Skip to content

airborne-commando/OPSEC-OSINT-Tools

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,313 Commits
img
img
 
 
markdown
markdown
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

OSINT

Table of Contents

  1. disclaimer
  2. Suggestions
  3. Why
  4. OSINT/OPSEC Tools
  5. key points
  6. OPSEC
  7. Open Source Intelligence (OSINT)
  8. Digital Profiling
  9. closed sourced
  10. IMINT
  11. Real world examples of OSINT
  12. Tools
  13. People search tools (in the states)
  14. Grey literature
  15. Breached Data
  16. Social Media
  17. Self OSINT
  18. Curated lists
  19. References

DISCLAIMER

I am not responsible for any misuse, abuse, or unethical actions taken with the tools or methods listed here. OSINT is a neutral technique—anyone can use it, and anyone can be targeted.

Note: Some domains (e.g., exposed.lol) may be expired. Refer to the curated list or alternate links provided.

Suggestions

Open an issue for any suggestions or feedback.

To update this guide use:

git pull

after cloning.

Why?

People trust the internet too much. In today’s world, online and offline are practically the same—truth and fiction blur. This README exists to raise awareness. Clone it, fork it, remix it, or even turn it into a Rentry page. Spread the knowledge however you like.

Also this guide can help prevent issues such as doxing. The obvious way is to follow Key-Takeaways and use people search tools with a self audit to reduce the amount of info you have on yourself publicly12.

Can you predict someone’s behavior with this? not exactly; people are unpredictable at times.

OSINT/OPSEC Tools

A list of OSINT/OPSEC tools I made, forked, and/or use.

If you want some quick methodology I suggest you read this markdown.

Key points

Notable Examples of Bad Tor OPSEC

  • School Bomb Threats
    • Harvard’s Eldo Kim3 identified for using Tor on school network as the only user and admitting guilt.
  • Silk Road Case
    • Ross Ulbricht4 linked to Silk Road by using his real name/email, posting about Tor, and failing to hide server IPs. The laptop was basically seized according to the FBI.

"On Oct. 1, 2013, an F.B.I. operation in a public library in San Francisco ended with the arrest of Ross Ulbricht, who was the brain behind Silk Road... At that moment, another agent took the open laptop while logged into the Silk Road administrator's panel" (Oliyaee, 2024, para. 2).5

"ULBRICHT created Silk Road in January 2011, and owned and operated the underground website until it was shut down by law enforcement authorities in October 2013"
(U.S. Department of Justice, 2015, para. 1).4

"The FBI arrested Ulbricht and seized his laptop on October 1, 2013. A judge sentenced Ulbricht to life in prison for drug trafficking, computer hacking, and money laundering in 2015" (FBI, n.d., para. 2).6

"In 2015, Ulbricht was sentenced to life in prison but was pardoned in 2025" (Reiff, 2025, para. 3).7

Ross was pardoned8 in 2025 by the trump administration.

  • LulzSec Hacking Group
    • Members exposed themselves by discussing ops in public IRC9101112, revealing personal info, using stolen cards13 to home addresses, and trusting informants.

"Spitler admitted to communicating during the data breach with his co-defendant, Andrew Auernheimer, 25, who was arrested January 18, 2011, in Fayetteville, Ark., while appearing in state court on unrelated drug charges. The two wrote each other during the breach using Internet Relay Chat, an Internet instant messaging program. Those chats included discussions between Spitler, Auernheimer, and other Goatse Security members about the best way to take advantage of the breach and associated theft"
(Federal Bureau of Investigation, 2012).13

  • General Bad OPSEC Practices
    • Poor compartmentalization, leaking sensitive info, predictable naming, traceable work hours, and unsecured servers.
  • Mullvad VPN: Security Contrast14 15
    • Features: anonymous accounts, strong encryption, no-logs, lockdown mode, DNS blockers, open-source, accepts Monero/cash and is independently audited161718.
    • Caution: No tool is foolproof; human error remains the weakest link.

Digital Profiling and Behavioral Analysis Guide

  • Understand the Basics
    • Digital profiling gathers and analyzes online data; behavioral analysis infers motives, habits, and future actions.
  • Collect Digital Biographical Information
    • Gather identifiers, track online activity, search for recurring usernames, document findings.
  • Analyze Behavioral Patterns
    • Look for posting times, topics, language, interaction style, preferred platforms, and social networks.
  • Examples
    • Use AI tools to analyze old posts for recurring interests; tools like Blackbird/Maigret help track usernames across platforms.
  • Assess Competencies and Affinities
    • Evaluate technical skill, privacy awareness, sociability, and domain expertise.
  • Use Analytical Tools
    • Employ search engines, data aggregators, visualization/statistics tools and Natural Language Processing (NLPs) for deeper analysis.
  • Iterate and Refine
    • Continuously update the profile as new data emerges; use structured documentation.
  • Ethical and Legal Considerations
    • Only use legally accessible data; respect privacy and avoid harassment.
  • Defending Against OSINT Profiling
    • Practice good OPSEC, use disinformation, audit yourself, and set profiles to private.

Real-World OSINT and OPSEC Examples

Criminals Sony Pictures Hack (2014): Used OSINT on staff and infrastructure for phishing and breach.19

"Email notifications sent via accounts like designedcuratedamy58[@]gmail.com alerted operators whenever targets began assessments or ran malicious curl commands" (Priya, 2025, para. 14).20

Ashley Madison Breach (2015): Used CSINT to leak sensitive user data, causing blackmail and public exposure.

“When the company balked, the group published personal information about 36 million users. That’s a lot of very personal information of a lot of people” (Schifferle, 2016, para. 5).21

Civilians - Identifying Russian Soldiers: Used facial recognition and open-source images to ID participants in conflicts.22 - Cameroon Investigation: Used metadata and geolocation to verify military abuses.23

Law Enforcement - Tracking Stolen Property: Monitored online marketplaces to recover stolen goods.24 - ShadowDragon’s SocialNet: Mapped social networks from 200+ sources to aid investigations.25

OPSEC Failures - Guccifer 2.0: Forgot to activate VPN, exposing real IP and identity.15 - Silk Road’s Ross Ulbricht: Used personal email and left digital traces, leading to arrest.4

(Operations Security) is a systematic process for:

  1. Identifying26
  2. Protecting and controlling critical information2627

It's a security discipline and operations function that involves a continuous cycle of:

  • Identifying critical information and indicators (CII)
    • Critical information and indicators are essential components of Operations Security aimed at protecting sensitive data that could be exploited by adversaries. Critical Information includes unclassified or controlled unclassified information about activities, intentions, capabilities, or limitations that adversaries can use to gain an advantage. Indicators are observable actions or pieces of information that reveal critical details about operations, such as sudden changes in procedures or increased security measures. Protecting this information involves identifying vulnerabilities and implementing countermeasures to prevent unauthorized disclosure
  • Analyzing potential threats and vulnerabilities
  • Assessing risks
  • Developing countermeasures to protect CII

is used to protect information and activities from adversaries. It helps identify and protect sensitive information that could give an adversary an advantage. OPSEC principles can be applied in daily life, such as not sharing personal information like a DOB, street address, email, phone number.

