What is OSINT?
In a nutshell, OSINT (Open Source Intelligence) is collection and analyzing information that is gathered from public or open sources. These open sources can be something as simple a Google search or searching through social media such as Facebook or Linkedin. You will be AMAZED on how much data there is flowing out there freely (or cheaply) you can gather on individuals or companies. Most targeted (or semi-targeted) attacks start with some type of OSINT data gathering.
What is the OSINT Framework?
The OSINT Framework is collection of OSINT tools displayed in very organized topic based tree. This organization of intel sources make it an amazing tool when you start your recon on a target. Personally I have a hard time keeping all my OSINT resources organized and knowing when to branch out from my favorites. For me, that is where OSINT Framework proves its place in my toolkit. As you you go through and gather more and more information, new avenues of OSINT tools become available and are quickly laid out as options.
I also like to use this tool when talking about the importance of controlling your digital footprint as a company and individual. Pulling up the OSINT Framework webpage and doing a quick recon on a company drives my points home better than any statistic I can show. In my presentations, I never ever use someone from the room. I used to pick people to use as live examples, but that ended badly with extremely private information exposed for my volunteer.
Where can I find the OSINT Framwork?