The Braindump Blog

The 'OSINT Techniques' book is surely the bible for all things Open Source Intelligence

· Braindump

📚 Finished reading OSINT Techniques: Resources for Uncovering Online Information by Michael Bazzell and Jason Edison.

This is surely the absolute bible of approaches and methods for anyone interested in pursuing the art and science of Open Source Intelligence, aka OSINT, as a hobby or a career, written by a true expert in the field. Note that it’s very much a “how to do” rather than “interesting stories about” type of manual, although a few short case summarise are presented as examples.

I think I read somewhere that some university courses on the topic use it as a textbook, and I can see why. It’s not necessarily the cheapest book to purchase but if you’ve an interest in the topic then reading its nearly 600 pages has got to be worth it.

Part of the book is all about setting your computer environment as a virtual environment perfect for safe and effective OSINT work. This involves running a virtual Linux machine.

Once you’ve got that up and running, there are countless OSINT-adjacent tools he advises how to install and use. It must be said that, if you want to follow this section, a certain amount of nerd computer skill (or willingness to learn) is going to be useful. The author advises against blindly copying and pasting the commands he suggests - which is anyway necessary, because so many of these tools are updated, changed, or deleted every day, as do the information sources some of them rely on. Even with some experience of the technologies involved it took me some time to figure out what to change to get everything installed.

But it was all perfectly doable. And once you’ve done that, well, you presumably have a good amount of the preparation you need to succeed done - and possibly improved your computer skills in general. Which is important because tomorrow new tools will appear, old tools will stop working, new data will surface, old data will become more restricted. It is an ever-evolving field to say the least

Some of the data sources it mentions are a bit US focussed, especially perhaps the people search sites. I’m guessing that’s a mix of that’s where the author lives mixed with the fact the USA has fewer data protections than my own country, so there’s more supposedly “legitimate” data floating about breaching each citizen’s privacy. But we live in a global online world - after all, we all use the same social networks for better or worse - so there’s more than enough to get on with no matter where you live or where you’re investigating.

And besides, part of the point of the book is to make you self-sufficient, to teach you the flexible skills you need to work with tools and data far beyond the many presented directly in the book.

It also became quickly apparent to me that even performing a pale imitation of the sort of rigorous investigations the author’s company conducts is at least a full-time job. But even for those of us that who are not in a position to follow that route there’s a lot of good stuff to learn here. In terms of how to approach the more minor investigations that you might like to pursue (or even how much interest you have in the field itself). And also, conversely, how much data there probably is floating around about you - unless you have gone extremely out of your way to protect yourself (he also sells a book about “extreme privacy").

In fact, why not use yourself as a consenting first OSINT test subject? The results may not please you.

Buying the book also gives you access to some special tools and scripts he developed to make your life easier. The author’s website actually has a ton of great content and tools available for free that you can use directly for your investigations or at least take a look at to get to see if this book feels right for you. I can’t imagine a better intro to the actual practice of the topic than this book though - as long as its length and detail doesn’t prove too intimidating to you. But “detail” is surely the name of the game in OSINT work.

Glancing over the section names included in the book might provide some insight as to what’s included:

  • OSINT Virtual Machines - as in, setting up your computer for success.
  • OSINT Resources & Techniques - a vast, vast number of resources and suggestions including about:
    • Search Engines
    • Facebook
    • X (Twitter)
    • Instagram
    • TikTok
    • Online Communities (outside of mainstream social networks)
    • Email Addresses
    • Usernames
    • People Search Engines
    • Telephone Numbers
    • Online Maps
    • Documents
    • Images
    • Videos
    • Broadcast Streams
    • Domain Names
    • IP Addresses
    • Government & Business Records
    • Virtual Currencies
  • Leaks, Breaches, Logs, & Ransomware - slightly more controversial topics I assume, but where to obtain them, how to process them, how to ensure your use is ethical. A particularly terrifying section from the point of view of privacy.
  • OSINT Methodology - how to approach and document an investigation, policies to set, that kind of thing.

100% recommended for anyone interested in the practical side of the OSINT field.

A book cover titled OSINT Techniques: Resources for Uncovering Online Information features redacted text bars and a minimalist black and white design.