Knowledge_Node

What is OSINT.

OSINT means Open Source Intelligence: the collection, validation and correlation of information available from open sources. It is not just "searching on Google", but turning scattered signals into useful, actionable intelligence.

Sources DNS, certificates, social platforms, data leaks, documents, public registries and metadata.

Goal Understand what an attacker can see before the first move is made.

Output Evidence, priorities, risk explanation and concrete action lines.

Use_Cases

Why it matters

OSINT helps identify exposure, impersonation, abusive domains, accidentally published data, compromised accounts and early signals that often precede phishing or brand abuse. It is especially valuable when risk must be assessed from the outside, without touching the client infrastructure.

Brand

Identity exposure

Accounts, names, lookalike domains and content that could enable impersonation or spear phishing.

Leaks

Data spill

Credentials, documents, repositories or datasets left visible beyond the expected perimeter.

Signals

Threat context

External signals that help read attack trends, targeting patterns and likelihood of abuse.

Source_Families

Source families

Technical footprint Domains, subdomains, DNS records, ASNs, certificates, hosts, ports and web stack visible from outside.

Human footprint Public profiles, exposed org charts, sensitive roles, email naming conventions and shared team content.

Document footprint PDFs, decks, metadata, attachments, job posts and materials that reveal structure or internal processes.