OPEN-SOURCE INTELLIGENCE TOOLS

PART I by Harshvardhan Singh, B.Sc.


Introduction

OSINT is defined as intelligence that is produced from publicly available information which is collected, exploited, and are available to an appropriate audience to deal with a particular intelligence requirement has been widely acknowledged as the main source of valuable and cost-efficient intelligence. With the increase of prominent social media platforms, investigators are getting down to have a look at what social media must offer to help them. OSINT isn't a full-coverage solution. OSINT should be regarded simply as another tool within the intelligence analyst’s toolkit. OSINT is intelligence that is drawn from publicly available data. Most intelligence experts define that definition as information that can be consumed by the public. OSINT is the information that can be accessed without having any specialization or any skill to obtain such data, it includes sources such as newspaper content behind a paywall, or subscription journals that are only available to subscribers. It refers to all the publicly available information.


Generally, these sources vary from other platforms of intelligence gathering because OSINT sources must be legally accessible by the public without rupturing any privacy laws or copyright. For example, certain businesses can gain benefits from exploiting these resources to gather intelligence about their competitors.


Some major difficulties that OSINT analysts usually face are privacy and platform restrictions that serve both to safeguard the privacy of people and to guard the economic livelihood of the social media platforms. This work reviews existing social networking research to look at how it is applied to OSINT. As our contribution, we propose a greedy search algorithm for enabling the efficient discovery of personal friends on social networking sites and evaluating its performance on multiple randomly generated graphs and a real-world social network collected by other researchers. The important base for all the intelligence products is open-source intelligence but it can never replace the wholeness of the all-source effort. IT is cheap and easily available and at times often highly effective.


Sources of OSINT

  • Traditional media sources – print and broadcast media, radio, and TV.

  • Internet, which includes Wikipedia, YouTube, metadata and files, dark web and in particular anything that can be found online.

  • Commercial Online Premium Sources.

  • Hard copy or CD-ROM publications.

  • Maps and products are imagery.

OSINT sources are not the exclusive domain of staff dealing with intelligence. Intelligence limits access only to open sources. Rather, intelligence usually facilitates the use of open sources by all staff elements that require the gathering of relevant, reliable data. Familiarity with available open sources will place intelligence staff in the position of guiding and advising other staff elements in their own exploitation of open sources. (https://www.mdpi.com)


History

Internet revolution has turned the world into a small place. Unleashing the Internet network to billions of people worldwide to do stuff such as communicate and exchange digital data has made the entire world into what is now called the information age. No specific date is available when the term OSINT was first proposed or used anywhere; however, certain terms have been used for hundreds of years to describe the act of collecting intelligence through exploiting publicly available resources. Open-source intelligence predates the internet. It’s been a long the government has used newspapers and broadcasts to track potential adversaries of military, political, or economic plans and activities. The history of utilizing open-source information goes back to the emergence of intelligence as an instrument supporting a government’s decisions and actions. Post World War 2, as Colquhoun suggests OSINT has fallen out of fashion because now intelligence agencies are focusing on the world of HUMINT – human intelligence or SIGINT with signals and electronic intelligence.


OSINT is now more relevant than ever and plays a very vital role in gathering data as the rise of the internet and social media, and online tools have sifted through vast amounts of information. With the available data, the US military first has used the term OSINT in the late 1980s, stating that reform of intelligence was necessary that can cope with the dynamic nature of informational requirements which are especially required in the battlefield at the tactical level.


Benefits of OSINT


  1. Less dangerous: Publicly available data and information are used to gather intelligence that has no risk compared to other means of intelligence gathering such as human resources or spying especially in hostile nations.

  2. Cost-effective: OSINT is cost-effective compared with the other sources has others have their own cost. For example, using satellites or Human resources have their own costs.

  3. Accessibility: Ease of accessibility is always there in OSINT as the sources are always available no matter who you are and where you are. In addition to that, these are always up-to-date.

  4. Legal issues: No legal bound implied on OSINT. A large number of OSINT sources can be shared with each other without breaching any legal bound such as copyright license etc. as these resources are available publicly.

