codete what is osint definition and examples of open source intelligence main 05c7836529
Codete Blog

What Is OSINT? Definition and Examples of Open-Source Intelligence

Dawid Pacholczyk 3622ceab56

21/04/2022 |

9 min read

Dawid Pacholczyk

Personal data, according to some, is the new oil. It's just beneath the "surface" of the ground you're used to – the Internet. When dug up in the right place, it can burst into a stream of credentials, allowing full person ID collection. And to find these places, it is best to use OSINT. 


Table of contents:

  1. Definition of open-source intelligence (OSINT)
  2. How is open-source intelligence used?
  3. The dark side of OSINT
  4. Open-source intelligence (OSINT) – wrap-up


Many businesses don't know how much of their information and data is available to the public and how many risks they could face because of it. Some sources of online information (like search results, Facebook, Clutch, GoWork, or LinkedIn) are obvious.

Still, cyber threat intelligence goes far beyond these deposits, looking deeper into the huge amounts of online databases available on every person, company, and organization in the world.

Definition of open-source intelligence (OSINT)

Open Source Intelligence focuses on the systematic collection, analysis, and generation of actionable insights from public records. So-called open sources include everything that the general public has access to, involving the internet (search engine results), media publications, government reports, social media posts (and pictures with your exact location); followed by a dark web-based list of exposed assets (i.e. data leaks, compromised phone numbers, and stolen credentials). 

This type of intelligence tool collects public data for a variety of purposes, i.e. threat intelligence. OSINT analysts – whether good or bad actors – are interested in more than just the front end of web pages or the actual message of a blog post. They are also eager to delve deeper and collect data points that are more difficult to come by, including IP addresses, telephone numbers, login credentials, and uploaded files, which contain another layer of metadata. Basically speaking, an open-source reconnaissance tool is perfectly legal to use, as there are no constraints on how the data you discover should be used.

As a result, the issue with OSINT tools is not one of data availability. Rather, it is about employing the proper methodology to extract the appropriate data, clean it up, process it, and combine it with as many resources as possible. This would ideally be done using automation (ie. machine learning, artificial intelligence) so that fraud analysts can focus on making sense of it rather than doing manual labor. For example, ethical hacking uses many OSINT tools in the first phase of penetration testing for assessing vulnerable data that hackers and cybercriminals could exploit to gain access to a company's network.

How is open-source intelligence used?

You need to be aware that OSINT isn't synonymous with "hacking." It should be perceived as an effective method of researching an issue or assessing risk. Still, the very same freely available information can also be used in ways that the data owner did not intend to. This could happen by reposting someone’s details by sharing their CV on LinkedIn, updating details of your own family tree, or even posting a geotagged picture.

A professional OSINT analyst never enters secured areas to look for information; they won’t steal passwords or breach firewalls. Instead, they employ advanced search techniques and refined research skills to uncover information that is hidden in plain sight – information that is freely accessible to anyone who knows where and how to look. Birthdate, kids' names, mother’s maiden name, wedding date, or other specific dates and names usually typed as a security question, could be, for example, easily harvested via social media. And the active status updaters are actually serving their own maps of places and activities to anyone interested. 

However, not all information use constitutes intelligence. As a result, it must be added to the definition of OSINT that the collection and analysis of such data must be done quickly and purposefully in order to address an appropriate audience about specific strategic objectives.

By employing so-called "Google hacking," an actor is able to identify information that is indexed by Google web-crawling technology and thus is openly available online but often should not be. 

An OSINT analyst usually starts their research with a single piece of data, such as a person's workplace, email address, or full name. By browsing multiple web-published records, he or she usually reveals more and more personal information about the target, which can be critical for both the subject and any malicious attacker. 

Keep in mind that sometimes information related to you might be less destructive than the information published by you. Controversial social media posts (also in the form of comment replies in a thread) can be easily saved as a screenshot and used for a ransom demand. 

OSINT analysts can help web users comprehend their own digital footprint and the consequences of having their personal information freely available. This information has limitless potential for exploitation. Every individual and company should be aware of their digital footprint.

OSINT collection and analysis has become highly specialized, and it is used by a diverse range of professionals such as intelligence services, journalists, private investigators, security professionals, and academics. OSINT analysis can reveal a wealth of details about an individual or corporate target – likely far more information than the target was aware of or desired to be made public. As mentioned above, sometimes as little as a person’s full name is enough to discover a net of data points, disclosing the target’s maiden name, yearly income, family composition, list of employees, or even track down the first vehicle VIN number.

The dark side of OSINT

However, there is a downside to open source intelligence: gathering information is basically the same for security teams and threat actors. Both sides can employ the same techniques, gain access to the very same multiple sources and look up a similar search term. The difference is that multiple data points can be used to analyze data by one side and to access technical information related to confidential data by a malicious actor.

