3 misunderstandings about OSINT that many people make

OSINT is a method of taking advantage of publicly available resources on the Internet to find objects. This is a common way for cybersecurity professionals to research their attack targets. OSINT stands for “open source intelligence,” and it’s a broad field that encompasses many different sources and methods of tracing.

Top 3 misunderstandings about OSINT

OSINT includes many different types of studies and tracing. In general, if you’re looking for information that you’re authorized to access and you’re not interacting with your target or others, that’s OSINT. A well-functioning OSINT can help both red and blue teams make companies, computer systems, and networks more secure. Unfortunately, OSINT is often misunderstood by others.

OSINT are not doxxing

When I talk to other people doing OSINT, they tell me that other people think OSINT is doing doxxing! That’s a huge misunderstanding, because doxxing is a cyber threat and is often illegal.

What is doxxing? Doxxing, or “to dox” is a term that has emerged in the 21st century. It’s a fairly new word, but fortunately Merriam-Webster has defined it:

Definition of dox

transitive verbs

Unofficial

: to make public or private information about (someone) public, especially as a form of punishment or retaliation

… Facebook, like other platforms, wants to prevent users from being disturbed or harassed… – Karissa Bell

As a general rule, I support anonymity on the Internet and consider efforts by people to “remove” or “dox” anonymous Web commenters whose views they disagree with.— Damon Poeter

This is not the first time LAPD has been faked. In 2011, a group affiliated with the online hacker group Anonymous claimed responsibility for posting the personal information of more than 40 officers, including their home addresses, contributions, property records and names of members. family members after they claimed the LAPD had suppressed them by stamping out the Occupy LA Movement.— Christine Pelisek

Other words from dox

noun doxing or doxxing, plural doxings or informal doxxings

So doxxing involves disclosing information about targets that you are not authorized to access. Posting someone’s credit card number and identification number on a public forum is illegal and immoral. It constitutes an information security attack.

OSINT looks for information that you are authorized to access, but that is not breaking the law. Did you know that in the 20th century, most people’s phone numbers were written in a publicly released book? In the United States and Canada, almost every city or municipality has its own annual Yellow Pages (commercial) and White Pages (residential) books. Known phone numbers that will not be released are for people and organizations who specifically contacted Yellow Pages or White Pages to opt out.

OSINT is a process of collecting information without violating rights, for the purpose of keeping personal information confidential. Doxxing is the publication of information with the aim of harming a person, a company, and the published information need not be based on fact. And doxxing is unethical and often illegal, it’s not OSINT.

Google search is OSINT

Another common misconception is that using Google search is not OSINT. I think it’s because searching on Google is what most people do these days. It is not a suitable hacker skill.

But Google and other search engines are the tools to find publicly available information on billions of web pages. It is “open source” information and you can derive intelligence from it. Therefore, Google searches are OSINT.

There are also other search tools that cybersecurity professionals often use when performing OSINT:

  • Shodan to discover publicly exposed server and network devices
  • Startpage as another way to use Google’s search engine, but not be tracked
  • Ahmia.fi , to search for sites on the Tor . Network
  • Maltego, to get OSINT from various sources, complete with graphical breakdown
  • Recon-ng as a web spying tool

OSINT can be done Offline

Since OSINT is a term used in the hacker community, people sometimes assume that OSINT is always about computers and the internet. But that’s not true, OSINT can be done without the Internet using traditional research sources and techniques.

Public and academic libraries are still great sources of OSINT, in 2021 and beyond. Even with the Internet, there is information in older books that may not be available online. Not all of those old books have been digitized. There may also be newspapers and magazines that are several decades old or more.

Leave a Reply