Examples of OPSEC mistakes include:

  • Over-sharing personal information online

    • Chris Chan:
      has a huge digital footprint and is easily fooled by trolls online.282930

  • suspectAGB: as stated by the BBC.

"Tariq Monteiro, 23, and Siyad Mohamud, 24, were part of a group which targeted Alex Smith over a gang-based feud as he left a restaurant near Euston station on 12 August 2019. The pair fled to Kenya immediately after the incident and were arrested in Nairobi last year. They both refused to appear for their sentencing hearing at the Old Bailey. Monteiro, of no fixed address, was ordered to serve a minimum of 24 years in prison, while Mohamud, of Barker Drive, Camden, will serve at least 23 years." (Evans 2023, para. 1–4)31

He shared a kitchen photo and people were able to deduce where he was due to an appliance. As stated by bugzorc opsecfail

"Observant individuals quickly pinpointed his location, thanks to telltale signs like common household plugs and the typical kitchen setup. Moreover, the metadata of his posts gave him away."
(bugzorc 2025, para. 1)32

  • Leaving unused social media online

Interaction/elicitation:

Interacting with a target on social media has been shown to compromise anonymity, as noted by opsecfail. For instance, w0rmer uploaded a photo of his girlfriend that still contained GPS Exif data, which ultimately led investigators to her. When questioned, she admitted he had asked her to take the picture.
(bugzorc 2025, para. 3; opsecfail.github.io/blog.html?filecase=w0rmer)33

Similarly, w0rmer himself explained in an interview that he often provoked people online and had a deliberate process for cleaning photos of metadata. However, during one publishing slip, he accidentally uploaded the wrong image that contained Exif data, which gave authorities critical information.
(“W0rmer – Darknet Diaries” 2020, 00:25:58–00:26:41; darknetdiaries.com/transcript/63)34

OPSEC supplements other security disciplines rather than replacing them.

How to OPSEC:

  • Use services that can conceal your identity:
Category Tool/Technique Description Pros Cons/Limitations
Encrypted Messaging Telegram Cloud-based messaging with optional E2E ("Secret Chats") Widely adopted, feature-rich Not E2E by default; stores data on servers; requires phone number
Simplex No user identifiers (not even random numbers) Maximum metadata privacy Less user-friendly; smaller network
Signal E2E encrypted by default; minimal metadata retention Gold standard for privacy; court-resistant Requires phone number
Anonymity Networks Tor Routes traffic through encrypted nodes to hide IP Free; robust against tracking Slow; frequent CAPTCHAs
Mullvad VPN No-logs VPN accepting Monero (XMR) payments Strong privacy; anonymous payment options VPNs can’t fix poor OPSEC habits
Cryptocurrency Monero (XMR) Untraceable cryptocurrency Private transactions Requires mining/local node for full anonymity + time
Identity Management Unique Usernames Use different credentials per site Prevents correlation attacks Hard to manage without a password manager
Word Spinners Paraphrase text to avoid detection Evades plagiarism/identity linking May sound unnatural
AI-Generated Faces Fake profile pictures (e.g., ThisPersonDoesNotExist.com) Hides real identity May look unnatural
Self-OSINT Opt-Out Guides Remove personal data from people-search sites Reduces digital footprint Time-consuming; not all sites honor requests without payment
OPSEC Resources Bad OPSEC Examples List of pitfalls Learn from others’ mistakes N/A
Good OPSEC Practices Guidelines Actionable tips Requires discipline
Tool Lists OPSEC Tools Curated list Comprehensive resource May need updates

Key Takeaways

  1. Messaging:

    • Signal OR Simplex > Telegram for privacy.353637

    • Remember: E2E ≠ total anonymity (metadata leaks/habits matter)33343832.

  2. Anonymity:

    • Tor + Mullvad VPN + XMR = layered protection.
    • Avoid logging into personal accounts while using these tools.
    • Pitfalls: you need to use TOR and Mullvad separately for maximum Anonymity, use a Virtual Machine for VPN's and TOR on another (or the host).

  3. Identity:

    • Unique usernames + Unique behavior = harder to trace.

  4. Self-Audit:

  5. OPSEC Mindset:

Note:

By TOR I mean Tor Browser, VPN as in Virtual Private Network, and by Virtual Private Network I mean by Virtual Private Network Service - IE: Mullvad (though it can be other types of VPN's out there as long as it's safe to use and vetted by privacy experts). XMR is Monero Coin or Monero for short, a Privacy Coin.

Check Wikipedia or the sources cited If you're confused on all of these here:

  1. VPN service3940, what we're gonna use here.
  2. TOR, What should be used separately.414243
  3. XMR, for VPN's that take XMR as payment.44

Pro Tips

  • Monero Mining: Run a local node to avoid centralized exchanges tracing purchases.45

For full tool details, see the OPSEC Tools List.

disinformation

Disinformation4647 in the context of OSINT (Open Source Intelligence) refers to deliberate actions taken to obscure, mislead, or mask the true activities, intentions, or identities of individuals or organizations from those conducting open-source intelligence gathering. here.

Open Source Intelligence (OSINT)

What is it, how is this used and why is it important:

  • OSINT is the practice of collecting and analyzing information from public sources to address specific intelligence needs. OSINT is used by government agencies and commercial organizations for various purposes, including:

    • Reconnaissance
    • Cyber crime investigations
    • Market trend analysis
    • Brand positioning analysis
    • Measuring risk to an organization
    • Understanding the actor, tactics, and targets
    • Gather real-time information
    • Make informed decisions
    • Receive early warnings of potential threats

Who uses Open-Source Intelligence (OSINT)?

  • National Security and Intelligence Agencies, Law Enforcement, Businesses, Cybersecurity and Cyber-crime Groups, Privacy-Conscious People, Non-Governmental Organizations

    • The CIA48, Defense Intelligence Agency (DIA)49, and Office of the Director of National Intelligence (ODNI) all use OSINT50.
    • OSINT can protect citizens (private or otherwise) from identity theft, sexual violence, and abuse5152.
    • OSINT can monitor competitors, investigate new markets, and plan marketing activities53.
    • OSINT can gather intelligence about specific targets online.
    • OSINT can check how outsiders can break into their computing devices.54
    • OSINT can be used on oneself to secure privacy.2
    • Bellingcat55 and the Center for Information Resilience56 use OSINT.
    • And you! Yes, you can use OSINT.