In other words, criminals may attempt to exploit sensitive information gathered and pieced together from public sources. This includes domain names, web data, and other types of relevant information ( numbers, maiden name, etc). These are usually used for adding an additional layer of protection.

Hackers utilize OSINT to gain more information about their target. It's a form of pre-attack planning, wildely used to harvest sensitive data – mainly about an organization's technology, its vulnerabilities, weaknesses in security policies, and other potential points of entry. Looking up someone's LinkedIn profile is a simple example of this. The data found there is used to connect with people who work at a company. The hacker might then impersonate you, inviting them  (with phishing emails) to visit a spoofed website, which requires logging in with company credentials. 

Exploiting online OSINT is an important tool in the armory of hackers who wish to identify holes in a company's IT security configuration or tailor phishing emails to individuals so that they contain authentic user information and so appear realistic. Furthermore, OSINT data is not subject to the same restrictions as other online data. This means that hackers can gain access to this information without breaking any laws. Hence, it's the most efficient approach for them to gather information on possible targets.

This means that it's up to IT experts to find places where networks are vulnerable, stop leaks, and figure out if something that wasn't supposed to be OSINT data is now available to the public.

How to defend yourself against an attack

We are surrounded by information. Whether at home, in social settings, or even at work, Similarly, when considering the vast amounts of financial information available, many people would be surprised to learn the full scope of information produced in every business transaction. That's why many businesses use open-source intelligence to understand, track, and evaluate the vast amounts of information produced in the business.

People have accidentally put or left online a lot of private information that they didn't mean to. We tend to choose shortcuts. For the sake of creativity or faster upload, each day thousands of employees share company internal documentation (blueprints, new products/technology details, department details, memos, spreadsheets) via publicly accessible free (or paid) tools. Sadly, access to less than half of them is restricted from the curious crowd. Even less is deleted while finished – endangering spilling company secrets all over in case of an attack on a used tool. 

That’s why, when working with virtual data, it is important to stay alert. OSINT makes it easy for hackers to get information without having to do a lot of research on the internet. This means that they can get enough information to launch attacks before their victims know what happened.

Here are some pointers to help you protect yourself from cybercriminals:

  1. Discover the most often utilized tactics by hackers to steal your information. If you receive an email demanding personal information, undertake some preliminary investigation to ascertain the veracity of the request. Avoid doing online transactions on vulnerable systems.
  2. Maintain a minimum amount of publicly accessible information, as this is how hackers obtain OSINT. This is especially true on social media, where you may inadvertently disclose crucial details. Create a private social networking account. Add only friends you genuinely know and establish a habit of manually scrutinizing all posts before they become public.
  3. Frequently change your passwords and keep note of the ones you've lately used to prevent them from falling into the wrong hands. Never reveal your passwords online, as this provides hackers with full access to your account information. To prevent unauthorized access to your account, turn on two-factor authentication (if possible).

Open-source intelligence (OSINT) – wrap-up

The gathering, analyzing, and identifying of publicly available information is at the heart of open-source intelligence. In addition to a deep understanding of major search engines' capabilities, OSINT analysts use a wide range of known sites, tools (i.e. visualization tools), and techniques to uncover valuable information about a subject. As the amount of information available on the internet grows, OSINT research will become even more valuable to firms and other businesses.

Any company can hire a qualified cybersecurity team to decrease its vulnerability to cyber-attacks and data branches. Because hackers can use a multitude of techniques to exploit a company's weaknesses, OSINT is a highly effective way to keep track of data.

If you're not sure what kind of security measures your firm should have in place to protect itself from these attacks, get in touch with us right away.

Rated: 5.0 / 2 opinions
Dawid Pacholczyk 3622ceab56

Dawid Pacholczyk

Consulting Manager at Codete with over 15 years of experience in the IT sector and a strong technical background. Seasoned in working with multinational companies. Ph.D. student and lecturer at Polish-Japanese Academy of IT, focused on software architecture, software development and management.

Our mission is to accelerate your growth through technology

Contact us

Codete Global
Spółka z ograniczoną odpowiedzialnością

Na Zjeździe 11
30-527 Kraków

NIP (VAT-ID): PL6762460401
REGON: 122745429
KRS: 0000983688

Get in Touch
  • icon facebook
  • icon linkedin
  • icon twitter
  • icon instagram
  • icon youtube
  • icon github
  • Kraków

    Na Zjeździe 11
    30-527 Kraków

  • Lublin

    Wojciechowska 7E
    20-704 Lublin

  • Berlin

    Bouchéstraße 12
    12435 Berlin