I called it McMoggies, mostly for the pun, but also because the interface is loosely themed on a certain well-known fast food chain and no one really trusts cats. The real purpose, though, was to explore what kind of information you can gather from users in real time, using nothing more than a splash of JavaScript and a quietly listening Node.js server.

Each visitor’s session sends back useful details — browser version, operating system, screen resolution, device capabilities, and so on. The sort of thing Google Analytics collects, only this setup does it on the fly, in a more stripped-back and visible way. No cookies, no banners, just the page itself doing the heavy lifting.

McMoggies doesn’t store or log anything. There’s no persistent data, no database, no sneaky tracking. It’s just a moment-in-time snapshot of what your machine is willingly offering up. Once you close the page, that data is gone. Poof.

The tool only works when both the client and server are live — it’s a live demo setup, not a persistent service. No lurking in the background, no phoning home. It's designed to show you what’s visible right now, not to build a profile over time.

It took a bit of trial and error to separate genuine active sessions from idle pings and background noise, but that was half the fun. It’s fascinating to see just how much you can glean with very little infrastructure. This thing runs entirely client-side apart from the Node service, and still manages to collect a decent profile of the device without being intrusive.

Code Snippets

System Information

On the client side this collects detailed system and browser information:

// Basic browser info
getBrowserInfo: function() {
    return {
        userAgent: navigator.userAgent,
        appVersion: navigator.appVersion,
        platform: navigator.platform,
        vendor: navigator.vendor,
        language: navigator.language,
        languages: navigator.languages,
        cookieEnabled: navigator.cookieEnabled,
        doNotTrack: navigator.doNotTrack,
        hardwareConcurrency: navigator.hardwareConcurrency || 'unknown',
        deviceMemory: navigator.deviceMemory || 'unknown',
        maxTouchPoints: navigator.maxTouchPoints || 'unknown'
    };
}

OSINT Value: Provides comprehensive system profiling including hardware capabilities, language preferences, and privacy settings - crucial for target profiling and social engineering preparation.

Bypassing VPNs

One of the most powerful OSINT techniques implemented - bypassing VPNs and proxies to reveal real IP addresses:

// WebRTC local IP detection
getLocalIP: function(callback) {
    if (!window.RTCPeerConnection) {
        callback(null);
        return;
    }

    const pc = new RTCPeerConnection({ iceServers: [] });
    const noop = function() {};
    const localIPs = {};
    const ipRegex = /([0-9]{1,3}(\.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/g;

    pc.createDataChannel('');
    pc.createOffer().then(function(sdp) {
        sdp.sdp.split('\n').forEach(function(line) {
            if (line.indexOf('candidate') < 0) return;
            line.match(ipRegex).forEach(function(ip) {
                if (!localIPs[ip]) localIPs[ip] = true;
            });
        });
        pc.setLocalDescription(sdp, noop, noop);
    }).catch(function(e) {});

    pc.onicecandidate = function(ice) {
        if (!ice || !ice.candidate || !ice.candidate.candidate || !ice.candidate.candidate.match(ipRegex)) {
            callback(Object.keys(localIPs)[0] || null);
            return;
        }
        ice.candidate.candidate.match(ipRegex).forEach(function(ip) {
            if (!localIPs[ip]) localIPs[ip] = true;
        });
    };
}

OSINT Value: This technique exploits WebRTC to reveal internal/local IP addresses that can bypass VPN protection, providing true geolocation data for intelligence purposes.

More than meets the eye - how to leverage the Ratings “App”

Moreover, the comments, likes, and rating interactions within these apps act as a passive — yet powerful — form of social network mapping. Who rates who, who comments repeatedly, and who reacts emotionally (positively or defensively) reveals not only personal connections but potential influence networks and social hierarchies. For example, consistent engagement between two users may signal friendship, flirtation, or rivalry — all valuable in identifying relational leverage points. A user's emotional responses, such as defensiveness to low ratings or eagerness for validation, can highlight psychological vulnerabilities. These cues are gold for adversaries looking to exploit human factors — whether in phishing, impersonation, or more nuanced forms of social engineering.

Beyond engagement patterns, image content itself can be used in psychologically manipulative ways. Certain photos — such as old images the person had removed from other platforms, unflattering angles, or ones tied to a sensitive memory — may be reintroduced or faked to trigger a reaction.

This isn’t just about embarrassment; it’s about creating emotional spikes that reduce a person’s ability to think critically or maintain composure. If attackers know which kinds of images provoke a target (e.g. images linked to body insecurity, past relationships, or family events), they can craft phishing lures, blackmail pretexts, or manipulation campaigns that feel deeply personal. When combined with the data leaks often found in mobile-native apps — including timestamps, device info, or even rough geolocation — these platforms become not just OSINT-friendly but OSINT-weaponisable.

🔥 Tooling Roundup

Some interesting Tools to experiment and play with including McMoggies:

• McMoggies

  • What it does: Tracks and logs live browser session data from website visitors — all triggered from a simple single-page app where users rate AI-generated cats.

    Why it’s useful: It shows just how much telemetry a site can capture in real time without cookies, logins, or user awareness. Ideal for testing browser fingerprinting techniques, session tracking, and passive OSINT collection in a playful, low-stakes environment.

  • Website: https://github.com/JohnRuddy/McMoggies

• Browser Leaks

  • What it does: Reveals what browser fingerprinting data can be accessed via JavaScript.

  • Why it's useful: A direct analogue for understanding how websites collect detailed client-side information like browser version, OS, screen resolution, installed fonts, and more—without any user interaction.

  • Website: https://browserleaks.com

Did You Know? Back in the early 1990s, a team of developers at a company called Mosaic Communications had a wild idea: make the internet accessible to everyone—not just academics and engineers. They built a slick, graphical browser called Mosaic Netscape, and within months of its release in 1994, it became the way to explore the web. The company rebranded as Netscape, and its co-founder Marc Andreessen went from obscure coder to Silicon Valley icon. Fun fact? Netscape was so popular at launch that it captured over 75% of the browser market almost overnight—essentially jumpstarting the first browser war with Microsoft.

Till next time,

John