DEV Community: Charles Lueilwitz

My OSINT Stack for Image & Identity Monitoring

Charles Lueilwitz — Tue, 24 Feb 2026 10:25:08 +0000

Monitoring where your data (or your client's data) ends up is a full-time job. I’ve spent the last few months streamlining my OSINT workflow to focus on image leaks and identity theft.

Here is the "minimalist" stack I actually use daily:

Social Media Hunting: Sherlock
If you have a username, Sherlock is still the king. It’s a CLI tool that hunts down accounts across hundreds of platforms. Fast, simple, and essential.
Infrastructure Intelligence: SpiderFoot
For a deep dive into IP addresses, domains, and subdomains associated with a leak, I use SpiderFoot. The automation here is insane—it links dots I didn't even know existed.
Visual Monitoring: ERASA
This is my go-to for the "hard stuff." While Google Images is okay for landscapes, it's terrible for tracking specific facial leaks across shady corners of the web. I use the reverse face search logic here to automate the monitoring of image rights. It’s much more efficient than manual searching.
Breach Notification: Have I Been Pwned
Basic, but mandatory. If an image leak starts with a credential breach, Troy Hunt’s tool is where the trail usually begins.
Metadata Scrubbing: ExifTool
Before I re-upload or move sensitive images during an investigation, I run them through ExifTool to strip GPS and device tags. Never trust a "private" photo to stay private if the metadata is still attached.

Why reverse face search is so hard to build at scale (and what we learned)

Charles Lueilwitz — Tue, 10 Feb 2026 10:31:22 +0000

I've been looking into facial recognition workflows lately, and it’s a total rabbit hole. Most people think you just throw an image into a model and get a "match."

In reality, the infrastructure is the real headache. Here are three things I've learned while working on the monitoring logic at reverse face search

The "False Positive" Trap: Using high-confidence thresholds means you miss half the results; lowering them means you get people who just "look similar." Finding that sweet spot in a vector database (like Milvus) is a constant battle.

Speed vs. Accuracy: Moving from a simple index to HNSW (Hierarchical Navigable Small World) graphs was a game changer for us. It’s the difference between a 10-second wait and sub-second results.

The Ethical Gray Area: This is the elephant in the room. Scrapers are everywhere. We’ve found that the best way to use this tech isn't for "stalking," but for defensive monitoring—finding where your own data is being leaked before someone else uses it.

If you’re building something similar or struggling with image indexing, I’d love to hear how you handle vector storage. It’s still a bit of a Wild West out there.

Some Thoughts on Privacy and Everyday Technology

Charles Lueilwitz — Mon, 09 Feb 2026 09:50:49 +0000

Over the last few years, I’ve been paying closer attention to how privacy is lost in modern digital systems — not through dramatic breaches, but through small, incremental design choices that slowly shift control away from individuals.

Most privacy issues today don’t come from someone “hacking” a system. They emerge from how platforms optimize for convenience, scale, and interoperability. Features that make systems easier to use — single sign-on, unified profiles, content sharing, cross-platform identity — also make it easier for information to travel farther than originally intended.

What’s interesting is that many of these risks sit in the gaps between systems, not inside any single one.

Research in areas like usable security and privacy-by-design has shown this pattern repeatedly: users rarely make explicit decisions to give up privacy. Instead, privacy erodes when defaults favor visibility, when friction is removed, and when systems quietly assume reuse — of usernames, images, profiles, or metadata — as a normal behavior.

Identity is a good example.
Usernames and profile images were never designed to be portable identifiers, yet in practice they function that way. Reuse across platforms makes discovery easier, but it also creates unintended linkages: accounts that were meant to be separate become trivially connected, and content shared in one context can resurface in another.

From a technical perspective, this isn’t caused by a single bad actor or flawed algorithm. It’s an emergent property of interconnected systems behaving exactly as designed. From a human perspective, though, the consequences feel very real — loss of control, misattribution, and exposure that’s hard to reverse once it happens.

I’m interested in exploring these edge cases: where technology works “correctly,” but the outcome still feels wrong. Writing here is a way for me to think through how these systems interact in practice, and what that means for privacy in everyday digital life.