45+ Top OSINT Websites and Resources

headshot of Nico Dekens – aka “Dutch OSINT Guy”Nico Dekens – aka “Dutch OSINT Guy”
8 Jul 2026
Investigator using OSINT websites and resources to analyze identity records and digital evidence
Key Takeaway

  • Building the right OSINT toolkit for your investigative needs comes down to pairing your investigation type, data requirements, scale, skill level, and budget with the tools that are most useful for the task at hand.
  • This guide to OSINT websites and resources is broken down by how you’d use these tools during an investigation: find, collect, investigate, verify, and analyze.

Most OSINT cheat sheets and checklists throw a laundry list of tools at you and leave you to figure out how they’re supposed to fit together. That’s where most people can get lost.

This guide is organized by investigative task, the things you do when working cases. Websites and resources are grouped by their use: locating sources, gathering data, investigating people/organizations, verifying claims, and mapping relationships. We’ve also included a section featuring valuable OSINT learning resources and professional organizations and associations for investigators.

Whether you’re developing your own OSINT process or trying to organize what you already know, this guide will help you think through your toolkit and how to use it.

How to choose the right OSINT tools and resources

Your ideal stack of tools and resources will depend on the question you’re trying to answer, your required turnaround time on each investigation, and the volume of data you’re working with. Start with your investigative needs then work into tooling.

1. Start with the type of investigation

Ask yourself what your end goal is. A fraud investigator tracking down accounts? An intelligence analyst looking to map out a network? A journalist fact-checking a source? Each vertical is ultimately looking to answer unique questions.

  • Fraud / threat intelligence: You’ll want tools that help link identities, reveal hidden relationships, and surface risk indicators across accounts and platforms.
  • Corporate due diligence: This may require looking into corporate records, ownership, litigation history, etc.
  • Law enforcement: Depending on your department you may care more about certain platforms that allow you to work with larger data sets, have auditability, easy evidence handling, etc.
  • Journalism / research: Source discovery, archival content, and verification will be more important to you.

Investing in resources and tools that aren’t made to help you answer your specific questions will leave you frustrated.

2. Match your question to the type of data

Different tools are optimized for finding different types of data. If you know what kind of information you want to find before you start searching, you can save yourself a lot of time. Otherwise, you may end up with more manual efforts, jumping between different tools and entering countless search queries.

  • Person-centric data: social profiles, usernames, phone numbers, email addresses, physical addresses
  • Corporate data: Business filings, subsidiaries, and executive relationships
  • Geolocation data: Maps, satellite images, location metadata
  • Leaks / breaches: Past exposures, historical datasets
  • Content / media: Photos, videos, captured webpages

3. Understand your scale: manual versus automated research

Are you doing a one-time search? Monitoring contacts over time?

Manual lookup tools can suit ad-hoc searches, checking data you already suspect to be valid, or doing one-off investigations.

Automated platforms are best suited for complex investigations, monitoring contacts or companies over time, visualizing relationships, or repeating a particular workflow on a regular basis.

If you’re doing ongoing investigations or continuous monitoring, you’ll find benefit from a tool that can automate tasks.

4. Be realistic about your skill level

Some resources cater to analysts who know how to write queries, and aren’t afraid of messy data. Others are designed to walk you through the process.

  • Gaining experience? Look for tools with guided searches and easily digestible outputs.
  • Seasoned analyst? You’ll want a tool that allows you to pivot between data types and perform entity resolution.

Just because a tool has more functionality doesn’t mean it is necessarily useful. Every extra button increases the chance you may be led to an incorrect conclusion.

5. Budget what you can afford

Free tools are a great gateway into OSINT, but can come with limitations, such as API rate limits, partial datasets, or manual workflows.

Freemium resources are fantastic entry points if you’re building experience with OSINT. They’re also ideal for one-off investigations or information verification.

With paid licenses, you’ll have access to better coverage, faster results, and can automate the boring stuff. If you’re using OSINT software as part of your regular workflow, a paid tool will almost always make your life better.

