Short OSINT Article

Short OSINT Article

By 108308_

3 min read

What is OSINT exactly?


OSINT is defined as the process of collecting and analyzing information from public sources to serve a specific purpose. A public source is things like social media platforms, public records, search engines, TV and Radio, etc. Companies, governments, reporters, and intelligence analysts, and even cybersecurity experts all use OSINT to find information that they’re interested in, which could be information on a specific person, group of people, or many other things. It can be used for cybersecurity, social engineering and more, and it is particularly useful for feds, some people who like it are; the DIA, NSA, CIA, and many more, so if you want to be a fed, you should learn OSINT.

Of all types of Intelligence Gathering, it’s the most used because it is usually free, the reason it’s not always free is because some commercially available information (CAI) is still considered apart of OSINT, which means you can buy information, usually from data brokers. OSINT is useful for careers in cyber, It’s a huge field, matter of fact, Future Market Insights predicts the OSINT market will reach a value of 58 Billion USD by 2033, OSINT is invaluable.

Here’s some key takeaways:

  • As with most things in cyber, there is a bad side, OSINT is mainly used by security professionals, but it’s also used by threat actors.
  • There’s a lot of information out there, many are open source, so information overload can happen, you have to really disseminate what’s useful to you and your investigation.
  • If you aren’t a security researcher already, you should probably know, a huge part of your job will most likely be visualizing what you gather and making it easy to understand, so you’ll need a good tool for that, I hope you like making PowerPoints.

Disclaimer: You will have to protect your privacy

Again, as with most things in cyber, you need to conduct your research with OPSEC (Operations Security) In mind, some things you can use may be VPNs, URL and File scanners, antivirus software.

Tools of the Trade

Alright time for some fun stuff, tools, everyone loves tools so here’s 3 OSINT tools (I know only a few but one of em has a couple 100 tools in it), of course, you can’t talk about OSINT without bringing up this one

  1. OSINT Framework, OSINT framework is a collection of categorized and well organized tools and resources for different types of investigations, it has almost any tool you’d ever need (https://osintframework.com/)
  2. Maltego is another very popular tool, but for visualization, it’s a graphical link analysis tool for mapping and analyzing relations between entities (https://www.maltego.com/)
  3. have i been pwned? yeah probably, but you can check if you or someone else has by using this tool, have i been pwned. It is a tool that checks if emails or usernames have been compromised in data breached (https://haveibeenpwned.com/)\

In conclusion, use OSINT and 𝐃𝐆𝟒𝐄.

shouts dimez, this is a less serious article hopefully you enjoyed it, if you didn’t email your complaints to [email protected]


Comments