Skip to Content
OSINTCommon OSINT Source Categories

Common OSINT Source Categories

checklist

Core idea

A catalogue of publicly available source types an investigator can draw on when identifying where relevant information may live.

Components

  • Social media
  • Domain WHOIS
  • Certificate logs
  • Leaked databases
  • Court filings
  • Blockchain explorers
  • GitHub
  • Wayback Machine
  • Shodan
  • EXIF metadata
  • DNS records
  • Forum posts

When to use

During the “identify sources” stage of an investigation, to ensure no obvious category of public data is overlooked.

Example

When mapping a subject, checking domain WHOIS and certificate logs for infrastructure, GitHub for code, and blockchain explorers for on-chain activity.

The OSINT Lifecycle, What OSINT Is, Google Dorking Operators for Investigators

Last updated on