Open-Source Intelligence (OSINT)
Open-Source Intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context. In the intelligence community, "open" refers to overt, publicly available sources — as opposed to covert or clandestine sources.
In application security and bug bounty hunting, OSINT is the foundation of effective reconnaissance. Before testing a single endpoint, researchers use OSINT techniques to map an organization's attack surface: discovering subdomains through certificate transparency logs, finding exposed credentials in paste sites and code repositories, identifying employee information through social media and job postings, and locating forgotten assets through historical web archives.
OSINT tools and techniques span a broad range — from passive DNS enumeration and search engine dorking to analyzing metadata in public documents and monitoring data breach repositories. Platforms like Shodan and Censys provide internet-wide scan data that reveals exposed services, default configurations, and unpatched systems. GitHub and GitLab searches frequently surface API keys, internal URLs, and configuration files accidentally committed to public repositories.
Effective OSINT requires both technical skills and analytical thinking. The challenge is not just collecting data but correlating information from multiple sources to build actionable intelligence about a target's infrastructure, technology stack, and potential weaknesses.
This page collects OSINT tools, methodologies, and resources for security researchers and bug bounty hunters.
From Wikipedia
| Date Added | Link | Excerpt |
|---|---|---|
| 2026-04-19 NEW 2026 | OSINT Framework: How to Build a Custom Maltego Transform | OSINT Framework: How to Build a Custom Maltego Transform |
| 2026-04-19 NEW 2026 | Top 10 OSINT Tools, Products & Solutions — SocialLinks | Top 10 OSINT Tools, Products & Solutions — SocialLinks |
| 2026-04-19 NEW 2026 | How to Use OSINT for Investigations — Moody's | How to Use OSINT for Investigations — Moody's |
| 2026-04-19 NEW 2026 | OSINT Industries — Online Investigations Platform | OSINT Industries — Online Investigations Platform |
| 2026-04-19 NEW 2026 | OSINT Tools Security Analysts Should Know for 2025 | OSINT Tools Security Analysts Should Know for 2025 |
| 2026-04-17 NEW 2026 | Geolocation 101: image-based OSINT tips | Geolocation 101: image-based OSINT tips |
| 2026-04-17 NEW 2026 | Image Analysis and Geolocation with OSINT (OSINT Combine) | Image Analysis and Geolocation with OSINT (OSINT Combine) |
| 2026-04-17 NEW 2026 | spiderfoot: OSINT automation for threat intel (GitHub) | spiderfoot: OSINT automation for threat intel (GitHub) |
| 2026-04-17 NEW 2026 | OSINT Framework: The Ultimate Guide for Ethical Hackers | OSINT Framework: The Ultimate Guide for Ethical Hackers |
| 2026-04-17 NEW 2026 | Spiderfoot vs Maltego for OSINT Research Cases | Spiderfoot vs Maltego for OSINT Research Cases |
| 2026-04-17 NEW 2026 | Operational Technology Discovery: ICS OSINT | Operational Technology Discovery: ICS OSINT |
| 2026-04-17 NEW 2026 | Beyond Google: Navigating the Hidden Internet with Shodan and Censys | Beyond Google: Navigating the Hidden Internet with Shodan and Censys |
| 2026-04-17 NEW 2026 | Comparative review: Shodan, ZoomEye, Netlas, Censys, FOFA | Comparative review: Shodan, ZoomEye, Netlas, Censys, FOFA |
| 2026-04-17 NEW 2026 | OSINT Gathering Using Censys (Hackers Arise) | OSINT Gathering Using Censys (Hackers Arise) |
| 2026-04-17 NEW 2026 | Top 5 OSINT Sources for Pentesting and Bug Bounties (Intel 471) | Top 5 OSINT Sources for Pentesting and Bug Bounties (Intel 471) |
| 2026-04-17 NEW 2026 | sarenka: OSINT tool (Shodan/Censys) (GitHub) | sarenka: OSINT tool (Shodan/Censys) (GitHub) |
| 2026-04-17 NEW 2026 | Domain and IP Investigation with OSINT: Complete Guide (OSINTBench) | Domain and IP Investigation with OSINT: Complete Guide (OSINTBench) |
| 2026-04-17 NEW 2026 | OSINT Techniques & Tools (Imperva) | OSINT Techniques & Tools (Imperva) |
| 2026-04-17 NEW 2026 | Top OSINT Tools For Dark Web (Brandefense) | Top OSINT Tools For Dark Web (Brandefense) |
| 2026-04-17 NEW 2026 | OSINT Basics: What is Dark Web Intelligence (DARKInt)? | OSINT Basics: What is Dark Web Intelligence (DARKInt)? |
| 2026-04-17 NEW 2026 | Top 15 OSINT Tools in 2025 (OSINT BYLE) | Top 15 OSINT Tools in 2025 (OSINT BYLE) |
