Resources to Get Started in OSINT

How should you get started with Open Source Intelligence? Where should you go to learn more about it? There are so many places to learn that it can be difficult to even think about where to go or what you should do.

⚔️ Core Concepts

• Search smarter, not harder
• Follow digital breadcrumbs
• Never underestimate what someone posts publicly
• OSINT is legal… but not always ethical — know your boundaries

🛠️ Tools to Learn First

• Google Dorking – Search like a beast
  https://www.exploit-db.com/google-hacking-database

• Wayback Machine – See deleted websites
  https://archive.org/web/

• Shodan – Scan the internet for exposed devices
  https://www.shodan.io/

• DNSDumpster – Free domain recon
  https://dnsdumpster.com/

• ExifTool – Metadata from photos
  https://exiftool.org/

• Maltego (Community Edition) – Visualize connections
  https://www.maltego.com/downloads/

• Spiderfoot (Free) – Automated recon framework
  https://www.spiderfoot.net/

• OSINT Framework – Massive index of tools
  https://osintframework.com/

📚 Must-Read OSINT Resources

• Bellingcat’s OSINT Guides – Real-world, journalist-grade techniques
  https://www.bellingcat.com/resources/

• Bellingcat’s Online Investigations Toolkit – Bellingcat Made a Toolkit for doing OSINT Investigations https://www.bellingcat.com/resources/2024/09/24/bellingcat-online-investigations-toolkit/

• Trace Labs CTFs – Help find missing people while practicing OSINT
  https://www.tracelabs.org/

• Hunchly’s Blog – Killer write-ups, especially on investigations
  https://www.hunch.ly/blog/

• Sector035’s Week in OSINT – Weekly roundup of cool tools and techniques
  https://sector035.nl/

• Michael Bazzell’s Intel Techniques – Deep OSINT methodology
  https://inteltechniques.com/blog/

• Open Source Intelligence Training (YouTube playlist)
  https://www.youtube.com/playlist?list=PLBf0hzazHTGMocnln6r7GxNg1nz3JrD07

👣 Where to Practice

• Investigate usernames on sites like
  https://whatsmyname.app/

• Awesome-OSINT has an awesome link repo on GitHub for Open Source Intelligence - https://github.com/jivoi/awesome-osint

• Dig into email leaks:
  https://haveibeenpwned.com/

• Try OSINT quizzes or CTFs:
  https://quiztime.org/
  https://osintdojo.com/

• Practice investigations:
  https://start.me/p/DPYpmQ/the-osint-startme (bookmark this beast)