Advanced Search

Harnessing OSINT for Personal Insights.

Fixxx

Fixxx

Moderator
Judge
Elite
Ultimate
Legend
Joined
31.10.19
Messages
813
Reaction score
1,766
Points
93
1747476738669.png

OSINT is a highly effective way to gather information about a person. The modern reality is such that those who want to learn more about you no longer need to spend a long time collecting information from various material sources. You essentially write a dossier on yourself through your social media, comments on friend's posts, etc. The investigator only needs to analyze all the information you provide and structure it. So, now we will talk specifically about the methods and tools of OSINT.


How does it all work?

In fact, all OSINT boils down to analyzing all the available information about a person on the internet. For this you need to find it and there are two paths: manual search and automation. Manual information search is rarely relevant, only when you need to search on very specific sites or on sites that are not analyzed by available tools (or if you need to analyze one or two sources and it makes no sense to use tools). In automated searches, there is an intermediary between you and the search process - your framework. It performs searches across hundreds of different sources, providing you with the gathered information. All you need to do is analyze and structure it, as well as draw conclusions (although this function is gradually being taken over by programs). Overall, it’s clear that automation is much better. For example, one of the best tools for searching by username (called Snoop, which I will discuss later) searches at least 500 sources. Doing this manually would take you about an hour and a half, while the program takes less than two minutes. As we have already understood, all operations can also be performed with a simple Google search, but OSINT tools are much more convenient. Let’s take a look at the available tools.


OSINT Tools

1747476831537.png

The main tools for searching open sources are tools for:
  • Information gathering;
  • Analysis and visualization (especially useful if you are conducting a full investigation);
  • Monitoring the emergence of new information (useful if you are using social networks for intelligence and the target is actively using them);
  • Analyzing websites and searching for vulnerabilities on servers (this is a separate large topic, which I will not cover in this article).

Information Search

Let’s start with the simplest (but not always) - information search. There are many different options for what we might be given. It can be anything from a photo of a car to some personal data. In fact, if you know the real name of the target, you can easily find them on social media (with very rare exceptions) and then you will learn everything about who the target communicates with, where they live, etc. Even if the target's profile has no photos, but has at least one friend, you can still find out at least the city of residence and under certain fortunate conditions - everything down to the house and floor. Once you know the username in at least one social network, you can try to find that person in other social networks, as people tend to use similar usernames across different services.

Regarding tools for searching by name and username:
  • Maryam - like everything in this selection, it's an open-source tool. In principle, it's one of the most multifunctional search tools. It works well for searching by real name and by username. Available on GitHub.
  • Snoop - I mentioned it earlier. Snoop is indeed one of the fastest and most powerful tools for searching by name. It uses about 500 sources to gather information. It's an open-source tool, but there is also a paid version that simply uses more sources for information gathering.
  • Alfred - a utility for gathering information and identifying accounts on social networks. I learned about this program not long ago and don't have much experience using it.
Next, searching by location is also important: when we have a couple of photos and need to find out where they were taken. There are many tools available for this; in fact, you can even use plain Google Maps, but there are more convenient tools:
  • DualMaps - in short, this is simply Google Maps from two different perspectives along with Google Street Viewer. This can be useful, for example, if you don’t have the option to use a second monitor and switching between windows is inconvenient.
  • demo.f4map - a well-detailed 3D map. It can be useful if you need to "peek" into a courtyard or view a city in 3D. Interestingly, in some cases, it offers more detailed mapping than even Google Earth.
Now, a bit about searching by email:
  • haveibeenpwned.com - checks if an email has been found in leaked databases;
  • Ghunt - searches for information about the owner of a Google account;
Maryam also has some capabilities for searching by email. Let’s not forget about searching by phone number:
  • PhoneInfoga is one of the best programs for this. I won’t dwell on it - everyone knows how to use Google.
Structuring and Analyzing Collected Information
After gathering information, it needs to be properly structured and analyzed. You can use several tools for this. Personally, I like to represent information in the form of a graph, similar to what you see in detective stories (a board with evidence). I like to use Obsidian for this. It works well for building graphs and representing knowledge, so it’s suitable for this purpose as well. Another program is TheBrain.

Analysis and Monitoring of Social Networks

A good analysis of social networks can be useful, for example, if you need to better understand someone’s social circle and interests. Here, we can use simple tools that search for mentions of a person or a topic in social networks:
  • Social Searcher - tool for monitoring social networks. It’s a specialized search engine that looks for mentions of what you tell it.
  • Google Alerts - notifies you of the appearance of specified information. You can use this tool to monitor information about your target.


Practice

OSINT is largely a practical activity. This skill needs to be honed, and now I will tell you where and how.
  • Try conducting your own investigation. You can attempt to find information about one of your acquaintances.
  • Codeby.games - a decent service where, among other tasks, there is a category for OSINT. There are various tasks, both complex and simple.
  • Osint Tasks Bot - a Telegram bot that provides and checks OSINT tasks, mainly focused on map and location searches.
These are the main ways for practice. The most effective one is the first (conducting an investigation), as it allows you to fully experience OSINT.
 
You must log in or register to reply here.
Top Bottom