OSINT

What OSINT actually is (and isn't)

A grounded primer on open-source intelligence: where it comes from, what it can do, and how it differs from surveillance or hacking.

Open-source intelligence — OSINT — is the practice of collecting and analyzing information from publicly available sources. That single sentence covers a lot of ground, and it is often misunderstood. This post clears up the basics.

Where OSINT comes from

“Publicly available” does not mean “easy to find.” OSINT sources include:

  • Websites, blogs, and news archives
  • Social-media profiles and posts
  • Public records, filings, and registries
  • Maps, satellite imagery, and street-view imagery
  • Code repositories, paste sites, and technical databases
  • Metadata embedded in documents and images

The defining feature is that the data is accessible without breaching a system or misrepresenting yourself to obtain it.

What OSINT is not

OSINT is not:

  • Hacking. If you bypass authentication, exploit a vulnerability, or steal credentials, you have left OSINT behind.
  • Social engineering. Pretexting, phishing, and impersonation are separate disciplines with different legal and ethical guardrails.
  • Surveillance. OSINT analyzes data that already exists; it does not systematically track a specific person without cause or consent.
  • Always anonymous. Many OSINT investigations leave a footprint. Visiting a profile, downloading a file, or running a search can be logged.

The analysis matters

Collecting data is not the same as producing intelligence. Raw data becomes OSINT when it is evaluated for relevance, cross-referenced, and turned into insight. A list of social profiles is data. A timeline showing how a threat actor’s infrastructure evolved is intelligence.

Key takeaway: OSINT is legal in most jurisdictions when it stays within public sources, but legality does not erase ethical obligations. Document your sources, respect platform terms of service, and ask whether the information serves a legitimate purpose.

When OSINT is useful

Common, legitimate uses include:

  • Mapping an organization’s public attack surface
  • Verifying claims during a breaking event
  • Investigating fraud, abuse, or impersonation
  • Supporting journalism, due diligence, and academic research
  • Personal digital-footprint audits

Getting started safely

If you are new to OSINT, begin with your own footprint. Search your name, usernames, and email addresses in a sandboxed browser session. Note what you find, then decide what you want to reduce or remove. It is the safest way to learn the mechanics before working on real investigations.