OSINT is a technique that gathers information about a target that is publicly available and accessible to anyone that is willing to look. The information is often gathered, analysed, and filtered to allow the researcher actionable information about the target which can then be used for malicious purposes.
Targets can be anything that the researcher wants to gather information about, if an attacker wants to gather information about a business they may target the employees and business to see what information is available.
Companies often have information freely available on their company websites that leave clues such as about us pages or contact pages. Researchers can then head over to so social media and search for potential employees celebrating promotions, new positions, or work achievements. This provides them with a name, this information can now be combined to find an active email address at the target company.
Once a user is confirmed the researcher can now investigate if the user has been involved in any data breaches that has exposed sensitive information. This information can be used to tailor targeted phishing emails or worst case scenario an active password.
I want to introduce you to a researcher called Troy Hunt, he runs a site called haveibeenpwned.com I will provide quote from his site that explains perfectly the aims of haveibeenpwned.
Troy Hunt
I built HIBP as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach. I wanted to keep it dead simple to use and easily accessible to ensure it could be of maximum benefit to the community.
Given the potentially sensitive information the website provides a process to see what type of information has been breached relating to an email address without sharing it with people that do not have access to an email address. This will be a guide on how you can check your own information:
