Blog

OSINT ON CHINA BLOG, DARK WEB, TOOLS, INSIGHTS, METHODS AND RESOURCES.

July 8, 2026

Threat Intelligence Platforms Suck. Here's Why

The sales deck shows pins on every underground ecosystem. What ships is machine-translated headlines and keyword alerts — coverage you can see, intelligence you can't.

Read post
July 6, 2026

China OSINT: Intelligence Gaps in Vetting Processes

The résumé is the least trustworthy document in the room — and it's the one nearly every vetting process leans on hardest.

Read post
January 14, 2026

Cyber Intelligence: C2 Infra Detection

Operators leave default certificates, unchanged favicons, and framework credits sitting in the HTML. Every shortcut they take becomes a fingerprint — and fingerprints are searchable.

Read post
January 9, 2026

China OSINT: Is The Name Fake?

张三 is China's John Doe. Before you build a profile on a Chinese name from a leak, make sure you're not chasing a placeholder.

Read post
December 30, 2025

China OSINT: DouYin Military Activity

Some of the most valuable open-source intelligence on Chinese military activity isn't text — it's Douyin video. Here's how to work with it, even if you don't read Chinese.

Read post
December 19, 2025

China OSINT: Mass Surveillance Tech

Leaked internal documents reveal 270 million monthly voiceprint collections, video analysis deployed to China's security apparatus, and deep integration with Huawei systems.

Read post
December 13, 2025

China OSINT: Inside The CCP

Party members, veterans, grid watchers, militia warehouses, and 2,000 people whose every move is logged — a look inside a village-level CCP surveillance system on the North Korean border.

Read post
December 11, 2025

Cyber Intelligence: Threat Actor Attribution

A new alias doesn't mean a new actor. Behavioral patterns, opsec failures and linguistic habits persist — here's a framework for collapsing personas back into one operator.

Read post
December 10, 2025

PLA Unit Numbers: What They Tell You

Decode the structure of PLA unit designations — what the MUCD numbers reveal about branch, function, and command, and how to search them.

Read post
December 4, 2025

Sanctions Evasion Patterns: Chinese Shell Company Playbook

The day after a Chinese company hits the Entity List, a new one is registered in Hong Kong. Same address, same directors. Here are the patterns that give the cutouts away.

Read post
December 3, 2025

The Name Is a Lie: China OSINT

You search 'Zhang Wei' and get 50 million results. Chinese name OSINT runs on different logic — and if you don't understand it, you're drowning in false positives or missing your target.

Read post
December 2, 2025

Tracking Chinese Dual-Use Tech: Patents, Registries, and Leaks

Beijing's military-civil fusion doesn't hide in secret networks — it files patents, registers companies, and occasionally leaks documents. Here's where to actually start looking.

Read post
August 12, 2025

New Underground Forum

XSS shut down, BreachForums got compromised, and a new forum quietly emerged to absorb the fallout. Spotting these shifts early is what separates reactive monitoring from proactive intelligence.

Read post
August 4, 2025

China's Dual Use Tech: AI

China's 2025 AI Security Governance draft reads like standard regulatory noise — until you notice it's a playbook for AI-assisted offensive cyber operations at scale.

Read post
July 30, 2025

Is your target PLA?

No military background anywhere online. Then a routine 2019 civil-servant candidate list from Jingmen City gave up the whole profile.

Read post
July 22, 2025

From Pastebin to Threat Actor

Some of the most actionable dark-web sources aren't buried in .onion forums — they're sitting in plain sight on paste sites. Here's how to pivot one overlooked paste into a live threat-actor network.

Read post
June 1, 2025

Bypass Blocked Sites (No VPN)

Wix-style geo/VPN/TOR blockers rely on simple logic. Understand how they work and two out-of-the-box methods open the door — no VPN required.

Read post
May 28, 2025

Metadata Exposed Dark Web Forum Admin

A familiar-looking logo on a dark web forum led us to its admin — through the image metadata they forgot to strip.

