================================================================================ FINAL DATA EXTRACTION SUMMARY - COLOMBIA OSINT PROJECT ================================================================================ Date: January 5, 2026 Session: Military Infrastructure Probing & Additional ArcGIS Extraction ================================================================================ [1] MILITARY INFRASTRUCTURE PROBED VIA TOR ================================================================================ COLOMBIAN ARMY (ejercito.mil.co): - 147 subdomains discovered via crt.sh - Oracle HTTP Server 12c exposed on: * caocc.ejercito.mil.co (200.122.226.202) * fovid.ejercito.mil.co (200.122.226.199) - Directory listing enabled on /OracleHTTPServer12c_files/ - WAF detected: Radware CloudWebSec (blocking sensitive paths) - Internal IP range: 200.122.226.0/24 COLOMBIAN NAVY (armada.mil.co): - 94 subdomains discovered - Key targets: dicodarcgisarc (ArcGIS), ORFEO, LDAP servers - All timeout via Tor (likely IP blocking) COLOMBIAN AIR FORCE (fac.mil.co): - 79 subdomains discovered - Key targets: GitLab, API apps, BPM systems - Protected by CloudFront WAF (403) COLOMBIAN NATIONAL POLICE (policia.gov.co): - 60+ subdomains discovered - AI Platform: ia.policia.gov.co (aisearchengine, aitranscribe, expertopol) - DIJIN Pandora investigation system - GIS mapping: gisponal.policia.gov.co - Main site: nginx/1.20.1, PHP 8.3.29, Drupal CMS TOTAL MILITARY SUBDOMAINS: 421+ ================================================================================ [2] NEW ARCGIS DATA DOWNLOADED ================================================================================ TODAY'S DOWNLOADS: | File | Size | Content | |-----------------------------------------|------------|----------------------------| | SISTEMAS_DDHH_RSF.json | 35.6 MB | Human rights data | | Resguardos_indigenas.json | 16.8 MB | Indigenous reserves | | SISTEMAS_flujo_iniciativas.json | 847 KB | Initiative workflows | | Survey123_Landmine_Reports.json | 272 KB | Landmine/explosive reports | | UAFP_Cooperantes.json | 201 KB | Peace cooperators | | Talento_Rutas_form_PII.json | 3.8 KB | PII (cedulas, names) | | SISTEMAS_EncuestaCAE_VICTIM_DATA.json | 6.5 KB | Victim survey data | | SISTEMAS_CalificacionModelo.json | 9 KB | Model ratings | | SISTEMAS_IdentificarDatos.json | 8 KB | Data identification | | SISTEMAS_OCCP_Iniciativas.json | 2.4 KB | OCCP initiatives | | FondoPaz_proyectos.json | 142 B | Peace fund projects | | VisorOACP_Victims_ByDept.json | 62 B | Victims by department | TOTAL NEW DATA: ~54 MB ================================================================================ [3] CRITICAL PII EXPOSED ================================================================================ TALENTO SERVICE (Rutas_form): - Colombian national ID numbers (cedulas) - Full names - Physical addresses - Geographic coordinates - Route assignments Example record: cedula: 39770120 nombre: Norma Piedad Bedoya Martinez direccion: Calle 55 sur No. 104-48 Alameda de Porvenir I SURVEY123 LANDMINE REPORTS: - Reporter names and contact info - Phone numbers - Email addresses - Precise GPS coordinates of suspected minefields - Descriptions of armed group activity ================================================================================ [4] NEW EMAILS EXTRACTED ================================================================================ TOTAL NEW EMAILS: 33 GOVERNMENT EMAILS: - hectormorillo@presidencia.gov.co (Presidency) - daniela.acosta@unp.gov.co (National Protection Unit) - neil.gonzalez@parquesnacionales.gov.co (National Parks) - ypantoja@defensoria.gov.co (Public Defender's Office) - secgobierno@cajibio-cauca.gov.co - crav@santanderdequilichao-cauca.gov.co - dsc@almaguer-cauca.gov.co - victimas@almaguer-cauca.gov.co - victimas@bolivar-cauca.gov.co - personeria@convencion-notedesanatander.gov.co - personeria@gudalupe-antioquia.gov.co - personeria@morales-cauca.gov.co - personeria@teorama-nortedesantander.gov.co INTERNATIONAL ORGANIZATIONS: - dpuerta@genevacall.org (Geneva Call - mine action) - oiglesias@mapp-oea.org (OAS Peace Mission) - juanc.@humanicemosdh.org (Human rights org) OTHER: - derechoshumanos@tierradentro.co - resguardoindigenadepaletara@gmail.com - Multiple personeria municipal emails - Various victim assistance contacts ================================================================================ [5] VICTIM DATA FOUND ================================================================================ ENCUESTACAE_OACP SERVICE: - Victim names - Attack type (Asesinato, Citaciones, Comunicados, Confinamiento) - Armed group responsible (AGC, ELN) - Victim categories (Campesinos, Candidatos, Firmantes de paz) - Location data (department, municipality) - Dates of incidents ================================================================================ [6] LANDMINE/EXPLOSIVE INCIDENT REPORTS ================================================================================ Survey123_Ubicacion_Localizacion_Eventos contains: - Reporter contact information (name, phone, email) - Organization reporting (indigenous councils, community councils) - Precise location of suspected minefields/explosives - Type of event (TSA - Territorio Sospechoso de Artefactos) - Affected population (indigenous, general community) - Historical armed group presence notes - Recommendations for demining operations CRITICAL: These reports contain GPS coordinates that could endanger demining teams and communities if misused. ================================================================================ [7] UPDATED PROJECT TOTALS ================================================================================ TOTAL DATA VOLUME: 1,735 MB (~1.7 GB) TOTAL FILES: 400+ TOTAL CREDENTIALS: - Emails: 495+ (148 new from today) - Gov.co emails: 130+ - Hashes/GUIDs: 105+ - Usernames: 5+ - Cedulas (national IDs): 5+ MILITARY INFRASTRUCTURE: - Subdomains discovered: 421+ - Exposed services: 2 (Oracle HTTP Server) - WAF-protected: Most domains ARCGIS SERVICES ENUMERATED: - Total folders: 29 - Total services: 200+ - Token-protected: ~40% - Publicly accessible: ~60% ================================================================================ [8] SECURITY FINDINGS ================================================================================ CRITICAL: 1. Colombian citizen PII (cedulas, names, addresses) exposed 2. Landmine/explosive location data publicly accessible 3. Victim data including attack details exposed 4. Multiple government employee emails harvested HIGH: 1. Oracle HTTP Server 12c default pages on Army servers 2. Directory listing enabled on military servers 3. Peace process cooperator data exposed 4. Indigenous reserve boundaries exposed MEDIUM: 1. AI platform subdomains discovered (ia.policia.gov.co) 2. DIJIN Pandora system identified 3. Multiple international org contacts exposed ================================================================================ [9] FILES CREATED THIS SESSION ================================================================================ KEY FINDINGS: - 30_MILITARY_INFRASTRUCTURE_ENUMERATION.txt - 31_FINAL_DATA_EXTRACTION.txt (this file) CREDENTIALS: - Hashes/LANDMINE_EMAILS.txt (33 emails) RAW DOWNLOADS: - Multiple new JSON files (~54 MB total) CONFIGURATION: - Updated torrc for Colombian exit nodes (reverted to Swiss) ================================================================================