| 2026-04-17 NEW 2026 | OSINT 2025: New and updated digital investigative tools | OSINT 2025: New and updated digital investigative tools |
| 2026-04-17 NEW 2026 | How to Use the OSINT Framework: Sources, Tools, Steps (BitSight) | How to Use the OSINT Framework: Sources, Tools, Steps (BitSight) |
| 2026-04-17 NEW 2026 | OSINT Tools And Techniques (Neotas) | OSINT Tools And Techniques (Neotas) |
| 2026-04-17 NEW 2026 | Complete OSINT Guide 2025: Find Anyone Online | Complete OSINT Guide 2025: Find Anyone Online |
| 2026-04-16 NEW 2026 | I Participated in a Trace Labs CTF - Now I'm Hooked on OSINT | I Participated in a Trace Labs CTF - Now I'm Hooked on OSINT |
| 2026-04-16 NEW 2026 | Recon Village - OSINT and Reconnaissance Village at DEF CON 33 | Recon Village - OSINT and Reconnaissance Village at DEF CON 33 |
| 2026-04-16 NEW 2026 | A Beginner's Guide to OSINT Investigation with Maltego | A Beginner's Guide to OSINT Investigation with Maltego |
| 2026-04-16 NEW 2026 | Social Media Intelligence (SOCMINT) in Modern Investigations | Social Media Intelligence (SOCMINT) in Modern Investigations |
| 2026-04-16 NEW 2026 | OSINT Challenge in 30: Social Media Geolocation | OSINT Challenge in 30: Social Media Geolocation |
| 2026-04-16 NEW 2026 | Trace Labs OSINT Educational Series | Trace Labs OSINT Educational Series |
| 2026-04-16 NEW 2026 | OSINT Investigation Techniques for Missing Person Cases (Trace Labs) | OSINT Investigation Techniques for Missing Person Cases (Trace Labs) |
| 2026-04-16 NEW 2026 | Automated OSINT Techniques for Digital Asset Discovery and Cyber Risk Assessment | Automated OSINT Techniques for Digital Asset Discovery and Cyber Risk Assessment |
| 2026-04-16 NEW 2026 | Awesome OSINT - A Curated List of OSINT Resources | Awesome OSINT - A Curated List of OSINT Resources |
| 2026-04-16 NEW 2026 | OSINT Techniques: Complete List for Investigators | OSINT Techniques: Complete List for Investigators |
| 2026-04-10 2026 | OWASP OSINT Resources | OWASP OSINT Resources |
| 2026-04-10 2026 | OSINT Framework - GeeksforGeeks | OSINT Framework - GeeksforGeeks |
| 2026-04-10 2026 | Top 10 OSINT Tools and Software for 2026 | Top 10 OSINT Tools and Software for 2026 |
| 2026-04-10 2026 | How to Conduct Investigations Using OSINT & Maltego | How to Conduct Investigations Using OSINT & Maltego |
| 2026-04-10 2026 | 8 Best OSINT Tools (Paid & Free) in 2025 | 8 Best OSINT Tools (Paid & Free) in 2025 |
| 2026-04-10 2026 | AI-Driven Reconnaissance Tools You Should Know | AI-Driven Reconnaissance Tools You Should Know |
| 2026-04-10 2026 | Best OSINT Tools for Cybersecurity and Investigations 2026 | Best OSINT Tools for Cybersecurity and Investigations 2026 |
| 2026-04-10 2026 | Best Open Source Windows OSINT Tools 2026 | Best Open Source Windows OSINT Tools 2026 |
| 2026-04-10 2026 | Top 10 OSINT Tools 2026 - DevOpsSchool | Top 10 OSINT Tools 2026 - DevOpsSchool |
| 2026-04-10 2026 | Open Source Intelligence GitHub Topics | Open Source Intelligence GitHub Topics |
| 2026-04-10 2026 | 13 Best OSINT Tools for 2025 | 13 Best OSINT Tools for 2025 |
| 2026-04-10 2026 | Top 10 Open Source Intelligence Tools 2026 | Top 10 Open Source Intelligence Tools 2026 |
| 2026-04-10 2026 | 9 Top OSINT Tools & How to Evaluate Them | 9 Top OSINT Tools & How to Evaluate Them |
| 2026-04-10 2026 | Best OSINT Tools for Intelligence Gathering (2026) | Best OSINT Tools for Intelligence Gathering (2026) |
| 2026-04-10 2026 | OSINT Bible: Comprehensive 2026 Guide | OSINT Bible: Comprehensive 2026 Guide |
| 2026-04-06 2026 | AI-enabled Workflows and Deeper Intelligence | AI-enabled Workflows and Deeper Intelligence |
| 2026-04-06 2026 | 10 Best Threat Intelligence Tools In 2026 | 10 Best Threat Intelligence Tools In 2026 |
| 2026-04-06 2026 | OSINT Intelligence Briefing - March 31, 2026 | OSINT Intelligence Briefing - March 31, 2026 |
| 2026-04-06 2026 | Open Source Intelligence (OSINT): AI-Powered Image Geo-Location | Open Source Intelligence (OSINT): AI-Powered Image Geo-Location |
| 2026-04-06 2026 | Top 15 OSINT Tools For Cybersecurity In 2026 | Top 15 OSINT Tools For Cybersecurity In 2026 |
| 2026-04-03 2026 | Bug Bounty 101: Top 10 Reconnaissance Tools | Netlas | Bug Bounty 101: Top 10 Reconnaissance Tools | Netlas |
| 2026-04-03 2026 | Top 10 OSINT Tools Everyone Should Know | SMIIT CyberAI | Top 10 OSINT Tools Everyone Should Know | SMIIT CyberAI |
| 2026-04-03 2026 | Top 10 OSINT Tools in 2025 Cyber Analysts Trust | Top 10 OSINT Tools in 2025 Cyber Analysts Trust |