Sources of OSINT

OSINT can gather information from various sources, including:

  • Public government data as stated by the University of North Texas Libraries57.

Public data is data that is used, reused and or redistributed. Government entities operating at various judicial levels such as local, state, federal, and the international levels. This creates various amounts of public data, which is accessible without restrictions. Terms of use must be agreed to or approved depending on consideration before accessing these datasets and or records, such as Heath (HIPPA) and or Educational Data.

Such can include for example casesearch in Pennsylvania Courts; landlord, criminal, civil et al should have an address as that's public govt info.

A Parcel search for tax history.

An official Justice site listing all states and their local judicial. Case search should be in state judiciary, also for other information such as tax records and property records.

  • According to Johns Hopkins University it is.

“A subfield of publishing which distributes academic research and scholarship” (Shin, 2025)58.

  • Commercial data:

"Commercial Data means any and all data and information relating to an identified or identifiable Person (whether the information is accurate or not), alone or in combination with other information, which Person is or was an actual or prospective customer of, or consumer of products offered by, the VS Business or L Brands Business, as applicable. Commercial Data means any and all data collected or otherwise processed by the Seller Entities relating to a customer of the Business" (Law Insider, 2025).59

  • Grey literature:

"Grey literature, as defined by the Welch Medical Library, is "information produced on all levels of government, academics, business and industry in electronic and print formats not controlled by commercial publishing i.e. where publishing is not the primary activity of the producing body"
(Joseph, 2025, paras. 1–2)"60.

  • genealogical OSINT:

Genealogy: Using family history research and genealogy databases as an intelligence-gathering tool. Death records: Gathering intelligence from records such as death notices, obituaries, gravestone databases, and burial registries.(news papers or local news sites)

"Genealogical research is the tracing of an individual's ancestral history using historical records, both official and unofficial" (University of Maryland Libraries, n.d., para. 1).61

"Genealogy is the study of families and their ancestors and histories"
(Virginia Tech University Libraries, n.d., para. 1).62

  • Google Dorks:
Operator Description Example
site: Search within a specific website or domain site:example.com
intitle: Find pages with specific words in the title intitle:"login page"
allintitle: All words must appear in the title allintitle:admin login
inurl: Words in the URL inurl:admin
allinurl: All terms in the URL allinurl:dashboard admin
filetype: or ext: Search for specific file types filetype:pdf or ext:xls
intext: Word or phrase in the page body intext:"confidential"
allintext: All terms in the body text allintext:password username
link: Pages linking to a specified URL link:example.com
define: Look up a word definition define:opsec
related: Find sites similar to a URL related:example.com
* Wildcard – matches any word "admin * login"
OR Either search term can appear login OR signin
AND Both terms must appear (default behavior) username AND password
- Exclude term login -facebook
" Exact phrase "confidential file"

Advanced Search Operators Created by Daniel Russell63.

Default Behavior

  • Google treats multiple words as if connected by AND, so results must contain all terms unless you specify otherwise.
  • Quotation marks, site:, and filetype: are among the most commonly used explicit operators for more targeted searches.

These operators are not used unless you include them in your query—Google’s default is simply to return results matching all your search terms, ranked by relevance.

Real world examples of OSINT

In the year 2016, a basket weaving image board used OSINT to pay some supposed terrorist a visit from a govt in Russia resulting in airstrikes.

"In 2016, amid the Syrian Civil War, rebel groups tried to overthrow President Assad, leading to foreign involvement from the U.S. and Russia. On 4chan, users identified a rebel camp from a Jaysh al-Izza video and relayed its coordinates to Russian contacts, resulting in airstrikes after the camp was located twice (Pezle, 2022)."3864

UPDATE: Turns out it was a really complex war65 the 4chan got involved in, still keeping this up as a key example however; the main issue is that they exposed their training locations with geographic locations to the internet like complete morons. Thus bad opsec.

In 2017, Shia LaBeouf had a protest due to Trumps election; this resulted in a basket weaving image board using OSINT and [sky patterns to figure out where a flag is.

"In 2017, 4chan users managed to track down and replace Shia LaBeouf's "He Will Not Divide Us" protest flag. Using only the live-stream footage of the flag, they analyzed flight patterns, star positions, and a tweet to locate the flag in Greeneville, Tennessee. A local troll then honked his car horn until the sound was picked up on the live-stream, pinpointing the exact location. The flag was replaced with a Trump hat, marking the end of this elaborate trolling operation (Lamoureux, Mack 2017)."66

Digital profiling (OSINT profiling).

Digital profiling and behavioral analysis are powerful techniques for understanding individuals based on their online activities and digital footprints. While these methods are often used by professionals, you can apply many of the same principles and processes yourself by following a structured approach. This creates possible interest and hobbies of an individual.

Read more inside this readme on Digital Profiling

Closed Sourced Info

HUMINT can be collected overtly (e.g., interviews, debriefings, diplomatic reporting) or covertly (e.g., espionage, clandestine surveillance).

Breached Data

And remember, closed sourced info can change depending on context. If it came from social media then it's considered open source as it's already out there. If it's from a closed source document like let's say a USB drive then consider it closed source.

See also CSINT

IMINT

IMINT(Image Intelligence) involves collecting and analyzing visual imagery—satellite, aerial, drone, or ground photos—to extract useful information.5067 Contains information such as SOCMINT and Reverse Search.

GEOINT5067 is information on geographic locations. Geospatial data may also be called GEOINT data. It's to understand human activity or events and to layer that with data along with geolocations and timing. It has non-military uses as well, example would be for first responders issuing an emergency for a wildfire68.

