OSINT Index
Purpose
This index is the root entry point for the OSINT branch of the cybersecurity atlas.
Use it to: - collect and evaluate publicly available information - separate source discovery from active recon - build evidence-backed target, company, asset, and people context - support attack-surface mapping, scope validation, privacy thinking, and reporting
Use Reference Registry — OSINT as the source of truth for references in this branch. Return to Cybersecurity Index for root navigation across branches.
Before this branch: - Foundations (Phase 0).
Recommended learning order
Phase 1 — Core model
Phase 2 — Search and public web
Phase 3 — People, accounts, and public identity
Phase 4 — Organization and exposure context
Core OSINT Cluster
Foundations
Search and public web
People and identity context
Company and exposure context
Cross-links to other branches
Offensive / recon
Attack surface mapping
Web and API security
Suggested future notes
- historical-internet-artifacts
- public-document-metadata
- github-osint
- username-enumeration
- map-and-satellite-osint
- domain-registration-osint
- osint-opsec
- source-reliability-grading
Possible future playbooks
- build-osint-case-file
- triage-public-leak-exposure
- map-company-public-footprint
- verify-image-location
Branch maintenance notes
- Keep OSINT notes focused on public-source collection, reliability, ethics, evidence handling, and reporting.
- Keep active probing in index and vulnerability testing in Web/API/Security Playbooks.
- Treat people-focused OSINT with extra care: minimize collection, avoid harassment, and prefer defensive or authorized contexts.
- Use unresolved wikilinks for future atomic notes so Obsidian can track the branch expansion.
References
- Foundational: OSINT Framework — https://osintframework.com/
- Foundational: Bellingcat Online Investigation Toolkit — https://bellingcat.gitbook.io/toolkit
- Foundational: Google Search Help: refine searches — https://support.google.com/websearch/answer/2466433/refine-web-searches