All-in-one OSINT platform

ShadowDragon® Horizon®

ShadowDragon® Horizon® is an enterprise OSINT platform for real-world investigations. You can search, correlate, and visualize data from hundreds of sources including social media, breaches, forums, geolocation, and more, all from a single starting point.

Purpose-built to scale and connect the dots, Horizon® automatically surfaces patterns, connections and relationships between people, accounts, and activity. The unrelated clutter stays in the background. Advanced tools support you throughout the investigation lifecycle, from quick lookups to complex network analysis, breach data to ongoing monitoring.

Find sources

OSINT Framework

The OSINT Framework contains hundreds of open-source intelligence tools organized into a clickable intuitive directory. Pick an investigation category, such as email, username, domain, or social media, and it will list links to tools helpful for each subtask.

What makes it powerful is how organized it is. Tools are categorized by type, source, and by what you’re looking for. You never feel like you have to stop researching to figure out your next step. It only includes free, public tools so it’s usually one of the first places analysts, journalists, and investigators will look.

IntelTechniques

Michael Bazzell’s IntelTechniques is an OSINT web site that focuses on sharing tools, techniques, and training materials for use in real-world investigations. If you need search engines, you’ll find a massive toolbox of custom made ones, sorted by data type (email, username, domain, social media, breach data) allowing you to pivot easily off of just one identifier.

It goes beyond the tools to show you the process. In addition to search engines, they have guides, books, and training materials that guide you through entire investigation workflows.

SPJ Toolbox

The SPJ Toolbox, compiled by the Society of Professional Journalists (SPJ), is a repository of tools and databases that journalists and investigators can use. It’s been around for years and includes many handpicked resources. The Toolbox indexes tools and guides on various topics, including public records, fact checking, encryption, and scraping.

It can help surface tools when researching for OSINT purposes, providing a clean directory when you need to identify tools fast. Find resources that have already been tested/tried for photo verification, document retrieval, trendspotting, etc. instead of going straight to Google.

Collect data

PACER

PACER is the United States federal court case information portal that allows you to access information for district courts, appellate courts, and bankruptcy courts. You can search dockets, filings, judgments, and associated documents.

Perfect for confirmation and follow-up research. Investigators use PACER to build timelines, figure out who was involved in a matter, and pull official documents from the court. PACER isn’t the easiest system to navigate (and they charge by the page), but it is straight from the courts.

Library of Congress

The Library of Congress is the largest library in the world and the research library of the United States Congress. It features online books, maps, photographs, audio files, legal archives, and historical records going back centuries in a variety of languages.

It’s perfect for OSINT research when you need something more substantial than a wiki lookup. Dive deep into primary sources, historical archives, and downloadable data sets to fact check statements and locate original source material off the beaten path.

Data.gov

Data.gov is the website for open government data from the United States Federal Government. It includes hundreds of thousands of datasets from federal, state, and local governments and agencies. Data.gov serves as a meta-index, providing links to datasets about healthcare, transportation, finance, crime, and more.

From an OSINT perspective, it’s less about uncovering secret information. Rather, it’s useful because of its scale and trusted source data. You’re able to access machine-readable datasets with consistent metadata. Useful applications include trend spotting or modeling and finding authoritative data to support claims.

FOIA Wiki

FOIA Wiki is a crowdsourced manual to the United States Freedom of Information Act (FOIA), administered by the Reporters Committee for Freedom of the Press and contributed to by organizations including MuckRock and the National Security Archive. It contains information on crafting requests, FOIA exemptions, appeals, and examples.

When it comes to OSINT, FOIA Wiki isn’t where you’ll find data. It’s where you learn how to find data. If the records you need don’t yet exist online for the public to see, FOIA Wiki can teach you how to request them.

Data Commons

Data Commons is a public, open-source knowledge graph compiling datasets. It links data around entities such as countries, cities, universities, and companies from sources including the US Census, World Bank, UN and more.

It can accelerate and provide context for OSINT research. Make queries across datasets, compare patterns and analyze trends side by side. Export linked structured data instead of having to cobble your own together. It’s helpful for analysis like finding patterns, correlations, and building baseline context.