Three examples of GEOINT tools that you can access right now:

Tools

Category Tool Link Functionality Notes
Search Engine Queries dorksearch Link Advanced Google dorking Manual query building
Google-FU GitHub Advanced Google dorking Rate limits, CAPTCHAs
gdork gist Shell script for Google dorking In development tapermonkey script
Google Advanced Link Direct Google dorking No saved searches; Example
Biometric Analysis Facecheck.ID Fork GitHub Main Reverse image search bypass Tampermonkey required; source links only
Genealogy genealogyintime genealogyintime A search engine that's specifically made for genealogy, can find obits and is free* not HTTPS, need to know what you're looking for.
findagrave findagrave A grave searching site have to know the name of the person, city; also may not be listed.
Jobs Resume Indeed Link Resume search Expensive subscription
LinkedIn Link Company/person info Verification often needed
Financial Paypal Link Person confirmation via email/phone Account required
Username/Email Search Blackbird GitHub Cross-platform username/email lookup CLI only
Crow (GUI) GitHub GUI for Blackbird Same as CLI
Sherlock GitHub Username search (300+ sites) CLI; false positives
No-Shit-Sherlock GitHub GUI for Sherlock Inherits limitations
Maigret GitHub Username connections Sherlock fork
Maigret-Night (GUI) GitHub GUI for Maigret Same as CLI
Holehe GitHub Email usage check CLI; false positives
Email Compromises Hudson Rock Extractor GitHub Manual email breach check Flask-based; manual input
Geolocation/GEOINT Google Maps Link Location pinpointing Public data only
Bing Maps Link Bird's eye/satellite view Variable quality
Google Earth Link 3D/2D, historical views Use with other services
geohints Link GeoGuessr metadata Provides location clues
GeoGuessr GPT Link AI photo location AI hallucinations; 3 free uploads
findpiclocation Link AI photo location Accuracy varies
Generalized OSINT OSINT Rocks Link Multi-tool interface Web-based
one-plus Link Toolkit with bookmarks Tools may change
MISC Tools zabasearch-auto GitHub US public info lookup CLI; advanced usage
link extractor and archive GitHub Archive.ph tool CLI; basic pages; manual edits
Tapermonkey Scripts voter reg status PA voter info export CSV output; Tampermonkey
Universal Background Check Exports from PeopleSearch/Voter data (light) Tampermonkey script, not accurate for mm-dd. it is with year on DOB for votes.
Breach.vip search and reddit analyzer search known breached databases check wayback machine API for twitter usernames, analyze Reddit usernames Still in development, trying to figure out the kinks.
Extensions Wayback machine FF Chrome Wayback search; deleted tweets Archived content only
Archive Page FF Chrome Archive.today search Page must be archived
Xcancel FF Chrome Privacy Twitter front-end Conflicts possible
reddit-uncensored FF Chrome Restores deleted Reddit content Arctic Shift API
usertoihsoyct GitHub Username redirect Firefox addon

Key Insights & Pro Tips

  1. False Positives:

    • Sherlock/Holehe: Imgur often returns misleading results—verify manually.
    • Facecheck.ID: Extracts links but doesn’t analyze images; cross-reference with Pimeyes (10 searches) or others listed on 6.

  2. GUI vs. CLI:

    • CLI Tools (Blackbird, Sherlock, Maigret): requires technical familiarity.
    • GUI Wrappers (Crow, No-Shit-Sherlock): Easier for beginners; same back-end logic.

  3. Email Investigations:

    • Combine Holehe (account detection) + Hudson Rock Extractor (breach data) for thorough checks; see Toolchain Recommendations.

    • For Gmail-specific OSINT, use GHunt (via OSINT Rocks).

    • Verify a google email, you'll need to be logged in to your own:

         https://calendar.google.com/calendar/u/0/embed?src=youremail@gmail.com

A post from a linkedin account named Forensic OSINT69:

"In a clever LinkedIn post, 🔐Yoni shares a privacy insight and a practical OSINT technique worth bookmarking.

First, the Gmail dot trick: Google ignores dots in addresses, so variations like davidsmith@gmail[.]com, d.a.v.i.d.s.m.i.t.h[@]gmail[.]com, and david.smith[@]gmail[.]com all route to the same inbox, a fact that’s often misunderstood in email investigations.

More importantly for OSINT work, Yoni highlights a method to check if an email is linked to a Google account using Google Calendar. Just plug the email into this URL while logged into your own Google account:

https[:]//calendar[.]google[.]com/calendar/u/0/embed?src=youremail@example[.]com

If the address is connected to a Google account, the calendar interface loads and displays the bolded email address in the bottom left. If it doesn’t exist, it simply shows “Google Calendar.”

🔍 Why It Matters: This is a quick, non-intrusive way to validate if an email is active on Google’s ecosystem, especially helpful when vetting aliases, burner accounts, or verifying user identities in investigations (Forensic OSINT, 2025)."

  1. Geolocation:

    • Use Google Maps Street View to verify addresses/landmarks from other tools (e.g., ClustrMaps).
    • Use birds eye view in bing maps
    • use google earth for a detailed view.

  2. OPSEC Notes:

    • Rate Limits: Tools like Google-FU may trigger blocks—use proxies/VPNs.
    • Legality: Avoid scraping private data (e.g., Facebook pro) without consent.

  3. Bio-metric Analysis: You can supplement your bio-metric analytics with these tools by extracting the results from:

  • faceonlive.com (3 or 4 search limit, may need TOR)
  • lenso.ai

After that open image in new tab and save or drag it into facecheck.id and compare (as mentioned earlier on step 1)

Toolchain Recommendations

  • Quick Username Search: Crow (GUI for in-depth) → Maigret (GUI for in-depth) → Sherlock (CLI for depth).
  • Email Breaches: Have I Been Pwned → Pentester (freeish) → OSINT Rocks (Hudson Rock/Holehe) → LOLArchiver.
  • Images: Facecheck.ID → Pimeyes → lenso.ai → faceonlive
  • Files: Encrypted drives (LUKS) → veracrypt → keepassxc

Note on Pentester: Pentester can provide free results on usernames, etc but on a time limit, not worth to buy a service if you're smart and keep records (snapshot).

Note: For keepassxc it's a good idea to use a strong password or a YubiKey (hardware password/security key) you may also create an additional database, one that has the password you can remember; the other that has the generated database password for sensitive files.

For niche tools, refer to the Curated Lists section.

Pipeline discussed here

People search tools (in the states):

DISCLAIMER: The type of info found on these sites appear to from other data brokers, social media profiles that are public or viewable by everyone, compiled data/info from federal, state, and local government public records.