Read post
10:55
April 1, 2025

Live bypass: QCC.com & Tianyancha

QCC and Tianyancha block foreign traffic with DPI, not a geo-fence — which is why a VPN doesn't get you in. Live, unedited, the route through.

Watch
1:21
February 21, 2025

Chinese Top Secret G0V files: OSINT in China

Over 50 exposed government documents marked top secret or confidential — found with a single method, somewhere keywords return nothing.

Watch
China OSINT · Capture the Flag

Trace a real target through China's underground.

A free, hands-on investigation that chains the clues from the surface web down to the source — the same tradecraft, as a challenge. No course required to play.

Enter the CTF
Designed by EPCYBER · in collaboration with
Hacktoria UK OSINT
CSDN .ONION TELEGRAM QQ PHONE WEIBO TARGET
13Objectives6Platforms90MinutesEasy
QQ 百度 MOBILE 微博 微信 TARGET
10Objectives5Platforms120MinutesEasy
1:15
February 16, 2025

Bypassing access to restricted Chinese networks

Seventy-five seconds. The technical restrictions that stop most Western practitioners cold, and the way through.

Watch
5:58
February 16, 2025

Get Chinese mobile numbers for OSINT in China

The +86 is the join between an account and a person. Here is how to get one.

Watch
13:01
January 21, 2025

RedNote is exposing users' mobile numbers

RedNote leaks its users' mobile numbers. What that opens up, and the databases sitting behind it.

Watch
6:02
October 29, 2024

Methods to bypass Chinese government (gov.cn) site restrictions

Reaching gov.cn data past its technical restrictions. Methods we found ourselves — which is why they still work.

Watch
8:24
October 23, 2024

Bypassing CSDN without an account

CSDN shows you enough to know the answer is there, then holds the rest behind a +86 login. Step by step, without an account.

Watch
16:56
October 20, 2024

Cyber threat identification in China: the good, the bad, and what to do

Finding data, getting past site restrictions, and running CTI across China's landscape — tools, cases, and source development.

Watch
11:41
October 14, 2024

Sneak peek: finding Chinese SOCMINT tools and methods

Twelve minutes of an actual lesson. How we explore, search, and pivot in China's ecosystem — including the wrong turns.

Watch
6:26
August 5, 2024

Why CTI platforms fail to deliver, and what we do instead

90% of CTI reports scratch the surface. Two reasons nobody in the industry wants to name — and what actually fixes it.

Watch
4:23
July 23, 2024

A new dark web Genesis Market, and a new leaks search engine

A Genesis Market successor and a new leaks search engine — both caught while still in early development, before anyone was watching.

Watch
10:18
July 13, 2024

What skills you gain from our China OSINT trainings

For team leaders asking what their analysts will actually be able to do afterward. The full rundown — and an honest note on who it isn't for yet.

Watch
3:54
July 6, 2024

Bypassing access without VPN

Ask a Western analyst how to reach a blocked Chinese site and you get one answer. Those platforms were built assuming you'd bring exactly that.

Watch
7:10
April 4, 2024

China OSINT Advanced

An overview of the Advanced program — what it covers, and who it is built for.

Watch
5:18
August 28, 2023

You need to know this Weibo OSINT trick

A manual route from a Weibo image to the account behind it. One episode of Bytes of Clues — and a drop in the ocean, by our own admission.

Watch

GOT A QUESTION ABOUT OUR TRAININGS?

Not sure which program fits, or whether we cover what you need? Just ask.

We're happy to tell you whether a specific platform, or focus area is included in a given course — and if it's not, whether we can build it in.

Reach out to sales@epcyber.com about:

  • Whether we cover a specific platform (Weibo, Xiaohongshu, Douyin, CSDN, or anything not listed)
  • A particular focus area you need
  • Group rates, team enrollment, and custom corporate bundles
  • Eligibility — if you're unsure whether your organization qualifies
  • Payment options — wire transfer and other methods for organizations
  • Custom or tailored training built around your team's mission
  • Whatever you're trying to accomplish, tell us where you're headed and we'll point you to the right program.
All contact routes