Open-source Intelligence

Make sure you read up on how each tool is used so you don't look like a retard or damage your system trying to use them, especially with tools you have to download.

This page is a stub or is unfinished. (You) WILL help by expanding it.

Open-source Intelligence, commonly abbreviated as OSINT, is the act of gathering data, media, or anything identifiable/traceable through open-source^[1] outlets. OSINT is usually practiced and used by national security agencies, skids, and 'teens trying to dox literal whos (and are very poor at doing so).

This article will go more in-topic specifically about OSINT and the tools you can use for it, if you're willing to go the extra mile. If you want a general doxing guide, visit this page. Also, fair warning, some of the tools linked will require basic knowledge on how to use Python scripts. You don't need to know how to code necessarily, though it is good to check if your code is ever glowing. If you don't feel comfortable learning Python because it overstimulates your tranny nusoi brain, I've labeled which tools are GitHub Installation and which are websites you can use.

Before getting started...[edit | edit source]

Make sure you have good OPSEC (Operational Security) before starting. Having good OPSEC before committing to ruination can ensure that you won't be doxxed in retaliation for whatever you're doing. Having good OPSEC in general should be the normal for you anyways, think of it like digital sanitation. OPSEC is like you washing your hands daily, and OSINT like you investigating if someone doesn't wash their hands after wiping their ass or something.

Some OSINT-specific tips that can come in handy when handling with OPSEC are:

• Search yourself up using any and every link you can. You can look up your info in different amounts and times if you want to remain anonymous. If you find anything related to you, find it and DELETE IT INSTANTLY! A good site I recommend is pipl.com. You can also use these sites for OSINT against other people!
• Delete any and all social media you may have. Social media was designed to spy on you, just like phones.
• Don't tell anyone any private information about yourself. Private also includes personal which means your interests, views, style of writing and etc.
• Use common usernames and DON'T USE THE SAME USERNAME TWICE. This is where most people fuck up. Good usernames are things like colors, metals, or any commonly used word/username in general (i.e. Teal, Dye, Zinc).
• Never connect usernames with gamer-tags. That's how the guy behind #OpPayPal got caught.
• Consider using full disk encryption.^[2] The most vulnerable parts of any connection is at the local level.
• Make sure you remove EXIF data from any photos you upload online.
• When ordering stuff online, make sure it's safe on sites like Trustpilot. If a site is compromised or sketchy, and they have your billing information or credit card info, they can find out a lot about you.
• Search up your SSN in quotes to see if it's leaked, but BE CAREFUL!
• Hide your IP Address with a VPN or a Proxy. (This should be a no-brainer.)
• Call your mobile carrier and ask them to remove your number from white pages.
• If you're unable to delete an account with sensitive info on it, change everything about it.
• DO NOT CLICK ON RANDOM LINKS!!!!!!!!!!!!!! If you do, your IP or browser fingerprint will leak, and so will you if you do this.
• If you're really paranoid, remove all your plugins to reduce your browser footprint. You can check this at amiunique.org. Speaking of browser footprint, REJECT ALL COOKIES WHEN YOU HAVE THE CHANCE!
• Whenever you sign up or visit a website/download an app, check their privacy policy and see if you are comfortable with the data they may or may not collect. Whether that information is being sold off or not, there's always a chance a data breach happens and you're involved. Also, subpoenas.
• Regularly clear your clipboard and do not give any website access to your clipboard. Certain websites have been known to copy passwords upon login and save them once given via clipboard. Very popular with fake login websites, and is a clear identifier that one is.

Surface Level OSINT Tools[edit | edit source]

Here's a list of tools you can use for general OSINT. They're good for finding rough info on someone which you can then refine either by yourself or with stronger tools later in the article. Most of these tools just look up shit on Google or whatever browser you have in quotes.

Usernames/Social Media[edit | edit source]

• Sherlock (GitHub)
• Username Search (Website)
• IntelX (Website)
• SpiderFoot (GitHub)
• Creepy (GitHub)
• Twint (GitHub)
• Reddit Analyzer (Website)
• Google Advanced Search (Website)
• Awesome Telegram OSINT (GitHub)^[3]

Word of advice for usernames. Make sure you check each account manually to see if it's actually them. If it is, try and find any old usernames linked to said account and look that up in the search.

Emails/Phone Numbers[edit | edit source]

• Epieos (Website)
• IntelX (Website)
• Holehe (GitHub)
• Hunter.io (Website)
• Freecarrierlookup (Website)
• 441 [White Pages] (Website)
• FoneFinder (Website)

Websites/Networks[edit | edit source]

• ICANN Lookup (Website)
• Whois (Website)
• IPGeo (Website)
• MAC Address Lookup (Website)
• Robtex (Website)

People Searches[edit | edit source]

• Truepeoplesearch (Website)
• ThatsThem (Website)
• Whitepages (Website)
• Spokeo (Website)
• IDCrawl (Website)
• ZabaSearch (Website)
• Intelius (Website)
• Lullar (Website)
• Pipl.com (Website)
• PeekYou (Website)
• FamilyTreeNow (Website)
• BeenVerified (Website)
• PeopleFinder (Website)
• UniCourt (Website)
• Jail Base (Website)
• Public Records Directory (Website)^[4]

Images & Video[edit | edit source]

• EXIFdata.com (Website)
• Tineye (Website)
• Unredacter (GitHub)
• Pimeyes (Website)

Reconnaissance[edit | edit source]

• Maltego (Website)
• recon-ng (Kali)
• theHarvester (GitHub)

Archives[edit | edit source]

• archive.org (Website)
• archive.is (Website)
• ArchivedWeb (Websites)

Thurough OSINT Tools[edit | edit source]

These are the tools you use to refine searches if you haven't found anything yet. Some of these I already mentioned above, but are very much useful for more powerful OSINT. Can be used for proper doxxing.

• Sherlock (GitHub)
• Epieos (Website)
• Skiptracer (GitLab)
• Trape (GitHub)
• Creepy (GitHub)
• Maltego (Website)
• Canarytokens (Website)
• SpiderFoot (GitHub)
• theHarvester (GitHub)
• Metagoofil (Kali)

Closing Notes[edit | edit source]

I know it's none of my business, but please don't use any of the information I've provided against anyone who doesn't deserve it. I made this list so we, as a collective, could do good in this world and not just be the bald man with glasses website. Respect my wishes, out of the goodness of your hearts, Thank you.