  • people search aggregators70, typically used in the united states. can give you information on someone such as an email, home address, date of birth, etc.
Tool Lookup By Returns Notes
FastPeopleSearch Name, Phone, Address Age, Address, Phone, Email Free; data may be outdated.
That's Them Name, Email, IP, VIN, Phone IP, Addresses, Phone, Email Aggregates data from Intelius/Spokeo; some paid results.
Nuwber Name, Phone, Email, Address DOB, Address, Email, Phone Detailed reports may require payment.
IDCrawl Name, Username, Phone, Email Names, Usernames, Phone, Email Focuses on usernames/social media.
PeekYou Name, Username, State Age, Social Media, Emails, Addresses Strong for social media profiling.
Webmii First + Last Name Social Media, Search Results Lightweight; scans public web/social profiles.
PublicRecords Name, Address, State Name, Address, Partial Phone Free directory; redirects to Intelius for paid details.
ClustrMaps Name, Address Addresses, Residents, Property, IP Data Focuses on geolocation/demographics; may include ownership history.
fastbackgroundcheck Name, Address, Phone Number Name, Address, Phone Number, Emails Seems to comb though billions of records as stated on it's website
zbase first, last name, city state Names, Possible Relatives, User IDs, Address, Phone Number, Emails, education, job history comes from various sources, as stated on it's faq, free partial look up and is accurate*

Key Observations:

  1. Free vs. Paid: Most tools offer basic info for free but upsell detailed reports (e.g., PublicRecords → Intelius).
  2. Data Sources: Many pull from the same breaches/public records (emails/phones often outdated but still in use).
  3. Specializations:
    • Social Media: PeekYou, IDCrawl.
    • Geo-location: ClustrMaps.
    • Comprehensive: FastPeopleSearch, Nuwber, fastbackgroundcheck.

Disclaimer: Accuracy varies; users rarely update emails unless compromised. Use ethically!

Grey literature

Use this site; do not register, check a voter registration. Will probably need more info in some states; while others need less.

An automatic tool that I've made for pa voter services. Feel free to fork for other states.

Breached Data:

Tool Lookup By Returns Limitations/Costs Notes
Have I Been Pwned Email, Phone Breach names, dates, compromised data Free; no passwords/raw data Trusted source; alerts for new breaches.
BreachDirectory Email, Username Partial password hashes (SHA-1, first 4 chars), length Free; no full passwords Useful for credential stuffing checks.
Breach.vip Email, Username Minecraft-focused leaks (usernames, IPs) Free; requires login Niche for gaming accounts; "memey" but functional.
LeakPeek Email, Username Partial breach snippets (e.g., domains) 5 free searches; Tor bypass possible Paid plans for full data; obfuscates results.
LOLArchiver Email, Username Full breach databases (e.g., emails, passwords) Paid service only For OSINT professionals; curated high-value leaks.
Icebreaker Local breach files Parses/analyzes large breach datasets Python/EXE; works best for <1000GB files Demo script provided; use with caution (e.g., Facebook 533M leak).
hashes.com Hash (MD5, SHA-1, etc.) Decrypted passwords (if hash is cracked) Free/paid cracking tools Useful for reversing hashes from breaches.
pentester.com Email, Username Full breach details (more than HIBP) *Free; no Tor needed; use incognito/private browsing mode. Extensive; may include sensitive data.
Hudson Rock Email, Username, Domain, APK Infostealer infection indication, general information Free; no passwords/raw data Infostealer only data
archive.trace.rip detailed information user submitted Historical Data Breaches Archive data breaches and scrapes throughout history

Curl commands

Breach VIP API curl commands / Alias

breachemail() {
  curl -X POST https://breach.vip/api/search \
       -H "Content-Type: application/json" \
       -d "{\"term\": \"$1\",\"fields\": [\"email\"],\"wildcard\": false, \"case_sensitive\": false}" \
   >     /tmp/results-email.txt && cat /tmp/results-email.txt
}

breachuser() {
  curl -X POST https://breach.vip/api/search \
       -H "Content-Type: application/json" \
       -d "{\"term\": \"$1\",\"fields\": [\"username\"],\"wildcard\": false, \"case_sensitive\": true}" \
   >     /tmp/results-user.txt && cat /tmp/results-user.txt
}

breachphone() {
  curl -X POST https://breach.vip/api/search \
       -H "Content-Type: application/json" \
       -d "{\"term\": \"$1\",\"fields\": [\"phone\"],\"wildcard\": true, \"case_sensitive\": false}" \
   >     /tmp/results-phone.txt && cat /tmp/results-phone.txt
}

breachname() {
  curl -X POST https://breach.vip/api/search \
       -H "Content-Type: application/json" \
       -d "{\"term\": \"$1\",\"fields\": [\"name\"],\"wildcard\": false, \"case_sensitive\": true}" \
   >     /tmp/results-name.txt && cat /tmp/results-name.txt
}

R00M101

analyze() {
  curl -X GET "https://api.r00m101.com/analyze/$1" -H "accept: application/json" > /tmp/reddit-user.txt && cat /tmp/reddit-user.txt
}

Take a look at the documents which I will link here

Key Takeaways:

  1. Free vs. Paid:

    • Free: HIBP, BreachDirectory, Pentester, Hashes.com, breach.vip.
    • Limited Free: LeakPeek (5 searches), Breach.vip (login required).
    • Paid: LOLArchiver, LeakPeek plans.

  2. Specializations:

    • Password Recovery: Hashes.com (decrypt hashes), BreachDirectory (partial hashes).
    • Gaming Leaks: Breach.vip (Minecraft).
    • Local Analysis: Icebreaker (Python tool for large datasets).

  3. Ethical/Legal Notes:

    • Many tools provide partial data (e.g., first 4 chars of passwords) to comply with ethics.
    • Use Tor with LeakPeek to bypass search limits.
    • Avoid misuse: Some tools (e.g., Pentester) may expose sensitive data.

  4. For Large Datasets:

Additional Resources:

social media

Platform Tool URL Functionality Limitations/Notes
General Social Searcher social-searcher.com Searches multiple platforms at once navigate public web search results more easily, does not collect, store, or scrape data from any social media platforms, and we do not access private content or use any official or unofficial APIs. about
Snapchat Snapchat Map map.snapchat.com View public Snapchat location stories Requires Snapchat account
Instagram Dumpor dumpor.com View profiles/stories anonymously May have rate limits
imginn imginn.com View profiles/stories anonymously
Twitter Sotwe sotwe.com Privacy-focused Twitter front-end No login required
Xcancel xcancel.com Privacy-focused Twitter front-end No login required, Lightweight interface
Nitter nitter.net Privacy-focused Twitter front-end No login required
Facebook Facebook Search facebook.com/search Native Facebook search tool Limited without login
WhoPostedWhat whopostedwhat.com Search Facebook posts by date/keyword Requires precise queries, public accounts
reddit r00m101.com r00m101 Get detailed info from an active or deleted reddit account including “stage of life” and “hobbies”. Pricing for full scope and features
ihsoyct ihsoyct Get archived posts from a reddit account from both APIs Host can be down, pushpull is still non-functional as of writing. see limitations different repo but raises a good point on archives.

