Basic Knowledge

Open-Source Intelligence (OSINT)

CyStack image

Trung Nguyen

CEO @CyStack|May 24, 2023


When cybercriminals choose a business to attack, the first thing they do is gather intelligence from the target. They usually roam the Internet to collect public information from Open-Source Intelligence (OSINT). An enormous data of legal intelligence is from the business’s social media presence or any online activities that help the criminals get well-prepared for a cyberattack plan.
So, what is Open-Source Intelligence (OSINT)? Is this a good tool for threat actors, or can cyber defenders utilize it to prevent security breaches? How does each side use this tool? And what is the ethic of OSINT? We will cover all the questions and help you understand this digital footprint better in this article.

The Definition of Open-Source Intelligence (OSINT)

OSINT is searching and gathering intelligence from a legal public source on the Internet. Intelligence has two main types:

  • Public documents like press release statements, company financial reports, or online articles.
  • Public media types like videos or images.
  • Note that if you find information from a confidential source or a specific source type, it is not called OSINT. It is just a different type of intelligence gathering.
    In addition, when cybercriminals do OSINT, they often use advanced analytic techniques such as Artificial Intelligence or Machine Learning to extract deep insights from a large volume of data.

    How is OSINT used?

    Two common groups utilize OSINT: cyber attackers and defenders, with different purposes.

    Cyber defenders

    In today’s digital age, a company has to stay active online to keep its customers and partners posted. Website or social media channels have a massive amount of information about the internal asset of the company, such as employees’ names, the company’s address, device IP, and configuration. Cyber defenders’ job is to control public information that does not contain sensitive data, which can turn into vulnerabilities for attackers. They also have to think about a defensive strategy to prevent attacks from intelligence that somebody can gather on the Internet. Here are some common ways cyber defenders use OSINT.

  • Threat Intelligence
  • Incident Investigation
  • Cyber attackers

    Just like a military attack, the cyber attacker must have a complete overview of the company to build a threat model and perfect attack plan. They can silently do it by utilizing the OSINT tool. Some of the common ways threat actors can use OSINT:

  • Reconnaissance
  • Social Engineering
  • Exploit Technical Publicly Intelligence:
  • Monitor Security Activities
  • OSINT Tools and Techniques

    With the emergence of big data, you can use OSINT by mastering these tools and techniques.

    Open-Source Tools

    If you study OSINT, you must know popular tools such as Maltego , Spiderfoot, Spyse , Intelligence X, or Shodan. They have different features but serve the same purpose to identify security vulnerabilities.

    Search Engines

    Google, Bing, and Yahoo contain a vast amount of public information. Also, it does have a filter feature to narrow down what you are seeking. Another search engine may be less popular but can yield much better and more accurate results. One reference is Searx – a free and open-source metasearch engine. It distinguishes itself from other particular queries because it does not track or save users’ data like Google or Bing.

    Social Media

    According to research , estimation shows that there are 4.89 billion social media users globally, equivalent to an enormous amount of intelligence that criminals can collect. Tools like Hootsuite , TweetDeck, or Sysomos are helpful for monitoring and gathering social media activities.

    (Hootsuite – most popular social media tracker tool)

    Website Scraping

    Most companies have their websites. Web scraping extracts information from their HTML code to gather intelligence, such as contact information, product details, customer reviews, social media posts, and more. You can use tools like BeautifulSoup or Scrappy to extract libraries, Octoprase or Parsehub to get specific data, and custom scripts from programming languages like Java, Python, and Ruby.

    (A Python Web Scraping Technique)

    Big Data Analysis

    Getting data is insufficient; you must analyze it to identify patterns or trends. It is where data analysis comes in by utilizing tools such as Python or PowerBI.

    Extensive data analysis is critical to OSINT, as it allows for analyzing large volumes of data from various sources to identify patterns, trends, and insights. With the rapidly growing amount of data generation, the ability to extract meaningful information from this data is becoming increasingly important.
    It involves using advanced analytical tools and techniques to process and analyze large datasets. The intelligence may include data from social media platforms, online forums, news, and other public data sources. Some examples of big data analysis techniques used in OSINT include text analytics, network analysis, AI/ML, and data visualization.

    Ethical – Most Valuable Practice of OSINT

    When you use OSINT, it is compulsory to do it ethically and make it comply with legal laws and regulations. Here are some ethical considerations for OSINT:

    Respect Applicable Laws and Regulations

    OSINT activities must comply with laws and regulations that government uses to enforce intelligence activities. Some rules and regulations that you should know include General Data Protection Regulation (GDPR), Computer Fraud and Abuse Act (CFAA), and Electronic Communications Privacy Act (ECPA). If you fail to follow, severe penalties and lawsuits will damage your finances and reputation.

    Verify Intelligence Accuracy and Avoid Bias

    As OSINT is for critical decision-making, false intelligence can lead to a negative impact. Therefore, before using it, you should always ensure the intelligence is collected from trusted sources such as government websites, academic papers, or official newspapers. Do multiple checks to verify the source’s credentials and carefully look for inconsistencies in context or meaning, as inconsistent points can result in the integrity of the intelligence. You can plan a solid and structured approach before harvesting information on the Internet. In addition, the information should not come from only one personal opinion or influencer as it is biased intelligence. There are helpful tools that we recommend to you, like and PolitiFact for intelligence from a website, Google Images for any image search, and Tableau or Google Data Studio for data visualization to check the bias and accuracy verification.

    Respect Privacy and Use Intelligent Responsibly

    Even if the intelligence is publicly disclosed, it still belongs to an organization or individuals. Therefore, ask for permission from the owner to use it first and do not try illegal ways to steal it. Don’t manipulate intelligence for immoral purposes like harassment, threats, and blackmails. Furthermore, when intelligence is in your hand, treat it like your personal asset by creating secured storage, regularly monitoring and managing, and avoiding giving intelligence to too many people as it will bring potential security threats.


    In conclusion, OSINT is such a valuable and essential tool for business in the modern world. It could revolutionize several industries and help solve critical social concerns. However, we should always be responsible and ethical when utilizing OSINT, strictly complying with international laws and regulations. That’s how we ensure its impact is positive and beneficial to society.

    Bài viết liên quan

    Penetration Testing
    Penetration Testing
    24/05/2023|Basic Knowledge

    What Is Penetration Testing? Image by ra2 studio on Shutterstock Penetration testing (pen testing) is a simulated and authorized attack against an organization’s systems, infrastructures, and networks to identify vulnerabilities and weaknesses that hackers could exploit. The testers employ the same techniques and tools as hackers, such as social engineering , phishing, network scanning, and […]

    Cloud Security
    Cloud Security
    24/05/2023|Basic Knowledge

    How to Secure Your Cloud Environment: Best Practices and Strategies Image by macrovector on Freepik Businesses are migrating from on-premises infrastructure to the cloud to take advantage of cloud-based infrastructures’ flexibility, agility, scalability, innovation, and cost-effectiveness. In this rush, it’s easy to overlook security and focus on speed and operability, leaving systems vulnerable to breaches. […]

    Data Privacy
    Data Privacy
    24/05/2023|Basic Knowledge

    Data Privacy in the Workplace: Balancing Employee Privacy and Business Needs Image by VideoFlow on Shutterstock No employee wants to work a job where they feel like all their activities are monitored by a  “big brother.”  But sadly, the increasing amount of data collected and stored by businesses has made maintaining employee privacy a complex […]