Back to Blogs
Tech Sperts Osint With Kris Jones, Nisos
Share this Article

Explore the Power of Open Source Intelligence: A Beginner's Guide

  • Publish Date: Posted 6 months ago
  • Author:by Kris Jones, Director of Engineering at Nisos

Kris Jones, Director of Engineering at Nisos, provides an introduction to OSINT and how it can be used by engineers and those in various industries to uncover a world of information in minutes!

The article delves into Open Source Intelligence (OSINT) and its applications in gathering information about individuals, groups, or companies, highlighting its potential for both positive and negative purposes. It is essential to underscore the impact that engineers wield when engineering platforms. Engineers must prioritise best practices to prevent data leakage and consider the inadvertent release of data through seemingly innocuous public and private API routes.

Interested in a career in technology? We have new job roles from entry-level to senior and managerial positions live on our website - VIEW HERE!

What is Open Source Intelligence?

Open Source Intelligence (OSINT) is defined as intelligence produced by collecting, evaluating, and analysing publicly available information with the purpose of addressing specific intelligence questions.

As Randy Nixon, the Director of OSINT at the CIA, describes OSINT, "As you keep moving through time, with social media, big data, and now commercially available datasets, tomorrow it will be something else that comes along. If it's out in the open and is collectible or purchasable, that's open source, and it's a great source of information that we do everything we can to take full advantage of."

How to use Open Source Intelligence

Open source intelligence can be employed to gather information about individuals, groups, or companies. It can be utilised by sales and marketing professionals to obtain information about leads, by journalists to uncover information for stories, and, of course, by intelligence analysts. With the vast amount of data available online today, one can construct a remarkably detailed profile of a person or organisation based solely on publicly accessible data.

OSINT is likely something you have never heard of before. If that is the case, it can be very advantageous to become familiar with it. Think about every place you sign up for an account, every email address you have ever created, and every time you link your phone number to an email address for two-factor authentication (2FA). These are all mechanisms used to attribute accounts, find posts and data, all for the purpose of building a profile on an individual. Intelligence analysts can take a username or email address and, in mere minutes, obtain your complete employment history, address, social media accounts, old emails, and a wealth of other intriguing information.

Why should you care about OSINT?

We are all very familiar with the issues that Strava faced when they launched their heat maps and shared running routes. This is an excellent example of how open-sourced data can be utilised for purposes other than what it was intended for, to gather intelligence on a subject. A perfect illustration of this is the recent story published by CNN about the shooting of the Russian commander Stanislav Rzhitsky, who was killed while jogging, and who was suspected to have been tracked through Strava. "A Russian submarine commander shot to death while jogging on Monday may have been targeted by an assailant tracking him on a popular running app, according to Russian media," stated the CNN article.

Here's a unique example of how OSINT can impact you as an engineer. Imagine you are working for a tech company building the next groundbreaking product. Venture capitalists and potential acquirers conducting thorough due diligence can utilise OSINT techniques to gather information about the organisation they are considering investing in. An OSINT due diligence process can uncover potential risks, such as leaked credentials associated with company employees, down to social media posts that could harm a company's reputation. This truly epitomises the notion that if something is online at any point, it is always discoverable.

How to get started with OSINT

OSINT encompasses various forms and has a wide range of use cases. Some good examples of OSINT tools to get started with are Sherlock and GHunt. These tools demonstrate the power of OSINT through a few terminal commands. Sherlock identifies all accounts associated with a specific username, allowing analysts to uncover additional accounts a target may have on other social media sites and apps, such as Strava and Spotify. GHunt attributes all data associated with a Gmail account, including Google reviews, revealing the account owner's name and any related YouTube channels and accounts. This can help determine a target's location based on Google reviews and reveal their identity based solely on an email address.

As an engineer, you may contribute to OSINT analysis. From an engineering and security perspective, you should consider the data that your platform may inadvertently leak through seemingly innocent public and private API routes. The amount of incredibly valuable data that can be obtained by inspecting network requests and reverse engineering API routes from some of the most widely used platforms is alarming, especially when you start combining the data exposed from multiple platforms. As an engineering leader or architect, locking down the amount of shared data and preventing API reverse engineering through proper authentication is crucial to preventing valuable data from leaking from your platform. This is especially true for mobile apps, which often have poor API security that can be exploited through tools like Wireshark to discover exposed routes.

Best practices with Open Source Intelligence

Open Source Intelligence (OSINT) is a powerful tool that can be used for both good and bad purposes. It is important to emphasise the need for engineers to build platforms using best practices to prevent data leakage and to consider the inadvertent release of data through seemingly innocuous public and private API routes. By taking the necessary precautions, engineers can limit the amount of shared data and prevent API reverse engineering, thus safeguarding valuable data on their platform. This introduction should empower and enable you to further explore the power of OSINT.

Interested in a career in technology? We have new job roles live on our website - VIEW HERE!

Our team of specialised IT consultants can help with everything from interview tips to CV advice and landing your dream job! Do not hesitate to get in touch today at or send your CV to hello@vanrath.com

Keep up to date with all our latest blogs​, tips, advice and news HERE!​