Image Witness by Signal & Shadow

Right-click any image to reverse-search across TinEye, Google Lens, Yandex, Bing Visual, and more in parallel. Every check logged.

Image Witness is a browser extension for investigative journalists, OSINT practitioners, and researchers. Right-click any image on any web page to reverse-search across multiple image-recognition services in parallel. Every action is logged locally for reproducibility. The extension itself makes no network requests. No telemetry, no analytics, no remote code. Source code is available for review and a static privacy audit script ships with the extension. WHAT IT DOES Right-click any image. The browser's context menu now includes an Image Witness submenu. Choose Reverse-search across all services to open one tab per service in parallel. Choose a single service to open just that one. Choose Log without searching to record the observation without contacting any third-party service. The full catalogue of reverse-image services is curated in the extension source where it can be reviewed. The default catalogue includes major Western and Asian reverse-image services. A face-search service is included as an explicit opt-in option, surfaced separately from the standard pivot targets. Click the toolbar icon to see the activity log. Every action records timestamp, source page URL, image URL, a short hash of the image URL for stable identity, and the service used. Export the log as a SHA-256 signed zip bundle compatible with the standard sha256sum -c verifier. WHY IMAGE PROVENANCE Reverse-image search is one of the highest-leverage workflows in OSINT and fact-checking. It surfaces forgeries, mislabelled photos, recycled propaganda, and synthetic media. Different services index different parts of the web with different strengths. A practitioner who only checks one service is missing most of the picture. Image Witness reduces this multi-service workflow to one right-click and produces a forensic log of every check. READ THIS BEFORE INSTALLING Reverse-image searches are disclosures to third parties. When you choose a search service, that service sees the URL of the image you are searching for, your IP address, your user agent, and the Referer header from the page you were on. Each service has its own privacy policy. Some retain queries indefinitely. Some monetise them. The face-search service included as an opt-in has been criticised for enabling stalking. It is included for practitioners who use it for missing-person work and victim identification, with explicit opt-in framing so users decide whether to deploy it. The extension itself does nothing with this data. Every search opens a normal browser tab to a URL the user explicitly chose. The tool is built for practitioners who understand this and want reproducibility and logging of their image checks, not anonymity. For sensitive investigations, use the extension in conjunction with a VPN, Tor, or a dedicated browser profile, and use the Log without searching action when an outbound search would compromise the investigation. ARCHITECTURE Image Witness uses Chrome's contextMenus API with the image context, which provides the image source URL whenever the user right-clicks an image. No content script. No host permissions. No <all_urls> matchers. No continuous DOM monitoring. The extension's manifest declares only four permissions: contextMenus, activeTab, storage, downloads. FORENSIC PROVENANCE Every action is captured in a local activity log: timestamp, session ID, image URL, image-URL hash, source URL, service used, target URL. The log holds 5,000 entries; the popup warns at 4,500 so you can export before any entries are evicted. Export bundles carry the SHA-256 of every file alongside a capture manifest documenting the export. Anyone receiving a bundle can verify integrity offline. Aligned with the Berkeley Protocol on Digital Open Source Investigations. Built and maintained by Signal & Shadow, an independent investigative-journalism and OSINT practice. More at signalandshadow.io.