OpenAddresses

OpenAddresses is a crowdsourced project started by others that aggregates and normalizes publicly accessible address information from across the globe. They combine street names, house numbers, zip codes, and lat/long coordinates from hundreds of publicly available sources into one open database of hundreds of millions of points of interest (POIs).

For OSINT research you can use OpenAddresses for geolocation and bulk validation of addresses. You can verify addresses, map points and associate people, companies, and POIs to physical locations using their street addresses (especially when combined with other datasets).

National Security Archive

The National Security Archive is a non-governmental, nonprofit organization and research institute focused on historical and current issues in U.S. foreign policy and national security. The organization’s mission is to gather and release declassified U.S. government documents, a significant portion of which come from FOIA requests. The Archive has one of the largest collections of formerly secret government records open to the public.

For OSINT, this is primary source info in the form of cables, memos, internal communications, all readily accessible. Use it for timelines. Verification, and to know what was actually happening behind the scenes.

MuckRock

MuckRock is a nonprofit website where you can submit, track, and publish public records requests. It automates FOIA for you by helping you compose requests, deliver them to agencies, and monitor responses all in one location.

MuckRock maintains a large public database of released documents and past requests. Search leads, verify information, and receive government records without having to re-create the wheel.

Investigate entities

OpenCorporates

OpenCorporates contains records for millions of companies, sourced from hundreds of official registries across 140+ jurisdictions. Data about corporations is normalized so you can search by entity name across all records.

OpenCorporates helps you map corporate networks at scale for OSINT use cases. Link companies to officers, see ownership networks, and connections to fraud or shell activity, all with source provenance for verification.

OpenSanctions

OpenSanctions provides a central repository of international sanctions lists, politically exposed persons (PEPs) and other high risk individuals, companies and vessels. Data from hundreds of sources are aggregated and normalized.

It’s valuable to OSINT because of data quality and normalization. Lists are cleansed, deduplicated, and standardized, allowing for easy entity matching, relationship mapping, and identification of risk during investigations related to sanctions, corruption or financial crime.

FamilySearch

FamilySearch.org is a free genealogy platform containing billions of records. Records include census information, birth and death records, and immigration records from around the world. You can search international datasets and create indexed profiles centered around individuals.

This can be helpful for OSINT work around figuring out identities and relationships. Records often connect together to create family trees. You can confirm names, locations and relationships with indexed primary-source documents.

OCCRP ID: Catalogue of Research Databases

OCCRP ID is an open platform built by the Organized Crime and Corruption Reporting Project where over 1,000 datasets have been compiled from over 180 countries. It’s made up of company records, court filings, property information and more. It tells you where information can be found and how to get it.

As an OSINT tool, it allows you to discover faster and conduct transnational research. You can follow assets, connect corporate dots, and link entities across borders with one tool. Ideal for financial crime and corruption cases.

The Accountability Project

The Accountability Project (TAP) is a massive public records search engine that indexes billions of records from government and watchdog datasets. Search by name, organization, or address to discover how that person or entity appears across datasets.

Speed matters for OSINT professionals. Connections matter. That’s why TAP links records the way transactions do. When you search, names, addresses, dates and dollar amounts connect so you can quickly map relationships, follow activity and identify patterns across datasets.

Go beyond the surface web

Intelligence X

Intelligence X is a search engine/data archive specifically designed for searching portions of the web that other search engines don’t index. It collects information from the dark web, leaks/pastes, WHOIS, and historical archives which you can search using selectors such as email, domain, IP, phone number.

As for OSINT, you can uncover exposure and historical data. Find leaked credentials, track infrastructure, and pivot off one identifier to see activity across various sources that are typically harder to access.

Wayback Machine

The Wayback Machine is a digital archive of web pages owned by Internet Archive. Enter a website’s URL into the search box to view archived versions of the site going back years or even decades.

During OSINT investigations we use this mainly for historical validation. You can track changes over time, recover deleted content, and verify timelines with information obtained from archived versions of a website (ownership, messaging, contact information, etc.).

