OSINT Every Day Update
1. Strategy & Governance (Direction, Feedback, Ethics)
Focus: Mitigating Legal and Operational Risk
– Core Definition and Purpose:
– OSINT is fundamentally defined as an outcome, not merely the collection of data or reliance on tools.
– This perspective aids in mitigating “collection fatigue”.
– Ethical Dilemma: AI Prompt Monitoring
– Entities like Meta are utilizing user prompts provided to AI systems for targeted advertisement.
– This development reinforces the principle that users of “free” LLM services are often the product.
– Legal Corner: Prompts and Warrants (Geolocation: US)
– The Department of Homeland Security (DHS) ordered OpenAI to share user data in the first known warrant for ChatGPT prompts.
– Security Recommendation: When using LLMs for OSINT investigations, investigators should create a sock puppet account for those prompts.
– OPSEC Review: Isolated Environments
– Commercial platforms offer features to ensure secure, isolated environments for investigative work.
– Features provided include persistent virtual desktops and phones, real carrier-based SMS delivery for reliable One-Time Passcodes (OTPs), and residential IP connectivity selectable from hundreds of global locations.
– OSINT for Malicious Use: Publicly available information can be used for negative outcomes such as swatting, stalking, and arson, demonstrating that anything shared online may be used for unethical purposes.
2. Collection Modalities Deep Dive (Collection)
Focus: Foundational Skill Building and Efficiency
– Dorking Drill: Basic Operators
– Effective OSINT often requires leveraging basic, powerful tools, such as the Google search operators: site: and filetype:.
– Email OSINT Methodology Summary:
– Email Lookup (Discovery): A search starting with a name, company, or domain to find an associated email address.
– Reverse Email Lookup: A search starting with an email address to determine who owns it, what accounts are linked, and what breach hits are available. This method is typically preferred by OSINT investigators.
– Tool Overviews (Document and Vehicle Identification)
– Vehicle AI (Web App):
– Overview: Designed to identify a vehicle’s make, model, and approximate range of years from an image.
– Note: The tool currently throws an error when processing images focused on vehicle interiors.
– DocuFinderJS (GitHub):
– Overview: Scans specified target domains to uncover publicly accessible documents, including PDFs and spreadsheets.
– Purpose: Used primarily for identifying exposure of sensitive data via document leakage.
– OSINT Bookmarklets (GitHub):
– Overview: A collection of OSINT utilities provided as browser bookmarklets.
– Key Highlight: The Facebook Marketplace User tool is noted as particularly valuable.
– BF Database Search (Web App): Allows searching for a username used on Breach Forums to find associated email addresses and IP information.
– WebRecon (GitHub):
– Overview: An OSINT multi-tool for penetration testers and cybersecurity professionals.
– Automated Functions: Web crawling & data extraction, technology stack detection, email harvesting, DNS intelligence & WHOIS lookup, historical analysis via Wayback Machine, and professional JSON reporting.
3. Verification & Integrity Report (Processing, Analysis)
Focus: Countering Disinformation and Establishing Trust
– Email Validation Methods:
– Syntax Check: Confirming the classic “name@domain.com” structure.
– Mail Exchange (MX) Lookup: Essential verification that the domain exists via a DNS MX record.
– SMTP/TCP Handshake: A deep check using an SMTP probe to confirm if the mailbox is accepted. Automated probing may trigger abuse filters.
– Confirmation Email: The most definitive method, but should only be used if alerting the target is acceptable.
– Manual Pivoting and Username Extraction:
– Extract the local part (before the @) and use it as a username stem for searches.
– Try alternate providers (e.g., @gmail.com, @yahoo.com) with the extracted username stem.
– Generate plausible username variants using delimiter swaps (e.g., . or _).
– Geolocation Tool: GeoVLM (Web App)
– Overview: This tool uses AI to predict the location where an uploaded image was taken.
– No setup, scripts, or paywalls are required.
– Case Study Insight: OSINTing the OSINTers
– This case study demonstrated the value of structured analysis techniques over purely tradecraft-heavy methods for complex investigations.
4. Applied Intelligence Briefing (Dissemination, Analysis)
Focus: Demonstrating ROI and Real-World Impact
– CTI Roundup: Discovering and Tracking Data Breaches and Leaks
– Proactive monitoring involves establishing methods to identify data leaks and breaches as they occur.
– Investigators should use search engines, APIs, and specialized services to access compromised data while it is available.
– Ongoing monitoring should be set up to track the distribution of the compromised data after the initial leak.
– Security and Recommendations: Utilize aggregated checks rather than poking around raw leaks to ensure compliance with regulations such as GDPR or CCPA.
– Corporate Due Diligence Watch (Tips for China):
– A specific tip for OSINT regarding China is to create a list of every infrastructure company that conducts overseas business.
– Monitor the news and social media feeds of these identified companies.
– Investigative Focus Areas (Survey Data, October 2025):
– The main focuses of OSINT practitioners surveyed include entity of interest investigations, due diligence/background checks, and corporate/financial investigations.
– Other important areas of work include geopolitical analysis, mis/disinformation analysis, and fraud investigations.
5. The OSINT Frontier & Dev (Feedback, Direction)
Focus: Future-Proofing Skills and Strategic Foresight
– AI Integration Updates (Survey Data, October 2025)
– More than 50% of surveyed respondents reported using AI-based tools every day in their workflows.
– The most common application is for collection tasks (automating data gathering), followed by analysis (summarization) and processing (structuring data).
– Market Trends & Growth: Identified Skills Gaps
– The most frequently reported skill lacking in OSINT teams is technical proficiency, specifically in scripting, automation, and API-based data collection.
– Other common deficiencies include a lack of standardized methodologies and weakness in language skills (interpreting multilingual content).
– Training & Resources
– A 7-day free trial is available for the premium subscription.
– Law enforcement members are eligible for a complimentary premium subscription upon request.
– Upcoming Publishing Schedule:
– There will be no paid newsletter issue published on December 4, 2025.
– The final paid issue for 2025 is scheduled for December 18, 2025.