OSINT Index

Purpose

This index is the root entry point for the OSINT branch of the cybersecurity vault.

Use it to: - collect and evaluate publicly available information - separate source discovery from active recon - build evidence-backed target, company, asset, and people context - support attack-surface mapping, scope validation, privacy thinking, and reporting

Use Reference Registry — OSINT as the source of truth for references in this branch. Return to Cybersecurity Index for root navigation across branches.

Before this branch: - Foundations (Phase 0).

Recommended learning order

Phase 1 — Core model

Phase 2 — Search and public web

Phase 3 — People, accounts, and public identity

Phase 4 — Organization and exposure context

Core OSINT Cluster

Foundations

Search and public web

People and identity context

Company and exposure context

Cross-links to other branches

Offensive / recon

Attack surface mapping

Web and API security

Suggested future notes

historical-internet-artifacts
public-document-metadata
github-osint
username-enumeration
map-and-satellite-osint
domain-registration-osint
osint-opsec
source-reliability-grading

Possible future playbooks

build-osint-case-file
triage-public-leak-exposure
map-company-public-footprint
verify-image-location

Branch maintenance notes

Keep OSINT notes focused on public-source collection, reliability, ethics, evidence handling, and reporting.
Keep active probing in index and vulnerability testing in Web/API/Security Playbooks.
Treat people-focused OSINT with extra care: minimize collection, avoid harassment, and prefer defensive or authorized contexts.
Use unresolved wikilinks for future atomic notes so Obsidian can track the branch expansion.

References

Foundational: OSINT Framework — https://osintframework.com/
Foundational: Bellingcat Online Investigation Toolkit — https://bellingcat.gitbook.io/toolkit
Foundational: Google Search Help: refine searches — https://support.google.com/websearch/answer/2466433/refine-web-searches

Reference system