Pro Tips & Workarounds

  1. Facebook Private Accounts:

    • Method 1: Create a fake account (difficult due to Facebook's verification)
    • Method 2: Use browser's Inspect ElementDevice Simulator (or mobile phone) + direct URL
    • Always try logged out or in private mode first

  2. LinkedIn Limitations:

    • If profiles don't load:
      • Wait 1-2 minutes (cookie/IP rotation)
      • Create a basic account (avoid looking suspicious)
    • HWID/IP tracking may block repeated searches

  3. Twitter Alternatives:

    • Use Nitter/Xcancel/Sotwe to browse anonymously.

  4. Instagram:

    • Dumpor bypasses some privacy settings
    • Quick Use https://dumpor.io/v/USERNAME replace USERNAME with the user you are trying to see
    • Will not work with private accounts
    • You may also use https://imginn.com/
      • firefox
      • chrome make sure to not use picuki, disable tiktok; use a different profile or browser. Can use firefox.

Key Takeaways

  • Anonymity: Tools like Nitter/Dumpor avoid platform tracking

  • Mobile Tricks: Simulating mobile devices often works better for restricted content

  • Persistence: Some platforms (LinkedIn/Facebook) require patience or account creation

  • For additional tools see the Curated Lists section below.

Curated lists

OSINT Lists:

Wiki's:

TOOLKIT:

NEWSLETTER(S):

example:

"facecheck.id" site:https://osintnewsletter.com

OPT OUTs

Toolchain (self-OSINT):

Google dorks:

flowchart TD
    A@{ label: "Google Search Query:<br>'first last' 'Street Address'<br>'City state' 'age'" } --> B["Results about you"]
    B --> C["Big Ass Data Broker Opt Out List"]
    C --> D["IntelTechniques<br>Opt-Out Workbook"]
    D --> E["People Search Tools"]

    A@{ shape: rect}
    click B "https://myactivity.google.com/results-about-you"
    click C "https://github.com/yaelwrites/Big-Ass-Data-Broker-Opt-Out-List"
    click D "https://inteltechniques.com/workbook.html"
Loading

Notice

Results about you (google index) can also be emailed so keep that in mind when comparing info from these sources such as:

Google will find websites containing your first-last name and address and will ask to remove it from the index. Before applying the removal process on google search be sure to remove info from the website itself that it's hosted on. Google Dorking seems to be a bit quicker and preemptive on removing info about yourself after you visit said sites (if applicable).

Also with doing google dorks the manual way is that you won't get flagged by google itself as a bot.

Additional tools:

  • For additional tools see the curated-lists above

Donations:

If you find this useful feel free to donate to this monero address:

monero

8BPdcsLtA5iWLNTWvYzUVyTWtQkM62e8r7xqAuwjXTSC4RcoSWqpmtyLsMYvz3QNZtT1rbgPUnmVpMAudhxTn6zkRxUFcZN

References:

Footnotes

  1. Electronic Frontier Foundation. "Doxxing: Tips To Protect Yourself Online & How to Minimize Harm." Electronic Frontier Foundation, 14 Dec. 2020, www.eff.org/deeplinks/2020/12/doxxing-tips-protect-yourself-online-how-minimize-harm. Accessed 23 Sept. 2025.

  2. Martisiute, Laura. “A Guide to Doxxing Yourself on the Internet - JoinDeleteMe.” joindeleteme, 22 Jan. 2024, joindeleteme.com/doxxing/a-guide-to-doxxing-yourself-on-the-internet. 2

  3. “Harvard Student Charged With Making Hoax Bomb Threat.” United States Department of Justice, 16 Dec. 2014, www.justice.gov/usao-ma/pr/harvard-student-charged-making-hoax-bomb-threat.

  4. “Ross Ulbricht, a/K/a ‘Dread Pirate Roberts,’ Sentenced in Manhattan.” U.S. Department of Justice, 29 May 2015, www.justice.gov/usao-sdny/pr/ross-ulbricht-aka-dread-pirate-roberts-sentenced-manhattan-federal-court-life-prison. 2 3

  5. Oliyaee, A. (2024, March 31). Ross Ulbricht’s laptop: The heart of the Silk Road. Plasbit. https://plasbit.com/blog/ross-ulbricht-laptop

  6. “Ross William Ulbricht’s Laptop.” FBI, www.fbi.gov/history/artifacts/ross-william-ulbrichts-laptop. Accessed 25 Sept. 2025.

  7. Reiff, Nathan. “Who Is Ross Ulbricht?” Investopedia, 24 Jan. 2025, www.investopedia.com/tech/ross-ulbricht-dark-net-pirate.

  8. Hayes, Christal. “Trump Pardons Silk Road Creator Ross Ulbricht.” BBC, 22 Jan. 2025, www.bbc.com/news/articles/cz7e0jve875o. https://www.justice.gov/pardon/media/1386096/dl?inline pardon from trump

  9. “Hacker Pleads Guilty to Infiltrating AT&T Servers, iPad Data Breach.” FBI, 23 June 2011, archives.fbi.gov/archives/newark/press-releases/2011/hacker-pleads-guilty-to-infiltrating-at-t-servers-ipad-data-breach.

  10. Katz, Basil. “Four Irish, British Suspects Helped Stratfor Hack: U.S.” Reuters, 2 May 2012, www.reuters.com/article/world/us/four-irish-british-suspects-helped-stratfor-hack-us-idUSBRE8411P7.

  11. Hope Trampski. “Hacktivism: The Short Life of LulzSec.” Purdue University cyberTAP, 5 Dec. 2024, cyber.tap.purdue.edu/blog/articles/hacktivism-the-short-life-of-lulzsec.

  12. FBI. “Leading Member of the International Cyber Criminal Group LulzSec Sentenced in Manhattan Federal Court.” FBI, 27 May 2014, www.fbi.gov/contact-us/field-offices/newyork/news/press-releases/leading-member-of-the-international-cyber-criminal-group-lulzsec-sentenced-in-manhattan-federal-court.

  13. Federal Bureau of Investigation. (2012, March 6). Six hackers in the United States and abroad charged for crimes affecting over one million victims. FBI. https://archives.fbi.gov/archives/newyork/press-releases/2012/six-hackers-in-the-united-states-and-abroad-charged-for-crimes-affecting-over-one-million-victims 2

  14. Mohammad Taha Khan, Joe DeBlasio, Geoffrey M. Voelker, Alex C. Snoeren, Chris Kanich, and Narseo Vallina-Rodriguez. 2018. An Empirical Analysis of the Commercial VPN Ecosystem. In Proceedings of the Internet Measurement Conference 2018 (IMC '18). Association for Computing Machinery, New York, NY, USA, 443–456. https://doi.org/10.1145/3278532.3278570

  15. “Library Research Guides: Digital Privacy: Digital Privacy Practices.” Indiana University Bloomington, wayback machine, 7 July 2025, web.archive.org/web/20250208104257/https://guides.libraries.indiana.edu/c.php?g=1325689&p=9771453. 2

  16. mullvad. “Mullvad VPN Privacy Is a Universal Right.” Mullvad, 27 Mar. 2025, mullvad.net/en/blog/tag/audits.