Exploit Database’s Google Hacking Database

Google Hacking Database (GHDB) consists of Google search engine queries (“Google dorks”) that can be used to locate confidential information that has been accidentally exposed and indexed by search engines. Found on Exploit-DB, GHDB categorizes Google queries to reveal open directories, login panels, configuration mistakes, and exposed files.

In OSINT investigations, you’re looking for what information is already publicly available. GHDB can reveal exposed assets for you to verify as potential risks. It reveals what your target accidentally exposed without having to interact with their systems.

The Hidden Wiki

The Hidden Wiki is a compilation of .onion links intended to help users browse the dark web. Links are indexed by category, such as forums, marketplaces, services, etc. It serves as a gateway site to find other sites not indexed by normal search engines.

As an OSINT tool, treat everything you find here as a starting point. Links may lead you to potential targets or pivots, but be prepared to find dead links or malicious content. Always verify anything you find with other sources.

Verify and monitor

Snopes

Snopes is an older fact checking website that covers rumors, viral stories and misinformation. They dissect claims with sources, context, and assign a verdict (true, false, etc.).

For OSINT purposes it serves as a quick filter. You can search to see if something has already been looked into, read the sources they quote, and use it as a launching point for further verification.

Google Alerts

Google Alerts will send you email notifications when new online content matches your search terms. Set up Google Alerts to monitor people, companies, domains, topics or whatever else you’re interested in tracking and have results sent to your inbox or RSS.

This is a useful tool for OSINT work that you can set and forget. Receive notifications for new mentions/narrative developments/changes around your targets instead of having to manually look for them.

Google Trends

Google Trends shows you how frequently certain keywords are searched compared to the overall volume on the site during a specified time frame. It shows you bursts of interest in specific terms, where interest in certain terms is higher geographically, and you can compare terms to each other.

For OSINT, this is great for timeline/pattern analysis. You can see when interest in a term started, correlate spikes of interest to real world events and track trends or narratives as they occur.

Google Fact Check Tools

Google Fact Check Tools is a search engine tool that returns fact-checks performed by third party publishers. Search a claim, quote, or topic to see how it’s been rated (true, false, misleading) with links to the fact-checking articles.

For OSINT purposes, it allows you to quickly fact check claims. It pulls fact checks from all over the web and allows you to filter by topic, source, or exact wording.

FotoForensics

FotoForensics is a free online image analysis tool. Upload a file or URL and they run a series of tests (primarily Error Level Analysis, ELA) which highlight suspicious compression levels, image structure and metadata.

It’s a handy tool to have in your OSINT toolkit for a quick first pass at identifying anything suspicious with an image. Areas of the photo that have been altered will usually be glaringly obvious in the ELA result and can help you determine if something has most likely been changed. Remember, it won’t be able to definitively tell you that a photo is fake, but it can point you in the right direction.

Analyze and improve

PhoneInfoga

PhoneInfoga is an Open Source Intelligence tool built to gather information about phone numbers. Starting with easily obtained info about a phone number (country, carrier, line type, etc.) it expands into wide-reaching searches against public databases, APIs, and search engines.

PhoneInfoga can also serve as a useful tool for OSINT pivoting. It can connect a phone number back to social media accounts, breach information, or spam/scam reports. Or you can tie into its CLI or API with larger projects.

Gephi

Gephi is free, open source software designed to create visualizations of relationships between datasets. Import connections between entities (individuals, accounts, domains) and Gephi will generate an interactive visualization of their network.

For OSINT specifically, it helps organize information. Visualize influencers, clusters, patterns by adjusting layouts, filters, and metrics in real time. Useful for network-focused investigations where the connections matter more than individual data points.

UNREDACTED Magazine

UNREDACTED Magazine is an online magazine focused on OSINT, privacy, and security. Instead of offering real-time updated content, UNM publishes occasional PDF magazines full of curated longer form articles you can download and read offline.

Articles about OSINT are typically well researched, curated, fact-checked, and worth reading for that alone. They go deeper. Ads are also nowhere to be found and the articles themselves tend to be more opinionated. You’ll read informational tidbits and opinions based on someone’s first hand experience you won’t find anywhere else.