| 2026-04-03 2026 | 10 Best Open Source Intelligence (OSINT) Tools Of 2025 | 10 Best Open Source Intelligence (OSINT) Tools Of 2025 |
| 2026-04-03 2026 | What is OSINT? Tools, Techniques and Framework Explained | What is OSINT? Tools, Techniques and Framework Explained |
| 2026-04-03 2026 | 15 Best OSINT Tools in 2026 | Lampyre | 15 Best OSINT Tools in 2026 | Lampyre |
| 2026-04-03 2026 | Open Source Intelligence Tools and Resources Collection | Open Source Intelligence Tools and Resources Collection |
| 2026-04-03 2026 | OSINT for Threat Enrichment: Deep Dive with Maltego, SpiderFoot, IntelX, Recon-ng | OSINT for Threat Enrichment: Deep Dive with Maltego, SpiderFoot, IntelX, Recon-ng |
| 2026-04-03 2026 | Top 15 Free OSINT Tools To Collect Data From Open Sources | Top 15 Free OSINT Tools To Collect Data From Open Sources |
| 2025-08-14 2025 | IVMachiavelli/OSINT_Team_Links: Links for the OSINT Team | The content is a title indicating a collection of links for an OSINT (Open Source Intelligence) team. The title suggests that there is a repository or list of useful links curated for the team's use in conducting open-source intelligence activities. It implies that the links provided may offer valuable resources, tools, or information relevant to the team's work in gathering intelligence from publicly available sources. |
| 2025-08-14 2025 | DataSploit/datasploit: An #OSINT Framework to perform various recon techniq | The content is about DataSploit/datasploit, which is an open-source intelligence (OSINT) framework used for conducting reconnaissance techniques. It is designed to assist in gathering information through various reconnaissance methods. The framework likely provides tools and functionalities to aid in data collection and analysis for intelligence purposes. |
| 2025-08-14 2025 | OSINT Framework | The OSINT Framework is a tool used for open-source intelligence gathering. It provides a structured approach to collecting information from publicly available sources. This framework assists in organizing and streamlining the process of gathering data for analysis and investigation purposes. By utilizing the OSINT Framework, users can efficiently access and compile information from various online resources to support decision-making and research efforts. |
| 2025-08-14 2025 | Hunchly - Better Online Investigations | The content provided is a brief mention of Hunchly, a tool that enhances online investigations. Hunchly likely offers features or services that aid in conducting thorough and efficient online research, potentially assisting users in gathering and organizing information from various online sources. The tool may be designed to streamline investigative processes, improve data collection, and enhance the overall quality of online research outcomes. |
| 2025-08-14 2025 | Terbium Labs | Terbium Labs is a company named after the rare earth element "terbium." It specializes in data intelligence and protection services. The company focuses on data security, fraud detection, and dark web monitoring. Terbium Labs helps organizations safeguard their sensitive information by monitoring for data breaches and unauthorized use of data on the dark web. |
| 2025-08-14 2025 | Automating OSINT Blog | The content provided is a title mentioning an "Automating OSINT Blog." It appears to be a brief reference to a blog focused on automating Open Source Intelligence (OSINT) processes. The blog likely discusses tools, techniques, and strategies for automating the collection and analysis of publicly available information for investigative purposes. It may offer insights into streamlining OSINT workflows and enhancing efficiency in gathering intelligence from various online sources. |
| 2025-08-14 2025 | Thingful - a search engine for the Internet of Things | Thingful is a search engine designed for the Internet of Things. It serves as a platform to search and discover connected devices and data streams across the IoT landscape. The tool allows users to explore and access a wide range of IoT devices, sensors, and data sources, providing a centralized hub for navigating the interconnected world of smart devices. |
| 2025-08-14 2025 | https://link.medium.com/DJpY3Ljgz3 | I'm sorry, but I am unable to access external content such as the one you provided. If you can provide me with the main points or key ideas from the content, I would be happy to help summarize it for you. |
| 2021-08-30 2021 | OSINT | OSINT stands for Open Source Intelligence. It refers to the practice of collecting and analyzing information from publicly available sources to gather insights and intelligence. OSINT sources include social media, websites, news articles, and government reports. This information can be used for various purposes such as threat assessment, competitive intelligence, and research. OSINT is valuable for both individuals and organizations to stay informed and make informed decisions based on publicly accessible data. |
| 2021-01-20 2021 | Gathering Open Source Intelligence | The content discusses gathering open source intelligence through techniques, automation, and visualization. It likely covers methods for collecting information from publicly available sources, utilizing automation tools to streamline the process, and visualizing data for better analysis. The focus is on leveraging open source intelligence effectively by employing various strategies and technologies. |
| 2017-06-13 2017 | Terbium Labs | Terbium Labs offers digital risk monitoring through Matchlight®. Their service helps monitor the open, deep, and dark web, as well as social media and mobile app stores, to detect instances of brand misuse and sensitive data exposure. This proactive approach aims to protect organizations from potential threats and data breaches by identifying and addressing risks in the digital landscape. |
| 2017-06-13 2017 | Thingful - a search engine for the Internet of Things | Thingful is a search engine designed for the Internet of Things. It serves as a platform to search and discover connected devices, sensors, and data sources across the IoT landscape. By providing a centralized hub for accessing IoT information, Thingful aims to simplify the process of finding and utilizing IoT resources for various applications and industries. |
| 2017-06-13 2017 | Hunchly - Better Online Investigations | The content is brief and only mentions the title "Hunchly - Better Online Investigations." It suggests that Hunchly is a tool or service that aims to improve online investigations. The focus seems to be on enhancing the quality and efficiency of investigations conducted on the internet. |
| 2017-06-13 2017 | Automating OSINT Blog | The content provided is simply the title "Automating OSINT Blog." It appears to be a reference to a blog or website focused on automating Open Source Intelligence (OSINT) processes. The blog likely covers topics related to using automation tools and techniques to enhance the efficiency and effectiveness of gathering intelligence from publicly available sources. |
| 2017-06-13 2017 | OSINT Framework | The OSINT Framework is a tool that provides resources and tools for open-source intelligence gathering. It offers a collection of various online resources, search engines, and tools to assist in conducting research and investigations. The framework aims to streamline the process of gathering information from publicly available sources to aid in intelligence analysis. It serves as a valuable resource for individuals and organizations looking to enhance their open-source intelligence capabilities. |
Frequently Asked Questions
- What is OSINT in cybersecurity?
- In cybersecurity, OSINT (Open-Source Intelligence) refers to gathering information from publicly available sources to assess an organization's security posture. This includes discovering subdomains, exposed credentials, employee information, technology stacks, and forgotten assets — all without directly interacting with the target's systems.
- What are the best OSINT tools for bug bounty?
- Key tools include Shodan and Censys for internet-wide scanning, theHarvester for email and subdomain discovery, SpiderFoot for automated reconnaissance, Maltego for relationship mapping, and Google Dorking for finding exposed files and admin panels. Certificate Transparency logs and GitHub search are also essential.
- How is passive recon different from active recon?
- Passive recon gathers information without sending any traffic to the target — using public databases, search engines, DNS records, and archived content. Active recon directly interacts with the target through port scanning, directory brute-forcing, and fingerprinting. Passive recon is undetectable; active recon may trigger security alerts.
Weekly AppSec Digest
Get new resources delivered every Monday.