OSINT
OSINT stands for Open Source Intelligence, it’s the OSINT full form, and is one of the key aspects in understanding the cybersecurity that rules the Internet these days.
The term OSINT comes from many decades ago, in fact, US military agencies started using the term OSINT in the late 1980’s as they were re-evaluating the nature of information requirements in tactical levels under battlefields. Then in 1992, the Intelligence Reorganization Act determined the main goals of intel gathering included key concepts like:
- Must be objective intelligence free of bias
- Data must be available on public and non-public sources
While the concept of OSINT has evolved since then, as it does not include the non-public sources, the concept originates from that time.
Open source intelligence (OSINT) is information collected from public sources such as those available on the Internet, although the term isn’t strictly limited to the internet, but rather means all publicly available sources.
“OS” (from OSINT) means Open Source. In this case, it is not related to the famous open source movement, but to any publicly available source where the user can obtain the information in their intelligence data collection.
The key word behind OSINT concept is information, and most importantly, information that can be obtained for free. It doesn’t matter if it is located inside newspapers, blogs, web pages, tweets, social media cards, images, podcasts, or videos as long as it is public, free and legal.
With the right information in your hands, you can get a great advantage over your competition, or speed up any company/people investigation you are in charge of.
Intelligence:
1- open source
2- public
3- free
4- legal
OSINT Examples
With the right information in your hands, you can get a great advantage over your competition, or speed up any company/people investigation you are in charge of.
But OSINT is even simpler, you know; many of us associate OSINT to cyber war, cyber attacks, cybersecurity, etc. And while those things are a part of it, OSINT is much more explicit and uncomplicated.
OSINT examples include:
- Asking questions on any search engine.
- Research public forums on how to fix your computer.
- Watch a youtube video on how to make a birthday cake.
As you see, you don’t need to be a hacker to use OSINT in your daily life: you’re already using it, you just might have not known it.
However, since we are focused on modern OSINT for the cybersecurity fields, we will now take a look at how your company or project can benefit from it.
OSINT Techniques and Resources
However, since we are focused on modern OSINT for the cybersecurity fields, we will now take a look at how your company or project can benefit from it.
Active Osint:
- Direct contact with the target
- More reliable results
- High risk of detection
- Example: port scanning
Passive Osint:
- Contact based on third-party services
- May include false positives and noise
- Low risk of detection
- Example: Security APIs
Let’s take a look into the most popular OSINT techniques used in cybersecurity:
- Collect employee full names, job roles, as well as the software they use.
- Review and monitor search engine information from Google, Bing, Yahoo, and others.
- Monitoring personal and corporate blogs, as well as review user activity on digital forums.
- Identify all social networks used by the target user or company.
- Review content available on social networks like Facebook, Twitter, Google Plus, or Linkedin.
- Access old cached data from Google – often reveals interesting information.
- Identify mobile phone numbers, as well as mail addresses from social networks, or Google results.
- Search for photographs and videos on common social photo sharing sites, such as Flickr, Google Photos, etc.
- Use Google Maps and other open satellite imagery sources to retrieve images of users’ geographic location.
- Never forget about the all-powerful OSINT Framework by Justin Nordine, which can be a great source of inspiration for any OSINT investigation
What is Doxing?
Doxing (also seen as ‘doxxing’), an abbreviation for “Dropping Documents”, is a type of cyberattack where the attacker steals the victim’s personal information and leaks it onto the internet.
Usually, the goal of doxing is to harass or shun the victim in some way.
And unfortunately, doxing is more common than you’d think. All sorts of people get doxed. It doesn’t matter whether you’re a celebrity or just an Average Joe.
In order to avoid doxing, it’s very important to be careful with the type of information you put up on the internet.
What Information Do Hackers Need for Doxing?
Doxing (also seen as ‘doxxing’), an abbreviation for “Dropping Documents”, is a type of cyberattack where the attacker steals the victim’s personal information and leaks it onto the internet.
For a doxing attack, hackers usually look for information such as:
- Real name / last name
- Email address
- Phone number
- Social media profiles
- Address or location
- Employer
- Bank account or credit card information
Reza Golzar Doxing
Name & Family: Mohammad Reza Golzar
Weight: 84Kg-87Kg
Height: 5′ 10″ (1.77 m)
Birthday: March 21, 1977
Name of the Day: Monday
Interesting(Food): ghormeh sabzi instant pot, pasta
Interesting(Car): Laferrari
Interesting(Sport): Volleyball, Ice Skating
Interesting(Color): Black
Interesting(Book): هر روز برای همان روز
Interesting(Song): Enrique, Adele, Linkin Park, Evanescence
IMDB: nm1441481
Instagram: rezagolzar
Education: Islamic Azad University
Instrument: guitar,voice
Interesting(Friends): Majid Shidvash, Amin Hayaiee, Mahdi Hejrati, Barsam Radpooya,
Janathan Behroozi, Alireza Ashkan, Seyed Milad Torabi
Family: Parviz Golzar, Shahnaz Golzar, Alireza Golzar, Bardia Golzar, Atousa Golzar
Net Worth: $ USD 5 Mil
Email(1 st):
rezzar@gmail.com
golzar@gmail.com
g5115f25d4a6a7
SXB4V7GG6ZG7932
B4V7GG6Z
Macavisole101
Macavisole5115
Email(2 st):
hamidreza20@gmail.com
9979tanaz
9979tanaz!@#
hamidreza20
hamid9979
Hamidhamid9979
Phone(3 st):
00989121464288
Card:
6104********9074
Cars:
۲۷ ج ۴۳۳ ایران ۸۸
Shopping:
Shopping:
Home:
The Corporate Suites at Burj Khalifa