  5. Fighting against online sham: To find false products or services and direct law enforcement agencies to close such activities or to send warnings to culprits so that these practices can be stopped OSINT techniques can be used.

  6. To maintain political stability and national security: It is one of the most important characters of OSINT as it helps governments to gather data on large scale and understand their people’s attitudes motives so that government can act promptly as required.

Data Collection Methods


OSINT sources can be collected using 3 different methods: Passive, Semi-passive, and Active.

  • Passive Collection: It is the most used technique when it comes to collecting OSINT intelligence. The main aim of OSINT gathering is to collect data via publicly available sources. Therefore, all OSINT intelligence methods should use passive collection.

  • Semi-passive: This type of collection sends minimal traffic to the servers which are targeted to acquire general information about them. While using this technique we don’t implement in-depth investigation to the target’s online resources, but only investigate lightly without raising any alarm.

  • Active Collection: In this type, there’s a direct interaction with the system to gather intelligence about it. The target can become aware of the reconnaissance process since advanced techniques are used here to collect data. Social engineering attacks are also considered a type of active information gathering.

Challenges of OSINT


Intelligence gathering methodologies have their own limitations and OSINT is not spared from such this rule. Challenges faced during OSINT gathering are as follows:

  • The volume of data: Huge amount of data is produced while collecting OSINT that must be analyzed. There are tools available for this purpose and many giant organizations and governments have developed their own set of tools that are based on artificial intelligence. Later also the bulk amount of data remains a challenge for the OSINT gatherer.

  • Source’s reliability: Note in mind that OSINT sources that are used in the intelligence context need to be verified thoroughly by classified sources before they can be trusted.

Precautions


While OSINT is a handy tool for acquiring data, there are certain things that should be taken care of before indulging in OSINT

  • You are not the only one: As OSINT makes things very smooth to gather data on your competitors, the same is applicable for them too. Your threats and competitors can also gather information and data using OSINT tools.

  • Information should be applied practically: There will be no purpose of collecting data unless there is no set of plans of action or use data collected is defined. Sorting out the useful data from this vast number of collected data is difficult without the help of tools that are designed for this particular purpose. Tools that use AI and machine learning are necessary for OSINT to get the most out of it.

  • Information must be confirmed: Each and every piece of information that we fetch from the open sources must be checked and its accuracy should be confirmed. Individuals and companies sometimes deliberately deceive threats by posting information that is artificial and information that is false and has no accuracy or whatsoever. This situation can be tackled by AI and ML tools so that the information can be verified and analyzed.

Conclusion

  • Evolution is the rule of nature; the world of open-source intelligence will not remain stagnant; advancement in other technologies will pose a challenge to OSINT practice due to changes in the nature of data and the manner in which it is accumulated, and the same advancement in technology will improve OSINT practice's ability to deal with such challenges effectively. Since the inception of OSINT in the late 1980s, a lot has changed along with the advancement of technology. The revolution of Internet technology resulted in a paradigm shift. The widespread popularity of social media has enriched the accumulation of open-source content on the web.

  • OSINT is now being used in a variety of many other fields such as marketing, cyber security, political strategy analysis, and so on. The flood of data during this era was beneficial not only to law enforcement agencies and professional practitioners but also to threat actors. OSINT-based cyber security began to gain popularity, and corporate businesses began to use it for self-assessment in order to identify any potential security loopholes. By incorporating AI technology, OSINT has become more powerful and precise.

  • With the introduction of 3G internet services on smartphones, users were able to express their opinions and share a large amount of information about current affairs related to the surrounding area and their respective country to the rest of the world via social media applications that were freely accessible to the rest of the world. This has accelerated the growth of open-source data.


To be continued...


standby for our next blog by

by

Harshvardhan Singh, B. Sc.


Meanwhile, you can log in to the blog page to offer your comments.


For more details regarding updates on the new products, please visit


https://www.drasintrisk.com/shop

Book for free Consultation with our experts today.


