What’s inside
Methodology
Learn the 4-step OSINT investigation process and the professional 5-phase intelligence cycle used by practitioners worldwide.
Search & Discovery
Master Google Dorks, alternative search engines, social network investigation tools, and username enumeration techniques.
Technical Intelligence
Explore domain/IP/DNS analysis, network scanning, metadata extraction, and web scraping methodologies.
Specialized OSINT
Deep dives into geolocation, people investigations, company research, email/phone tracing, and data breach analysis.
Advanced Topics
AI-powered OSINT, blockchain tracing, transport tracking, dark web research, WiFi wardriving, and content verification.
Frameworks & Automation
All-in-one OSINT frameworks, Python automation scripts, and Maltego workflows for professional investigations.
Legal & Ethics
International legal frameworks, GDPR compliance, and the ethical checklist every OSINT practitioner needs.
Learning Resources
Books, certifications, courses, and communities to deepen your OSINT knowledge.
Core concepts
| Concept | Definition |
|---|---|
| OSINT | Intelligence obtained from public sources without violating logical or physical access |
| OPSEC | Minimize footprint: VPN → VM → alias → metadata strip |
| Intelligence Cycle | Direction → Collection → Processing → Analysis → Dissemination |
| PII | Information that identifies: email, phone, RFC, CURP, IP, IMEI, MAC |
| Primary Source | Original publication (tweet, official PDF, photo EXIF) |
| Secondary Source | Article citing the primary — always validate |
Quick reference: data types and star tools
| Data Type | Usual Location | Star Tool |
|---|---|---|
| Name | LinkedIn, Facebook | Maigret |
| Data breaches, newsletters | HIBP | |
| Phone | WhatsApp Business, TrueCaller | Infobel |
| Username | Forums, gaming, GitHub | Snoop |
| Photo | Geolocation, EXIF | ExifTool |
| Domain | WHOIS, certificates | Amass |
| IP | Scanning, Shodan | Shodan |
| Crypto wallet | Blockchain explorers | BlockCypher |