Open in app

Sign in

Write

Sign in

OSINT for Beginner’s

Rahul Kumar
3 min readJul 9, 2022

Techniques to get you started your Journey in OSINT …

! OSINT (Open Source Intelligence) is the practice of gathering public, open-source information. It is used in many different fields by various professionals:-

  • Financial institutions: as part of the due diligence process, before entering a new contract.
  • Law enforcement and private detectives: to find new evidence, connect criminal activity to a person of interest, or investigate someone.
  • Cybersecurity companies / consultants: to perform penetration testing on companies.

This information comes from a variety of sources, including the social media pages of your company and staff. These can be a goldmine of information, revealing information such as the design of ID badges, layout of the buildings and software used on internal systems.

  • Newspaper and magazine articles, as well as media reports.
  • Academic papers and published research.
  • Books and other reference materials.
  • Social media activity.

One of the most common reasons cybercriminals leverage OSINT is for social engineering purposes. They will often gather personal information of potential victims via social media profiles or other online activity to create a profile of the individual that can then be used to customize phishing attack.

Find out where a picture was taken

IMINT or imagery intelligence techniques can be used for all kinds of investigations, for example by journalists trying to assess the validity of a piece of evidence or private investigators attempting to retrace someone’s footsteps.

But even simple IMINT and SOCMINT (social media intelligence) techniques can give good results.

For Example :-

If you’re investigating a selfie, you can still extract useful information simply by paying close attention to what’s in the background. There are a number of online websites or applications that will do that for you, such as MyHeritage or Let’s Enhance, available for limited use on free trial.

Sometimes , we get information from the Social Handles which is very accurate about the user’s or any images.

On social media, look for tags and comments

Sometimes, you don’t need to look further than the comment section. Just because someone is careful enough not to post their actual location doesn’t mean that their friends or followers will be as considerate.

Issues with Open Source Intelligence : -

Legality

Publicly available information is perfectly legal to access, analyze and distribute. Just remember that it can be used by attackers to support or advance illegal activities by seeding misleading or malicious data into certain communities.

Privacy

A shocking amount of information on private individuals is available in the public domain. In cobbling together information from social media profiles, online activity, public records and other sources, it is possible to develop a detailed profile of a person’s habits, interests and behaviors.

Offensive OSINT — Resources and tools :-

1. OSINT Search Engine :- Attackers rely on these OSINT search engines to conduct passive reconnaissance.

• Google- https://google.com and Shodan- https://shodan.io

2. Email Harvesting :-

Harvesting email address is an OSINT technique that gives attackers more information to conduct attacks such as password stuffing and social engineering attacks.

Ex:- The harvester ,https://github.com/laramies/theHarvester

3. Google Hacking Database (GHDB) :-

The GHDB is an index of search queries (we call them dorks) used to find publicly available information.

Ex:- Dorks -https://www.exploit-db.com

4. DNS / Subdomain Enumeration

Subdomain enumeration is the process of finding valid (resolvable) subdomains for one or more domain(s). Having unsecured subdomain can lead to serious risk to your business.

Conclusion

In this article, we’ve seen what OSINT is, its basic techniques and tools, and how they can be used in many contexts by different parties to gain intelligence. The idea was to gently introduce you to the wonderful world of OSINT, and hopefully, help you gain some valuable investigative skills along the way. The next article will focus on what you can do to improve your digital privacy, and make yourself less of an easy target.

Meanwhile, keep practicing: have a go at the OhSINT room on TryHackMe and follow

Rahul Kumar
on Medium for Blogs .

Happy investigations!✌

Osint Investigation

--

--

Rahul Kumar

Written by Rahul Kumar

6 Followers

Hey! I’m Rahul Kumar Security Researcher From 🇮🇳 I’m building my skills in and threat intelligence, Digital Forensic, Open Source Intelligence Etc.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams