πŸ” What is OSINT?

Open Source Intelligence (OSINT) refers to collecting and analyzing publicly available data to uncover valuable information. It’s widely used in:

  • πŸ”΄ Penetration Testing & Red Team Recon
  • πŸ”΅ Threat Intelligence & Blue Team Defense
  • πŸ•΅οΈβ€β™€οΈ Criminal Investigations & Digital Forensics
  • 🏒 Corporate Risk & Brand Monitoring

Examples of OSINT sources:

  • Websites, Social Media, Forums
  • Public Databases (WHOIS, DNS, GitHub)
  • Pastebins, Breached Data Dumps
  • Metadata in files & images

🌐 What is the OSINT Framework?

πŸ”— https://osintframework.com

The OSINT Framework is a web-based directory of hundreds of categorized tools. It’s your starting point for manual or automated OSINT investigation. Organized by target types:

  • πŸ“§ Emails
  • πŸ‘€ Usernames
  • πŸ–₯️ IPs and Domains
  • πŸ“± Social Media
  • πŸ—ΊοΈ Geolocation
  • 🌐 Dark Web

πŸ’‘ It’s not a tool itself, but a map of tools.

πŸš€ How to Use the OSINT Framework (Step-by-Step)

Let’s say you’re investigating the domain: suspicious-payments.com

βœ… Step 1: Check WHOIS Info

whois suspicious-payments.com

Also try: ViewDNS.info, WhoisXML

βœ… Step 2: Analyze DNS Records

dig suspicious-payments.com any

Or use: DNSDumpster, MXToolbox

βœ… Step 3: Investigate Email Addresses

Search with:

βœ… Step 4: IP Address Intelligence

curl https://ipinfo.io/198.51.100.12

Try: AbuseIPDB, Shodan, Censys

βœ… Step 5: Username & Social Media Footprint

python3 sherlock.py suspicioususer

Use: WhatsMyName, Namechk

βœ… Step 6: Dark Web Search

Try:

🧰 Top Tools to Combine with OSINT Framework

Tool Purpose
Spiderfoot Full automation (GUI/CLI)
Recon-ng Modular CLI OSINT scanner
Twint Twitter scraper (no API needed)
Metagoofil Extract metadata from documents
Maltego CE Visual link analysis

πŸ§ͺ Real-World Use Cases

🎯 Red Team Recon

  • Map subdomains, employee emails, GitHub tokens
  • Identify login portals, exposed buckets

πŸ”΅ Blue Team Monitoring

  • Detect leaked credentials
  • Monitor dark web mentions of brand/company

πŸ•΅οΈβ€β™‚οΈ Criminal Investigations

  • Track online aliases, image metadata, court records
  • Correlate social media with real identity

πŸ’‘ OSINT Script Example

#!/bin/bash
domain=$1
whois $domain > whois.txt
dig $domain any > dns.txt
xdg-open https://dnsdumpster.com/
xdg-open "https://www.virustotal.com/gui/domain/$domain"

βœ… Tips for Beginners

  • Use a VPN or VM during OSINT tasks
  • Record everything in structured Markdown or PDF
  • Start with emails, usernames, or domain names
  • Combine multiple tools for deep profiling

πŸ” Pro Blue Team Tips

  • Set Shodan & HaveIBeenPwned alerts
  • Monitor Pastebin, GitHub, and Dark Web for leaked tokens
  • Use Spiderfoot for regular passive scans on org domains

πŸ“š Quick OSINT Resource Pack

Name Link
OSINT Framework https://osintframework.com
Spiderfoot https://www.spiderfoot.net/
Recon-ng https://bitbucket.org/LaNMaSteR53/recon-ng
Maltego CE https://www.maltego.com/downloads/
WhatsMyName https://whatsmyname.app/
Twint https://github.com/twintproject/twint

🧠 Final Thoughts

The OSINT Framework is a must-have resource for any cybersecurity enthusiast, red teamer, or threat hunter. With the right tools and techniques, you can uncover massive amounts of valuable informationβ€”all legally and ethically.

🏷️ Tags

#OSINT #CyberSecurity #RedTeam #BlueTeam #Maltego #Spiderfoot #ThreatIntel #Reconnaissance #EthicalHacking #CTI #DFIR