  17. “Why Mullvad VPN?” Mullvad, mullvad.net/en/why-mullvad-vpn. Accessed 25 Sept. 2025.

  18. Mullvad. “No-logging of User Activity Policy.” Mullvad, 23 May 2025, mullvad.net/en/help/no-logging-data-policy.

  19. “North Korean Regime-Backed Programmer Charged With Conspiracy To.” United States Department of Justice, 6 Feb. 2025, www.justice.gov/archives/opa/pr/north-korean-regime-backed-programmer-charged-conspiracy-conduct-multiple-cyber-attacks-and.

  20. Priya. (2025, September 5). North Korean hackers shift strategies – Replacing old infrastructure with new assets. Cyberpress. https://cyberpress.org/north-korean-hackers/

  21. Schifferle, L. W. (2016, December 14). Ashley Madison settles with FTC over data security. Federal Trade Commission. https://www.ftc.gov/business-guidance/blog/2016/12/ashley-madison-settles-ftc-over-data-security

  22. Bhuiyan, Johana. “Ukraine Uses Facial Recognition Software to Identify Russian Soldiers Killed in Combat.” The Guardian, 24 Mar. 2022, www.theguardian.com/technology/2022/mar/24/ukraine-facial-recognition-identify-russian-soldiers. Internet Archive, https://archive.ph/PGrf0

  23. “Cameroon: Soldiers Get 10 Years for Murder of Civilians.” Human Rights Watch, 28 Oct. 2020, www.hrw.org/news/2020/09/23/cameroon-soldiers-get-10-years-murder-civilians.

  24. MPA, Brandon Burley. “OSINT Tools for Investigators to Track Criminal Activity Online.” Lexipol Media Group, 23 Aug. 2025, www.police1.com/investigations/thinking-like-a-criminal-how-osint-can-take-your-investigations-further.

  25. Department of Homeland Security. Freedom of Information Act (FOIA) Activity for the Week of March 20, 2025- March 26, 2025 DHS Privacy Office March 31, 2025 Weekly FOIA Report. 31 Mar. 2025, www.dhs.gov/sites/default/files/2025-07/25_0731_PRIV_Chief_FOIA_Officers_Weekly_Report_March_31_25_to_June_30_25.pdf.

  26. CSRC Content Editor. “Operations Security (OPSEC) - Glossary. CSRC.” Computer Security Resource Center, csrc.nist.gov/glossary/term/operations_security. Accessed 25 Sept. 2025. 2

  27. Department Of Labor. “Operations Security (OPSEC).” United States Department Of Labor, www.dol.gov/agencies/oasam/centers-offices/emergency-management-center/operations-security. Accessed 25 Sept. 2025.

  28. “The Comprehensive Chris Chan Documentary.” www.youtube.com, uploaded by GenoSamuel, 24 Feb. 2019, www.youtube.com/playlist?list=PLABqEYq6H3vpCmsmyUnHnfMOeAnjBdSNm.

  29. Leighton, Mara, et al. “A Timeline of Chris Chan’s Incest Charge and Dismissal, Which Came After Years of Online Trolling That Documented the Creator’s Relationship With Her Mother.” Business Insider, 18 Aug. 2024, www.businessinsider.com/chris-chan-saga-timeline-incest-charges-arrest-2021-8.

  30. IMDb. “Christine Weston Chandler.” IMDb, www.imdb.com/name/nm4813395. Accessed 25 Sept. 2025.

  31. Evans, Jacob. “Alex Smith: Drill Rappers Sentenced to Life Over Street Stabbing.” BBC, 12 May 2023, www.bbc.com/news/uk-england-london-65570367.

  32. bugzorc. “suspectAGB.” opsecfail, opsecfail.github.io/blog.html?filecase=suspectAGB. Accessed 25 Sept. 2025. 2

  33. bugzorc. “W0RMER.” opsecfail, opsecfail.github.io/blog.html?filecase=w0rmer. Accessed 25 Sept. 2025. 2

  34. “W0rmer – Darknet Diaries.” darknetdiaries, episode 63, 14 Apr. 2020, darknetdiaries.com/transcript/63. 2

  35. Gomzin, Slava. “Telegram May Not Be as Secure as It Claims.” IEEE Spectrum, 14 Oct. 2024, spectrum.ieee.org/telegram-security.

  36. Signal. “Is It Private? Can I Trust It?” Signal, support.signal.org/hc/en-us/articles/360007320391-Is-it-private-Can-I-trust-it. Accessed 25 Sept. 2025.

  37. “SimpleX: Redefining Privacy by Making Hard Choices.” SimpleX, 16 May 2024, simplex.chat/blog/20240516-simplex-redefining-privacy-hard-choices.html.

  38. “The Time 4Chan Called in an Airstrike.” Youtube, uploaded by Pezle, 17 Aug. 2023, www.youtube.com/watch?v=OR6epSP_Xlw. 2

  39. "Washington State Technology. What Is a VPN, and How Does It Work?" Washington Technology Solutions. watech.wa.gov/what-vpn-and-how-does-it-work. Accessed 25 Sept. 2025.

  40. State Of New Jersey. “Virtual Private Networks.” State Of New Jersey Cybersecurity & Communications Integration Cell, www.cyber.nj.gov/guidance-and-best-practices/wi-fi-network-security/virtual-private-networks. Accessed 25 Sept. 2025.

  41. CISA. “Defending Against Malicious Cyber Activity Originating From Tor.” Cybersecurity Infrastructure Security Agency, 2 Aug. 2021, www.cisa.gov/news-events/cybersecurity-advisories/aa20-183a.

  42. New York University. “Demystifying the Dark Web: An Introduction to Tor and Onion Routing – Networks at ITP.” New York University, itp.nyu.edu/networks/explanations/demystifying-the-dark-web-an-introduction-to-tor-and-onion-routing.

  43. CIA. “CIA’s Latest Layer: An Onion Site - CIA.” CIA, 7 May 2019, www.cia.gov/stories/story/cias-latest-layer-an-onion-site.