Mobile Number:+918290439442, Email-forensic@drasintrisk.com



DRASInt Risk Alliance Private Limited acts as your Consultative Investigative Unit (CIU) for Field Investigation Services and Surveillance. We specialize in investigations related to Arson, White Collar Crime, Financial Fraud and Malpractice, Corporate Fraud, and Forgery. We specialize in Protective Intelligence, Industrial Surveys, Asset Verification, Accident Investigation Services, and Fire Damage Investigation Services, Character Report, Background Verification, Identity Verification Services, Pre-Employment Check, Documentary Proofing, Bank Card Verification, Digital Forensics Services, and Forensic Audit Services, Insurance Fraud Investigation and Insurance Claim Verification. We also undertake to investigate Anti-Counterfeit Services, Infringement of Trade Mark, Trademark Verification, and Pilferage of Good. As private investigators, we undertake Property Dispute and Asset Verification Investigations, investigations related to Matrimonial Discord, Extra Marital Affairs, and Spouse Fidelity and Pre Matrimonial Verification. Sourcing and provisioning of Security Manpower and Equipment, and conducting Security, Investigation, Intelligence Awareness Training programs are some of our other specialties.


DRASInt RISK ALLIANCE PRIVATE LIMITED कॉपीराइट के उल्लंघन, साहित्यिक चोरी या प्रकाशन के अन्य उल्लंघनों के मुद्दों को बहुत गंभीरता से लेती है। हम अपने अधिकारों की रक्षा करना चाहते हैं और हम हमेशा साहित्यिक चोरी के दावों की जांच करते हैं। प्रस्तुत पाठ की जाँच की जाती है।जहाँ पाठों में पाया जाता है कि बिना अनुमति के या अपर्याप्त स्वीकृति के साथ तृतीय-पक्ष कॉपीराइट सामग्री शामिल है, हम कार्रवाई करने का अधिकार सुरक्षित रखते है। प्रतियाँ बनाने का अधिकार डेटाबेस, या वितरकों को उपलब्ध है जो विभिन्न दर्शकों को पांडुलिपियों या पत्रिकाओं को प्रसारित करने में शामिल हो सकते हैं।


DRASInt RISK ALLIANCE PRIVATE LIMITED प्रकाशित सामग्री का एकमात्र मालिक है।


References

  1. https://www.maltego.com/blog/how-to-use-maltego-transforms-to-map-network-infrastructure-an-in-depth-guide/

  2. https://securiumsolutions.com/blog/maltego-osint-tool/

  3. https://itsec.group/blog-post-osint-guide-part-1.html

  4. https://monoredled.weebly.com/blog/maltego-classic-license-key

  5. https://www.hackers-arise.com/post/2016/11/08/how-to-use-maltego-part-1-gathering-info-on-a-domain

  6. https://www.shodan.io/

  7. https://securityboulevard.com/2020/05/quick-guide-how-to-use-shodan/

  8. https://www.wikihow.com/Use-Shodan

  9. https://www.hackeracademy.org/hacking-with-shodan-how-to-use-shodan-guide/

  10. https://www.researchgate.net/publication/305683970_Search_by_Image_A_Novel_Approach_to_Content_Based_Image_Retrieval_Systemhttps://www.makeuseof.com/tag/tineye-searching-for-images-with-image/

  11. https://www.groovypost.com/howto/reviews/become-online-image-detective-tineye-review/

  12. https://en.wikipedia.org/wiki/TinEye

  13. https://tineye.com/about

  14. https://www.hollandlitho.com/search_images_by_color_with_tineye_multicolorengine.html

  15. https://whatis.techtarget.com/definition/Google-dork-query

  16. https://www.hackingloops.com/google-dorks/

  17. https://medium.com/infosec/exploring-google-hacking-techniques-using-google-dork-6df5d79796cf

  18. https://pdfcoffee.com/google-dorks-3-pdf-free.html

  19. https://www.cybrary.it/blog/0p3n/google-dorks-easy-way-of- hacking/

  20. https://www.techopedia.com/definition/30938/google-dorkinghttps://www.hackingloops.com/google-dorks/

  21. https://www.sciencedirect.com/science/article/abs/pii/S135348580970025X

  22. https://kit.exposingtheinvisible.org/en/how/google-dorking.html

  23. https://www.cybrary.it/blog/0p3n/google-dorks-easy-way-of-hacking/

  24. https://www.exploit-db.com/google-hacking-database