Hacker News new | past | comments | ask | show | jobs | submit login
A collection of several hundred online tools for OSINT (github.com/cipher387)
212 points by bj-rn on Sept 23, 2022 | hide | past | favorite | 27 comments

I am astounded by what is feasible with OSINt - from tracking Vice Presidenal picks and billionaires jets to counting tanks destroyed.

I don't really understand the Venn Diagram here with journalism, spying and democratic debate, but it's there.

A cottage industry that I assume will explode into things like

- Hiring background checks

- consumer credit and counter party analysis

- supply chain somethings (the old how many trucks left that depot last month tells you something valuable)

Any other ideas ? Companies already springing up to do this?

How will hiring background checks move into a Cottage Industry? Isn't this already a business that is corporatized?

I suppose it depends how deep the rabbit hole goes.

I am guessing that it started with random HR woman who looks up a candidates Facebook profile and sees loads of drinking images (cf Danish Prime Minister)

But turn that into a small company that just looks for drinking references for New Yorkers at a certain age and can correlate to "unsafe drinking behaviour" - now the corporate background checks that once were just criminal record checks and university attendance can add a "gold" service - they are just getting a rating from a cottage industry provider now - but it's the same idea - count number of photos with a cocktail in hand.

I am just putting it out there - it's just there are so many options.

To a large extent monitoring and aggregating out behaviour is what "social media" advertising is - but the same thing is likely to find other commercial uses as well as the big fundamental society changing effect of all of us being able to monitor our behaviour - and do so in medical context - your behaviour monitored in the best interests of the patient.

A Nanny State with your best interests at heart.

The first uses I've seen from governments have see fast response task forces during disasters.

With so many links in the document, you'd think they could spare one to define OSINT.

Open Source INTelligence.

Compare with SIGINT, HUMINT, MASINT and other intelligence sources. I believe it’s military/intelligence terminology but you see it in security jargon too.

And habitually written all in upper case because of radio teletypewriter (RTTY) encoding!

Sure, but as someone who reads a ton of history books with other *INT terms this is the first I'm learning of this one, and there are plenty of people who have less context than me.

I got intrigued by OSINT near the beginning of the Ukraine war. I imagine a lot of community members have related background experience. But interesting to think of those without experience that got into it and can have an impact with the tools available.

There's a good podcast called New Models where they interview someone from the OSINT community. Recommend this if it piques your interest.


It looks like a reference to the episode “NM Special Report: Open Source Intelligence (OSINT) & Ukraine w/ @pdthorn,” published in February 2022: https://www.patreon.com/posts/nm-special-open-63189724 (mirror: https://www.listennotes.com/podcasts/new-models-public/nm-sp... )

You'd think by now there would be a opensource dashboard aggregating all these.

I often use this one https://osintframework.com/

For which the source is there https://github.com/lockfale/osint-framework

Is this more than an odd UI over what amounts to one of those GitHub "awesome" lists of links? I drilled down on a few categories and it seems like it's just that, but... slower to use.

I find it easier to navigate personally, but you can still use the one in the OP if you prefer that kind of style.

OSINT is glorified web-scraping =)

What are you credentials? As someone who does "OSINT", and has tried to automate it -- no, it is not glorified web scraping.

you may be doing manually because most information out there is not as digested as we'd hope it to be, but if you eventually scrape your sources, your life would be infinitely easier and your work much more powerful. The NSA was doing some "OSINT" not too long ago... imagine if you scrape Instagram, facebook, linkedin, maps, etc.

You have no idea what you're talking about, sorry.

Show me how you automatically "digest" a photo into geolocated coordinates or a chronolocated timestamp, please.

Not all OSINT is geolocation and belling cat, dude.

I didn't assert either of those things.

in fact, a huge chunk of it is threat intel

Web scraping of a particular set of data, all of which has a locus you may find surprising (you)

No reference to amass?

Maybe it's just one pull request away...

Is this how they found the Novichok poisoners?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact