According to U.S. public law, Open Source Intelligence (OSINT):
Is produced from publicly available information
Is collected, analyzed, and disseminated in a timely manner to an appropriate audience
Addresses a specific intelligence requirement
The important phrase to focus on here is “publicly available.”
The term “open source” refers specifically to information that is available for public consumption. If any specialist skills, tools, or techniques are required to access a piece of information, it can’t reasonably be considered open source.
Crucially, open source information is not limited to what you can find using the major search engines. Web pages and other resources that can be found using Google certainly constitute massive sources of open source information, but they are far from the only sources.
For starters, a huge proportion of the internet (over 99 percent, according to former Google CEO Eric Schmidt) cannot be found using the major search engines. This so-called “deep web” is a mass of websites, databases, files, and more that (for a variety of reasons, including the presence of login pages or paywalls) cannot be indexed by Google, Bing, Yahoo, or any other search engine you care to think of. Despite this, much of the content of the deep web can be considered open source because it’s readily available to the public.
What type of information is considered OSINT?
Information can also be considered open source if it is:
-Published or broadcast for a public audience (for example, news media content)
-Available to the public by request (for example, census data)
-Available to the public by subscription or purchase (for example, industry journals)
-Could be seen or heard by any casual observer
-Made available at a meeting open to the public
-Obtained by visiting any place or attending any event that is open to the public
How does a Process Server use OSINT?
To close things out, we’ll take a look at some of the most commonly used tools for collecting and processing open source intelligence.
While there are many free and useful tools available to process servers and licensed private investigators, some of the most commonly used (and abused) open source intelligence tools are search engines like Google — just not as most of us know them.
There are a series of advanced search functions called “Google dork” queries that can be used to identify the information and assets they expose.
Google dork queries are based on the search operators used by IT professionals and hackers on a daily basis to conduct their work. Common examples include “filetype:”, which narrows search results to a specific file type, and “site:”, which only returns results from a specified website or domain.
Example:
“Brandon LaVan” filetype:pdf
This search will specifically search for the name "Brandon LaVan", and the results will only be in .pdf format.
"Lake Charles" site:youtube.com
This search will specifically search for the term "Lake Charles", and the results will only come from Youtube.com.
Moving beyond search engines, there are literally hundreds of tools that can be used to locate information. For example, you can use Tools.Epieos.com if you have an email address but no name to match it with.
Of course, the examples given here are just a tiny fraction of what is possible using open source intelligence tools. There are a huge number of free and premium tools that can be used to find and analyze open source information, with common functionality including:
-Metadata search
-Code search
-People and identity investigation
-Phone number research
-Email search and verification
-Linking social media accounts
-Image analysis
-Geospatial research and mapping
-Wireless network detection and packet analysis
For more tools and techniques involving OSINT, here's a link to a FREE guide that I put together to add to your toolbox:
Comments