Gathering Information on a Target

Introduction to OSINT

Information gathering is critical to penetration testing in the field of cybersecurity. Knowledge is power; therefore, a good pentester should know how to perform reconnaissance activities and be able to glean important information from what is gathered. The most accessible process is known as Open Source Intelligence (OSINT), which involves information gathering from public sources. If you’ve ever received a call from an unknown number and saved that number in order to check the associated WhatsApp account profile, then congratulations, you’ve employed the use of a basic OSINT technique.

The OSINT process is used in many fields of life. A few scenarios are:

• Journalists write news reports using anonymous tips and perform Google reverse image searches on images they’ve been sent.
• Cybercriminals search for people to scam by looking through their Facebook and Instagram post history.
• Students in academia work on their various research projects or theses.
• Employers look for new recruits and perform background checks by accessing public records and social media accounts.
• Law enforcement works on criminal cases. For example, a criminal’s phone may be confiscated, and all the unsaved numbers on it may be passed through phone books and matched against social media accounts.

The sources of data for OSINT are tremendous, covering satellite imagery, public court records, social media posts, videos on anonymous image boards, threads on specialist forums, news articles, data leaks, website history, IP registration data, open directories, and many more.