Intelligence Studies: OSINT

The U.S. Naval War College OSINT Compilation is a collection of scholarly, government, and industry publications about intelligence and open-source intelligence training. It’s compiled to provide analysts background and a primer for research.

When doing OSINT research, it can be easy to lose sight of the forest for the trees. This guide discusses how OSINT relates to the intelligence cycle and provides links to authoritative resources. It is helpful as a study guide, for background and finding resources to include in reports.

Exposing the Invisible

Expose the Invisible by Tactical Tech is an open educational project teaching investigative journalism techniques. Rather than tools, this resource focuses on frameworks. Guides, videos, interviews, and case studies break down how professional investigators find and verify information.

The OSINT lessons will guide you in developing your own investigation workflow. “The Kit” covers basics such as geolocation, data parsing and source attribution, as well as ethics and safety. Helpful for those looking to build repeatable investigative workflows beyond singular tools.

OSINT Dojo

OSINT Dojo is a free and open-source practical OSINT training platform. It offers learners hands-on OSINT scenarios, teaching you how to use OSINT during investigations. Each scenario has objectives and clearly defined skill levels that you work through.

Because with OSINT, practice makes perfect. You work through challenges, take notes on your findings, and go through the entire investigative lifecycle, properly learning how to research, analyze, and report.

Google News Initiative: Develop your digital reporting skills

The Google News Initiative has a variety of courses and lessons designed to help journalists discover, verify, and understand digital information. These range from how to use Google Search, Maps, Trends and datasets as investigatory tools.

It’s a great way to learn some hands-on OSINT skills for verification. From learning how to do a reverse image search to understanding trends and how to use data, there are plenty of lessons that can help you out with collecting and verifying information.

Training and learning resources

OSINT Curious

OSINT Curious breaks down open source intelligence with community contributed tools, workflows used in real investigations, and case-based articles presented through blogs, videos, and social media. While this project ended in 2023, the website content and videos remain as a resource for OSINT professionals.

SANS Free OSINT Resources

The SANS Institute provides a curated list of free OSINT tools, guides, and training from fellow cybersecurity and intelligence practitioners. The collection aims to show you what type of sensitive information can be found using just public sources and the tools that make finding this information easier. There are several tools featured that can help you learn techniques and gain a better awareness of how to gather information and find exposures.

Aware Online OSINT Tools

Aware Online’s OSINT Tools is a free collection of links and tools designed to enable investigators to search and analyze publicly available information in less time. It includes both custom-built OSINT scripts as well as links to other OSINT tools. They’re organized by category, so investigators can quickly narrow their search to the specific type of investigation they’re conducting.

Forensic OSINT Newsletter

The Forensic OSINT newsletter, “The Friday 5,” is a compilation of current tools and articles of interest to investigators, analysts, and other OSINT professionals who want to keep up with what’s new in the world of OSINT. In addition to the latest tools, this newsletter also frequently includes investigative approaches and real-world case examples.

Professional organizations for investigators

The National Council of Investigation and Security Services (NCISS)

The National Council of Investigation and Security Services (NCISS) is a nonprofit association based in the U.S. with thousands of members nationwide. NCISS is the preeminent voice at the national level for private investigators and security companies. The organization monitors and works to shape legislation and regulatory policies that affect investigators and security providers.

NCISS offers its members continuing education, training, and a nationwide network of professionals to support professional development and industry collaboration.

National Association of Legal Investigators (NALI)

The National Association of Legal Investigators (NALI) was founded back in 1967 and is one of the oldest professional organizations for legal investigators. NALI provides training seminars and networking events for investigators across the U.S. The organization is known for its Certified Legal Investigator (CLI) designation. In order to become a CLI, candidates must pass a written exam, ethical assessments, and practical exercises. CLI is considered to be the highest investigator designation available.

The Society of Professional Investigators (SPI)

The Society of Professional Investigators (SPI) is a national professional organization serving law enforcement and both private and forensic investigators. Formed in New York City in 1956, it has since grown to include investigators from all areas of the profession, including forensic accounting, computer forensic investigation, and DNA analysis.

