Skip to content

Ethical Hacker and Cyber Security study notes on OSINT

Antonio Feijao study's notes for the Master Ethical Hacking and Cyber Security course - OSINT.


This page and the studies - Working in Progress (WIP)

OSINT - Open-Source Intelligence

Notes from the course OSINT -

by TCM Security,,,

Topics in this course

  • OSINT overview
  • Note keeping
  • Sock Puppets
  • Image and Location OSINT
  • Email OSINT
  • Password OSINT
  • Username OSINT
  • People OSINT
  • Social Media OSINT
  • Website OSINT
  • Business OSINT
  • Wireless OSINT
  • Linux / Lab Building
  • Working with Tools
  • OSINT Automation
  • Course Challenge
  • Reporting Writing

Course Discord

The Cyber Mentor, ACADEMY-PRIVATE-xxxxx

Important Disclaimer

All knowledge to be use at your own responsibility ...

What is OSINT

Open-source intelligence is a multi-methods methodology for collecting, analysing and making decisions about data accessible in publicly available sources to be used in an intelligence context.

In the intelligence community, the term "open" refers to overt, publicly available sources.

  • Intelligence Life-cycle
  • Planning and direction >>
  • Collection >>
  • Processing and Exploitation >>
  • Analysis and Production >>
  • Dissemination and Integration >> Planning and direction (..>>...)

Taking effective notes

.... multiple option for Windows, Linux and Mac... I am happy with notes on this post :)

Sock Puppets

Online face account or identity, sample a fake twitter account...

Should never tie back to you, to your IP...

Your "sock puppets" account should look "real", stories and posts...

... same blog post at

The Art Of The Sock -

Twitter -

Reddit - My process for setting up anonymous sockpuppet accounts -

Mint Mobile SIM cards

Fake Name Generator -

This Person Does not Exist - (refresh the page to see different machine generated fake people photos)

Create virtual credit cards at for payments... - - *Referral link. We (TheCyberMentor) each get $5 credit on sign up.

VPNs do not always work... or.. think of a VPN with a location/city of where you are adding as your "fake" address.

Search Engine Operators OSINT

Some search Engines

Advanced Search

Antonio Feijao AND "Ethical Hacker"

Antonio OR Feijao

Antonio * study password filetyppe:docx pwd filetyppe:xlsx

"" filetyppe:xlsx password -www -forums <--- way to find other sub-domains

antonio feijao -brasil

"antonio feijao" intext:password

"Antonio Feijao" inurl:post

Google Advanced Search - ← "it does it for you"

Google Search Guide -

Reverse Image Searching

  • Search engines

Google Image Search - ... after the results, you can still use the advanced filters

Yandex - ... very good to find similar pictures...

TinEye - ...

  • Viewing EXIF Data

Exchange Image File

Jeffrey's Image Metadata Viewer -

Date, Time, GPS data...

  • Physical Location OSINT

Google maps satellite view ... how do we get access to XXX...

Check the paths... routes?... security guards... visitor parking?.. street view?... any door, any badge reader?.. smoke area (social engineer?)

How to people dress.. are there security guards?

  • Identifying Geographical Locations