding.
Task: Confirm fraud, identify infrastructure, and document attacker tactics.
Action: Conducted WHOIS and DNS checks, analyzed VOIP numbers and messaging traces, and compared job copy against legitimate company postings.
Result: Confirmed the campaign was fraudulent, identified responsible domains and VOIP endpoints, and delivered a timeline and evidence package to affected applicants.
Crypto Scam Pattern Analysis
Situation: Multiple incidents showed overlapping tactics and wallet behaviors.
Task: Identify recurring indicators to speed triage and detection.
Action: Aggregated case data, extracted common wallet behaviors and messaging patterns, and summarized high‑confidence indicators.
Result: Produced a practical playbook of red flags and triage steps that improved subsequent case handling and made reports clearer for victims and platforms.
Interactive Terminal
Get In Touch
Interested in discussing OSINT techniques, cryptocurrency tracing, or potential collaboration opportunities? Feel free to reach out through any of these channels.
Location
New Jersey, USA