Introduction
Open Source Intelligence (OSINT) is the process of collecting and analyzing publicly available information to gain useful insights. It is widely used in cybersecurity, ethical hacking, digital forensics, and investigations.
Unlike hacking, OSINT is completely legal when used ethically.
What is OSINT?
OSINT includes data collected from:
- π Websites
- π± Social Media
- π° News Articles
- π Public Records
- π Domain & Network Data
Example: Finding employee emails of a company using public tools.
Importance of OSINT in Cybersecurity
- π Reconnaissance (Footprinting phase)
- π‘οΈ Threat Intelligence
- π¨βπ» Social Engineering Prevention
- π΅οΈ Digital Investigations
- π’ Corporate Security
Β Types of OSINT Data
- Structured Data β databases
- Unstructured Data β social media, images
- Semi-structured Data β JSON, logs
π οΈ Free OSINT Tools
π Investigation Tools
- Maltego
- SpiderFoot
- theHarvester
- Recon-ng
π Network & Domain Tools
- WHOIS
- Shodan
- Censys
π§ Email & Username Tools
- Hunter.io
- Have I Been Pwned
- Sherlock
πΌοΈ Image & Metadata Tools
- Google Images
- TinEye
- ExifTool
PRACTICAL: OSINT Investigation
π― Objective
Gather information about a target using only free OSINT tools.
π₯οΈ Step 1: Domain Recon
Tool: theHarvester
theHarvester -d example.com -b google
π Output:
- Emails
- Subdomains
- Hosts
π Step 2: WHOIS Lookup
Tool: WHOIS
π Shows:
- Domain owner
- Registration date
- DNS
π Step 3: Google Dorking
site:example.com
filetype:pdf site:example.com
intitle:”index of” example
π Finds:
- Hidden files
- Public documents
π§ Step 4: Email Breach Check
Tool: Have I Been Pwned
π Check leaked emails
π Step 5: Device Intelligence
Tool: Shodan
π Shows:
- Open ports
- Services
- Vulnerabilities
πΈ Step 6: Image Metadata
Tool: ExifTool
exiftool image.jpg
π Extract:
- GPS location
- Camera info
- Time
β οΈ Legal & Ethical Use
- β Use only public data
- β No unauthorized access
- βοΈ Follow IT laws
- π§ Ethical usage only
Advantages
- Free
- Legal
- Beginner-friendly
- Powerful intelligence
Limitations
- Data may be outdated
- Time-consuming
- Needs verification
Conclusion
OSINT is a must-have skill in cybersecurity, especially for reconnaissance and investigation. With the right tools and ethical practices, it becomes a powerful and legal way to gather intelligence.