0% Complete

OSINT Fundamentals

Open Source Intelligence (OSINT) is the practice of collecting and analyzing information from publicly available sources. This comprehensive guide will teach you the methodologies, tools, and ethical considerations of modern OSINT investigations.

OSINT Investigation Framework

01
Planning
Define objectives and scope of investigation
02
Data Collection
Gather information from public sources
03
Processing
Clean and structure collected data
04
Analysis
Extract meaningful intelligence

OSINT Techniques

Master these essential OSINT techniques to conduct effective investigations. Click on each technique to learn more.

πŸ” Search Engine OSINT

Advanced search techniques using Google operators, Bing, and specialized search engines to find hidden information.

  • Use advanced Google operators (site:, filetype:, intitle:)
  • Search for cached versions of deleted content
  • Utilize reverse image search capabilities
  • Explore alternative search engines (DuckDuckGo, Startpage)
  • Search within specific time ranges for historical data
Tools:
Google Dorks Bing Yandex TinEye
πŸ“± Social Media Intelligence

Extract information from social media platforms, analyze connections, and track digital footprints across networks.

  • Profile analysis across multiple platforms
  • Connection mapping and network analysis
  • Geolocation data extraction from posts
  • Timeline analysis and activity patterns
  • Cross-platform username correlation
Tools:
Maltego SpiderFoot Sherlock Social-Searcher
🌐 Network Reconnaissance

Discover network infrastructure, domain information, IP addresses, and technical details about targets.

  • DNS record analysis and subdomain discovery
  • IP address geolocation and ownership
  • SSL certificate transparency monitoring
  • Port scanning and service identification
  • Historical DNS data analysis
Tools:
theHarvester Recon-ng Shodan Censys
πŸ–ΌοΈ Image Analysis

Extract metadata, location data, and intelligence from digital images using reverse image search and EXIF analysis.

  • EXIF data extraction and analysis
  • Reverse image search across platforms
  • Facial recognition and comparison
  • Geolocation from image metadata
  • Object and text recognition in images
Tools:
ExifTool Google Images TinEye Forensically
πŸ”’ Data Breach Analysis

Search compromised databases, credential dumps, and breach repositories for target information.

  • Search breach databases for email addresses
  • Analyze password dumps and credential leaks
  • Monitor paste sites for sensitive information
  • Check for corporate data exposures
  • Verify if accounts have been compromised
Tools:
Have I Been Pwned DeHashed BreachDirectory Psbdmp
πŸ•ΈοΈ Dark Web Monitoring

Monitor dark web markets, forums, and communities for mentions of targets, credentials, or sensitive data.

  • Search dark web marketplaces and forums
  • Monitor for stolen credentials and personal data
  • Track mentions of company or individual names
  • Analyze cryptocurrency transactions and wallets
  • Identify threat actors and their activities
Tools:
Tor Browser Ahmia DarkSearch OnionScan

Essential OSINT Tools

Professional-grade tools and platforms used by OSINT investigators worldwide, organized by category.

πŸ” Search & Reconnaissance

πŸ”Ž
Maltego
Graphical link analysis tool for mapping relationships between entities and discovering connections.
Visit Tool
πŸ•·οΈ
SpiderFoot
Automated OSINT tool that integrates with multiple data sources for comprehensive reconnaissance.
Visit Tool
πŸ“Š
Recon-ng
Web-based reconnaissance framework with independent modules for information gathering.
Visit Tool
πŸ”
theHarvester
Tool for gathering emails, subdomains, and IPs using various search engines and public sources.
Visit Tool

🌐 Network & Infrastructure

🌐
Shodan
Search engine for internet-connected devices, providing detailed information about services and vulnerabilities.
Visit Tool
πŸ”
Censys
Platform for internet-wide scanning and security research, providing insights into network infrastructure.
Visit Tool
πŸ”Ž
ZoomEye
Cyberspace search engine that collects device information and provides security intelligence.
Visit Tool

πŸ“± Social Media Intelligence

πŸ”
Sherlock
Hunt down social media accounts by username across multiple platforms and networks.
Visit Tool
πŸ“±
Social-Searcher
Free social media search engine that monitors public mentions across multiple platforms.
Visit Tool
πŸ‘₯
PeekYou
People search engine that finds social media profiles and online presence information.
Visit Tool

πŸ”’ Data Breach & Security

πŸ”’
Have I Been Pwned
Check if email addresses or accounts have been compromised in data breaches.
Visit Tool
πŸ”
DeHashed
Search engine for compromised credentials and personal information from data breaches.
Visit Tool
πŸ“‹
BreachDirectory
Database of compromised accounts and passwords from various data breaches.
Visit Tool
πŸ“„
Psbdmp
Search engine for Pastebin dumps and other text storage services for leaked information.
Visit Tool

πŸ–ΌοΈ Image & Video Analysis

πŸ”
TinEye
Reverse image search engine that finds where images appear online and identifies modified versions.
Visit Tool
πŸ“·
Forensically
Online digital image forensics tool for error level analysis, metadata extraction, and cloning detection.
Visit Tool
πŸ”
Google Images
Reverse image search that finds visually similar images and identifies where they appear online.
Visit Tool
πŸ“Έ
ExifTool
Command-line application for reading, writing, and editing meta information in files.
Visit Tool

Legal & Ethical Considerations

OSINT investigations must be conducted ethically and legally. Always respect privacy laws, terms of service, and obtain proper authorization when necessary.

βš–οΈ Legal Compliance

Always comply with local laws, regulations, and obtain necessary permissions before conducting investigations.

πŸ›‘οΈ Ethical Guidelines

Respect privacy, use proportionate methods, and ensure your investigations serve legitimate purposes.

πŸ“‹ Documentation

Maintain detailed records of your methods, sources, and findings for accountability and reproducibility.