Skip main navigation

£199.99 £139.99 for one year of Unlimited learning. Offer ends on 28 February 2023 at 23:59 (UTC). T&Cs apply

Find out more

What Is OSINT?

In this video, you will learn more about Open-Source Intelligence (OSINT).
In this video, we’re going to talk about what is OSINT. So what is OSINT? Wikipedia has a pretty good entry. OSINT, Open- Source Intelligence is data collected from publicly available sources to be used in an intelligence context. So what does that exactly mean for us?
So OSINT has a lot of different uses. For malicious hackers, they generally use it for reconnaissance. For IT professionals, IT professionals can typically use it to track bad actors. Law enforcement will typically use it for tracking people down. Also OSINT investigators will use it for tracking down, say, missing people, for example. It can also be used for background checks and a lot more. OSINT is a very powerful tool that’s widely used. It’s also one of my favourite topics. So let’s get more into it.
So OSINT, again, it can be used for a lot of different things, especially for tracking people down, uncovering information. So in a security role for OSINT, an example would be a while back I was asked to investigate someone. I was given a name. I was given that they were doing some suspicious activities, so I started off. So starting off with the name, I was able to pull up private email addresses tied to that name. From those private email addresses, it led me to a Pastebin dump. That Pastebin dump had a number of questionable activities tied to it. It also had additional names on there. Those additional names led to different online handles for these individuals.
And those online handles led to more additional information. So you can kind of see how OSINT works, starting off with one thing - in this case it a name. A lot of times, it will be a name, an IP address, email address. It could even be a photo. That one piece of evidence can lead to something else. And it kind of splinters off from there. So it’s essentially like putting a puzzle piece together. You get one piece, and that one piece connects to these other pieces, depending on what you’re investigating and what your end goal is. So there’s a lot of different tools for OSINT out there. Some are online tools. Some are operating system.
Some are tools that you instal on your computer. OSINT tools tend to be either, again, web based or tends to be designed for Linux. A lot of tools are also going to be written in Python. You can do OSINT on, say, a Windows machine. But again, if you’re installing tools, a lot of the tools are going to be for Linux based, just want to throw that out there. So again, there’s a lot of tools. There’s Tor browser is useful. Google Maps, Maltego, Spiderfoot, Google Dork, which is essentially advanced Google searches that you could do through the regular Google engine, Bitcoin Who’s Who and the Trace Lab VN that we’re going to be taking a look at later.
So before you start, there’s a few things you should do for your OSINT investigation. So preparation wise, you want to create a sock puppet account. And what a sock puppet account is, it’s a account that doesn’t tie back to you. It’s not using your real name. It’s not using real phone number. It’s not using your real address or anything like that. The reason for this is when you’re doing OSINT investigation, you may be investigating individuals or activities that you don’t want to come back to you. Sometimes these people don’t want to be investigated. Sometimes they don’t want to be found. And overall, it’s just safer using a sock puppet account, again, a fake account.
You also want to have a virtual machine, and that’s just good practise. So virtual machine means that you have a virtual computer that you can run your OSINT investigation from. And the reason for this is if you’re investigating some areas that are kind of shady, you don’t want to get a virus on your main computer. Also, it helps with the overall integrity. You have a clean machine. Nothing was ever done on this machine except for investigation, which is also useful. Now when you’re investigating your target, you want to know who or what you’re investigating, what’s the scope of work, what’s the timeline, what is your employer or client want from this investigation.
These are important things to find out ahead of time. Agreement wise, you want to have some sort of written agreement with a scope of work, so you can help avoid any confusion or any other issues. And keeping safe, be careful with your investigations. It is important. It’s also important for success, again, tracing back to you and you don’t want to spook your target in any way. So a lot of OSINT is going to be very passive, meaning that a lot of times you don’t actually try to call these individuals in person or try to contact family members in that. A lot of OSINT is passive, not to say that you can’t do that.
But a lot of the stuff I dealt with is in a passive manner.
So wrapping up, OSINT stands for Open-Source Intelligence. OSINT is data collected from publicly available sources to be used as in intelligent context. Malicious hackers, security teams, law enforcement are some people who would use OSINT. OSINT can be used for locating missing people, background checks, tracking malicious hackers, and much more. There are a number of tools available for OSINT, including online browser tools and more specialised tools that need to be installed. Sock puppet accounts should be used in OSINT investigations. A clean OSINT VM should also be used for any investigation. Now this was about OSINT. In the next video, we’re going to be talking about the Trace Labs OSINT virtual machine. Thank you for watching.
I’ll see you in the next video.

In this video, you will learn more about Open-Source Intelligence (OSINT).

Open-Source Intelligence (OSINT) is a diverse tool that can be used by anyone, from hackers with malicious intent, to law enforcement trying to find missing people.

This article is from the free online

Advanced Cyber Security Training: Network Security

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education