OSINT
What is OSINT?
OSINT, or Open Source Intelligence, is the collection and analysis of publicly available information for security, investigation, or research purposes.
Examples
- A security analyst reviews public domain records, breached credential mentions, and employee social media posts to understand the organization's exposure.
- A red team gathers public information about company staff, offices, and technologies before simulating a phishing campaign.
Discover 🔎
A surprising amount of useful information can be gathered without breaking into anything. Company websites, job postings, public documents, social media accounts, domain records, forum posts, code repositories, and many other open sources can reveal details about people, systems, technologies, and business activity. Collecting and interpreting that information is known as OSINT.
OSINT matters because public information can be useful to both defenders and attackers. A security team may use it to understand exposure and risk. An attacker may use it to build a convincing phishing lure or identify likely targets. The same information source can support protection or abuse depending on who is using it.
Summary 📝
OSINT is the process of collecting and analyzing publicly available information for security, investigation, or research. It is valuable because open information can reveal real risk, support investigations, and improve organizational awareness. The strongest OSINT comes not from collecting everything, but from interpreting public information carefully and responsibly.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.