OSINT / OPSec: First Lessons (My Way)

Hi there, and welcome to a little introduction into OSINT and OPSec. First off, how would we define the two?

OSINT is

O pen S ource INT elligence

and OPSec is

Op erational S ecurity

Pretty easy so far, right? (Btw, this is my first ever blog post like this, please give me some feedback!) However, they’re very important to you, your privacy, and your rights. Why you may ask, well that’s a damn good question! Let me tell you why. To begin, OSINT is used by military and government, cyber security enthusiasts, professionals, and even amateurs alike. There are many tools out there that allow people to use the public information provided by yourself on the internet to compile the data together and use it for what they will, albeit legal, or illegal purposes. One of these great tools (or terrible depending on perspective), would be the OSINT Framework. You see, something like this is both free, and available to the public. With the right mindset, and know how, and you could compromise someone’s data. This affects anyone, and everyone using the internet. So how do you protect yourself? Yet another great question! There are several ways to protect yourself.

  • Start with not putting the information there to begin with.

Don’t list every possible detail on your Facebook, Instagram and Twitter account. All of this altogether should be disposed of, as they collect and abuse your personal data anyhow.

  • Don’t click dodgy links.

This one should be a no-brainer but I often have to remind, even the most educated members of the internet to NOT click an obvious ip logger, even for shits and giggles, because you’re taking the obvious bait on the hook. Don’t be a sitting fish!

  • Do what many call an “Anti-Dox”

Try to dox yourself, and find your personal information, request to remove it, and fix your accounts. Set them to private and DELETE THE EVIDENCE. It’s also good to check the Wayback Machine, an internet archive.

  • Finally, common sense goes a long way. That will protect you better than most options. If you think of the information you’re putting online, and really consider the consequences, you will at least be making an informed decision. Which is better than a hasty, or impulse decision.

Next lesson will be more in detail about opsec. Be sure to check out other threads and feel free to ask questions down below!

4 Likes

This is really nice. Thank you for this!

1 Like

Thanks for the post!

1 Like

Great post informative and enjoyable. Love that ‘how to protect yourself’ section.

1 Like

Just to add in, skiptracer on github is a good way to search for info that may be behind paywalls. Its all scraped info, so hard to tell how up-to-date it is, but a solid tool regardless. I’ll edit my post later to include a link to the tool, on mobile now.

If you do find your info on certain sites you can usually have it removed, but keep in mind it was likely cached on search engines so firing off a removal request won’t entirely be sufficient.

-person who dealt with stalker

1 Like

Nice to read. Have maybe also some useful things to add to the “Anti-Dox” part.

To dox yourself and your former usernames etc, i can suggest to use Sherlock.


This will scrape through several different “social” platforms and find results with ur requested name.

I’m also a friend of creating false paths with fake accounts on platforms with completely random information. With some work u can create a non existing “online living” person. Something like a network of profiles which refer to each other.

3 Likes