OSINT & The Digital Footprint
OSINT stands for Open Source Intelligence, information that can be obtained from free and public sources. Offensive teams commonly use OSINT to perform reconnaissance on a target, an individual, or a corporation. Agencies and law enforcement can also leverage OSINT to gather information.
OSINT is an extensive-term. It is an overarching term of many different intelligence disciplines; however, in this task, we will be covering the topic as it is commonly known. Information is at the core of OSINT; information is typically found in two places,
- Clearnet: This refers to anything you can publicly access from your traditional web browser, including,
- GitHub
- Darknet: The darknet is accessed using special software and requires additional configuration; it is most commonly used by privacy-minded individuals, whistleblowers, censored people, criminals, journalists, and government law enforcement agencies. Below are a few examples of darknet:
- TOR
- Freenet
- I2P
- IPFS
- Zeronet
Information used in OSINT originates from the digital footprint. This may seem like a “buzz” word, but it is key to why OSINT can be rewarding. When conducting OSINT, we look at what data a target left behind to lead us to the information/objective we are seeking.
I did several CTFs in the past so this exercise was more of a refresher. I did not know about Keybase so that was a new learning for sure.
