What are the OSINT techniques?

The internet has transformed everything around us from learning & education to healthcare and government communications reaching towards social interaction which obtains the utmost impact. The swift increase in people sharing their lives and thoughts over the cyber space provides an extra mode to the security agencies to acquire data on the current scenario in society. This type of collecting intelligence from open sources over the world wide web is termed as Open Source Intelligence (OSINT).

What is OSINT?

OSINT stands for open source intelligence, which is known for any data that can lawfully be gathered from free, public resources regarding a person or organization. It is the insight gained from processing and analyzing public data sources such as broadcast TV and radio, social media, and websites.

How does OSINT work?

OSINT is achieved by ingestion of video, image, audio, and text data from public domain data sources and analyze the ingested data to yield insights from across all data sources. The analysis is basis the machine learning and deep neural network algorithms which facilitate the system to study from the information to accomplish and enhance recognition of patterns, trends, and associations.

By usage, several OSINT techniques are used by government & military agencies, however, they can also be applied to your own company, as well. Some may work, some may not, but that’s part of the OSINT strategy – you will have to identify which sources are good & relevant for your research.

Popular OSINT techniques used in cyber security

• Gather employee full names, job roles, as well as the software they use.
• Assess and monitor search engine information from Google (especially using Google Dorks), Bing, Yahoo, and others.
• Monitoring personal and corporate blogs, as well as evaluate user activity on digital forums.
• Identify various social networks used by the potential user or organization.
• Evaluate content available on social networks like Facebook, Google Plus, Linkedin or Twitter.
• Utilize people data collection tools like Pipl, who will help you to reveal a lot of information about individuals in one place, altogether.
• Access old cached data from Google – often reveals fascinating information.
• Exploring old versions of websites to reveal the most important information using sites like the Wayback Machine.
• Recognize mail addresses, mobile phone numbers from social media networks, or Google results.
• Look for photographs & videos on common social photo-sharing sites, like Flickr, Google Photos, & more.
• Utilize Google Maps and other open satellite imagery sources to retrieve images of users’ geographic location.
• Utilize tools like GeoCreepy to track down geographic location information to have a clear picture of the users’ current locations.
• Utilize automated OSINT tools to retrieve information, such as Spiderfoot or us.
• Utilize popular OSINT extensions that include useful sources like OSINT Browser.
• Exploring of DNS Services, as well as domains, subdomains, and IP addresses utilizing our own SecurityTrails toolkit.
• Run port scanners against the target company server infrastructure to discover running services.
• Utilize tools to search for internet-connected devices like Shodan used by your target.

However, after you’ve acted towards carrying out OSINT research, you’ll have plenty of data to analyze. That’s when you will have to refine your results and carry a detailed search for all the necessary things you need & discard the rest.

Open Source Intelligence (OSINT) Platform from Sunartek

Sunartek’s Open Source Intelligence Platform is an innovative cyber intelligence solution designed to meet a wide range of operational needs for enterprises, cyber analytic professionals, banking and government agencies. The system is primarily utilized for national security, law enforcement and business intelligence functions.

Prime features:

a) Scanning: The system can scan huge number of data in a matter of few minutes and give the operator a complete picture of the social media accounts and activities of the target.
b) Query/Search: Sunartek’s solution can take any form of input identifier, i.e. either a phone number or email address to get all information associated with it. The solution has multiple search options based on mobile number, email, keyword, sentences, group names etc.
c) Geo-Fencing or Location Based Search: Our technology allows the operator to carryout area searching to get all activities performed or ongoing in that geographical area.
d) Result Visualization: Our graphic visualizers give power to user to get searched results into graphical view between targets and activities.

In a nutshell, pushed by the huge technological advancement and the wide prevalence of internet communication worldwide, OSINT becomes a critical component of both public and private intelligence, supplying businesses, governments, and individuals with a plethora of tools and techniques to gather intelligence from high-quality information to the base and make decisions on.