SPI holds meetings with frequent guest speakers who are experts in their fields. There are also training events and annual meetings bringing investigators together with leaders in the profession. The organization aims to strengthen the sense of community among professionals through a forum where members can discuss cases and share information while staying on top of criminal justice and investigative practices.

Association of Certified Background Investigators (ACBI)

The Association of Certified Background Investigators (ACBI) is a nonprofit professional organization based in the United States that caters to background investigators who work in support of national security and federal clearance background investigations. ACBI aims to strengthen the integrity and effectiveness of the field by providing resources to promote professionalism, ethical standards, and collaboration among its members.

Resources available to members include training opportunities, industry knowledge and trends, as well as networking opportunities to learn new techniques and stay up-to-date on industry changes. Members also have access to job postings, forums, and professional events.

Association of Corporate Investigators (ACi)

The Association of Corporate Investigators (ACi) is an international nonprofit professional membership organization with a focus on corporate investigations. Founded and led by investigators, ACi serves the needs of professionals from the compliance, legal, human resources, audit, risk, and security functions.

The ACi Academy provides training and certifications as well as continuing education for corporate investigators. Their Certified Corporate Investigator (CCi) program provides investigators with practical methodologies and a strong ethical framework. The organization also works to help create global standards, including contributing to the development of ISO guidance for internal investigations.

North American Consumer Protection Investigator (NACPI)

North American Consumer Protection Investigators (NACPI) is a nonprofit professional association that brings together investigators and law enforcement professionals from federal, state, provincial, and local government agencies that conduct consumer protection investigations.

NACPI members benefit from an annual conference, as well as education and training opportunities related to consumer fraud investigations and litigation, as well as member forums focused on maximizing interagency cooperation. Roundtables are also provided for members to discuss active investigations and consumer issues to identify ways to better coordinate on cases that may overlap multiple jurisdictions.

ASIS International

ASIS International is one of the largest professional associations, with a global community of more than 34,000 security professionals spanning multiple industries and disciplines. Founded in 1955, ASIS serves members from more than 100 countries and thousands of member firms.

ASIS provides resources for education and training, certifications such as Certified Protection Professional (CPP), Physical Security Professional (PSP), and Professional Certified Investigator (PCI), standards and research, and events like the Global Security Exchange (GSX), one of the largest events for security professionals worldwide. The organization also publishes thought leadership through its Security Management platform.

American Academy of Forensic Sciences (AAFS)

Founded in 1948, the American Academy of Forensic Sciences (AAFS) serves the field of forensic science through education and training as well as supporting the development of standards for forensic laboratories. As a multidisciplinary organization of professionals from different forensic sciences and fields of practice, it promotes advancements in science and its application to the justice system through training, education, research, and facilitating partnerships.

AAFS supports peer-reviewed research through its primary scientific journal, the Journal of Forensic Sciences. Members can participate in training sessions and webinars, as well as attend the annual scientific conference. Its Academy Standards Board provides consensus-based standards related to forensics. AAFS also accredits forensic science education programs.

International Academy of Investigative Professionals (IAIP)

The International Academy of Investigative Professionals (IAIP) caters to current and aspiring professional investigators and security professionals. IAIP allows professionals to validate their experience and prove their competency through education and career development opportunities. The organization helps members enhance their investigative skills, learn industry standard best practices, and establish credibility with clients, employers, and attorneys.

Association of Certified Fraud Examiners (ACFE)

The Association of Certified Fraud Examiners (ACFE) is a global anti-fraud membership organization. Its stated mission is to serve as the world’s resource for fighting fraud by educating and supporting its members in their efforts to detect, investigate, and prevent fraud. ACFE is best known for its Certified Fraud Examiner (CFE) credential.

In addition to education and training, ACFE offers research and resources for anti-fraud professionals from all industries and jurisdictions. With over 95,000 members and 200 chapters internationally, members can utilize resources including professional education, events, and career resources.

High Technology Cyber Investigation Association (HTCIA)

The High Technology Cyber Investigation Association (HTCIA) is a global nonprofit organization dedicated to advancing the investigation and prevention of cybercrime and technology related crime. Established in 1986, HTCIA is considered by many to be the oldest professional association solely dedicated to high-tech and cyber investigations.