  44. Kuo, Tsung-Ting et al. “Comparison of blockchain platforms: a systematic review and healthcare examples.” Journal of the American Medical Informatics Association : JAMIA vol. 26,5 (2019): 462-478. doi:10.1093/jamia/ocy185

  45. Rüth, Jan, et al. “Digging into Browser-Based Crypto Mining.” Proceedings of the Internet Measurement Conference 2018, ACM, 2018, pp. 70–76. Crossref, https://doi.org/10.1145/3278532.3278539.

  46. College of Staten Island. “CSI Library: Misinformation and Disinformation: Thinking Critically About Information Sources: Misinformation, Disinformation, and Malinformation.” Misinformation and Disinformation: Thinking Critically About Information Sources, uploaded by College of Staten Island, 25 Aug. 2025, library.csi.cuny.edu/misinformation.

  47. Ghenai, Amira, and Yelena Mejova. "Catching Fire: Identifying Propaganda on Social Media in the Context of the Russia-Ukraine War." PLOS ONE, vol. 17, no. 2, Feb. 2022, p. e0263421. PubMed Central, doi:10.1371/journal.pone.0263421. Accessed 22 Sept. 2025.

  48. ODNI and CIA. “ODNI and CIA Release the Intelligence Community OSINT Strategy for 2024-2026.” office of the director of national intelligence, 8 Mar. 2024, www.dni.gov/index.php/newsroom/press-releases/press-releases-2024/3784-odni-and-cia-release-the-intelligence-community-osint-strategy-for-2024-2026.

  49. DIA. “OPEN SOURCE INTELLIGENCE (OSINT).” Defense Intelligence Agency, 23 Oct. 2023, www.dia.mil/About/Open-Source-Intelligence.

  50. Office of the Director of National Intelligence. “Intelligence Community.” Office of the Director of National Intelligence, www.odni.gov/index.php/ncsc-what-we-do/121-dni/intelligence-community. Accessed 24 Sept. 2025. (Office of the Director of National Intelligence, “What Is Intelligence?,” sec.HUMINT) 2 3

  51. FBI. “Behavioral Analysis.” FBI, www.fbi.gov/how-we-investigate/behavioral-analysis. Accessed 25 Sept. 2025.

  52. Bagdasar, Hannah. “Recognising Sexual and Gender-Based Violence as an Open Source Researcher - Bellingcat.” Bellingcat, 3 Mar. 2023, www.bellingcat.com/resources/2023/03/03/sexual-and-gender-based-violence-open-source-researche-osint-digital.

  53. U.S. Small Business Administration. “Market Research and Competitive Analysis.” U.S. Small Business Administration, www.sba.gov/business-guide/plan-your-business/market-research-competitive-analysis. Accessed 25 Sept. 2025.

  54. Ibm. “Penetration Testing.” ibm.com, www.ibm.com/think/topics/penetration-testing. Accessed 25 Sept. 2025.

  55. Wild, Johanna. “Introducing Bellingcat’s Collaborative Open Source Toolkit.” Bellingcat, 24 Sept. 2024, www.bellingcat.com/resources/2024/09/24/bellingcat-online-investigations-toolkit.

  56. Centre for Information Resilience. “OSINT 101: What Is Open Source Intelligence (OSINT)? - Centre for Information Resilience.” Centre for Information Resilience, 1 Sept. 2023, www.info-res.org/afghan-witness/articles/osint-101-what-is-open-source-intelligence-osint. Accessed 25 Sept. 2025.

  57. “Guides: Finding Datasets: Public Data Sources.” University of North Texas Libraries, 22 Jan. 2025, guides.library.unt.edu/datasets/public-data-sources.

  58. Shin, Nancy. "Scholarly Publishing Explained." Welch Medical Library, Johns Hopkins University, Sep 25, 2025. https://browse.welch.jhmi.edu/scholarly_publishing/explanation

  59. Law Insider. (2025). Commercial data definition. Law Insider Dictionary. Retrieved from https://www.lawinsider.com

  60. Joseph, E. (2025, September 24). What is grey literature? Johns Hopkins University, Welch Medical Library. https://browse.welch.jhmi.edu/c.php?g=1195274

  61. Virginia Tech University Libraries. (n.d.). Research guides: Genealogy: Index. Virginia Tech. https://guides.lib.vt.edu/topics/genealogy

  62. University of Maryland Libraries. (n.d.). Research guides: Maryland genealogy: What is genealogical research? University of Maryland. https://lib.guides.umd.edu/c.php?g=326980&p=2198795

  63. Russell, D. (n.d.). More about Daniel. Google Sites. https://sites.google.com/site/dmrussell/more-about-dan

  64. chasd00. "Remember When 4chan Figured Out the Location of a Terrorist Training Camp From O..." | Hacker News. 22 Dec. 2022. Hacker News, news.ycombinator.com/item?id=33913443. Accessed 24 Sept. 2025.

  65. “Syria’s Civil War Reignites in Dramatic Fashion as Russia Joins Airstrikes on Rebels Who Seized Aleppo.” CBS News, 2 Dec. 2024, www.cbsnews.com/news/syria-war-aleppo-airstrikes-russia-assad-rebels-offensive.

  66. Lamoureux, Mack, and Mack Lamoureux. “How 4Chan’s Worst Trolls Pulled off the Heist of the Century.” VICE, 27 July 2024, www.vice.com/en/article/4chan-does-first-good-thing-pulls-off-the-heist-of-the-century1.

  67. “IC21: The Intelligence Community in the 21st Century.” U.S. Government Publishing Office, www.govinfo.gov/content/pkg/GPO-IC21/html/GPO-IC21-6.html. Accessed 25 Sept. 2025. 2

  68. dni. “JCAT Intelligence Guide for First Responders.” Office of the Director of National Intelligence, www.dni.gov/nctc/jcat/jcat_ctguide/intel_guide.html. Accessed 25 Sept. 2025.

  69. Osint, Forensic. “In a Clever LinkedIn Post, Yoni Shares a Privacy Insight and a Practical OSINT Technique Worth Bookmarking.” linkedin, 7 Aug. 2025, www.linkedin.com/posts/forensicosint_in-a-clever-linkedin-post-yoni-shares-activity-7359045935919755266-JdTX.

  70. FTC. “What to Know About People Search Sites That Sell Your Information.” FTC, July 2022, consumer.ftc.gov/articles/what-know-about-people-search-sites-sell-your-information.

About

A list of OSINT/OPSEC tools I made and or use.

Topics

osint guide cybersecurity opsec guidebook osint-tools osint-toolkit osint-toolset opsectoolkit opensourceintelligence osint-tool-list

Resources

Readme

License

Unlicense license
Activity

Stars

41 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2