HTCIA offers training, conferences, and resources in digital forensics, cyber incident response, cryptocurrency investigations, OSINT, and more. Members span both the public and private sectors across law enforcement, government, industry, and academia. The organization holds numerous summits, seminars, and conferences each year, including its flagship International Conference.

World Association of Professional Investigators (WAPI)

Founded in 2000, the World Association of Professional Investigators (WAPI) is an international professional organization supporting investigators across the public and private sectors. It aims to give investigators a unified voice when dealing with regulatory bodies and professional organizations. WAPI promotes a strict code of ethics and professional standards, aiming to foster greater trust in the industry.

The organization provides members with opportunities to network and collaborate with their peers, exclusive discounts on training and education, and information to help them stay informed about industry trends.

International Association of Law Enforcement Intelligence Analysts (IALEIA)

IALEIA has served as the premier resource for intelligence analysts since its founding in 1981. At the time there were few resources or professional organizations specific to analysts working in criminal intelligence. With members from local to national and international agencies, along with private-sector and academia, IALEIA has the most diverse representation of intelligence analysts from all over the world with members in over 50 countries.

The organization focuses on promoting standards and recognition of the intelligence analysis profession, offering training and certification such as Criminal Intelligence Certified Analyst (CICA). With regional chapters and an annual conference, analysts have opportunities to connect with industry peers to share techniques, experience, and research. IALEIA also hosts working groups and publishes research on a variety of topics to further develop and define analytic standards and promotes the concept of intelligence-led policing.

Bringing your OSINT workflow together

OSINT investigations share one fundamental challenge: turning data into intelligence. Tools exist that aid every step along the way (discovery, collection, validation), but data correlation is typically where investigations slow down.

ShadowDragon® Horizon® makes it easier.

Forget jumping across tabs and apps. Copying data everywhere. Trying to mentally remember context. With Horizon®, collection, enrichment, and analysis happen in one workspace. Start with a single identifier (email, username, phone number) and quickly uncover a network of related individuals. Connections, activities, and risk indicators are surfaced automatically, so you waste less time trying to correlate data and focus on analyzing threats.

Horizon® can also scale with you. Whether you’re chasing a single lead or monitoring threats over time, Horizon® is built for the entire intelligence lifecycle, from triage, to investigation, to monitoring, without having to recreate your process each time. Get in touch with our team to learn how Horizon® can make your investigations more efficient and effective.

 

 

 

Frequently asked questions

Where should I start an OSINT investigation?

Begin with one anchor. Any identifier you know about the subject of your research: an email address, username, phone number, domain name, Twitter handle, real name. Pick one and expand outward with discovery tools. You want to find as many related data points as you can and start uncovering relationships. See where it leads you. But don’t try to search everything all at once. Build your starting profile so you can pivot outwards.

How do I know which OSINT tools/resources to use?

Let your use case/goals dictate your tooling. What do you hope to accomplish: fraud investigation, journalism, due diligence? What type of data are you searching for: people, companies, locations? What’s your ideal workflow: manual research, automated workflows?

Factor in your skill level and budget, too. Some tools require prior knowledge to utilize while others are pay-to-play.

Do I need to purchase OSINT tools or are free tools enough?

Free tools can work, depending on your situation. And they’ll take you farther than you think. Once you need to scale, automate workflows, reach deeper data sets or need to source information faster, that’s when you should consider paid tools.

Most analysts use a mix of free and paid tools. They just start with what’s open and integrate paid services into their workflow as needed.

What’s the difference between manual and automated OSINT tools?

Manual tools are tools that you will manually search, collect, and verify information from. Automated tools pull from various sources and run your queries across those data sets at scale. However, automation comes at the cost of accuracy. You can go fast with automated tools, but you’ll want to double up with manual analysis to verify your results.

How do OSINT tools fit together in an investigation?

Like links in a chain. You’ll start with discovery, move into enrichment, pivot to new entities, perform verification and then finish by mapping relationships or monitoring for new activity. An OSINT workflow ties all of these steps together, and the tools you use will fill each role along the way.