The main aim of writing this blog is to making people familiar with active and passive OSINT.
Before we start learning about real life use cases of OSINT in cybersecurity. It’s important to first learn about Active and Passive OSINT.
The OSINT Approaches
Generally we consider two types of approaches, that are Active and Passive OSINT. This classification has been on the basis of how we collect the data in both the approaches.
Passive OSINT -
Here, we collective the information from passive sources i.e without doing any interaction with your target. The main motive of using this approach is that your victim should be having any idea that you are gathering information about them. Here, we even don’t even use sock puppet accounts for interaction.
A passive approach mainly incudes the following -
Searching the target’s username using username check which don’t notify the victim
Using tools which use sources where the user doesn’t receives any notification or update
Searching target’s data in data leaks
Exploring the victim profile but without interaction
Note - These are the common techniques but passive approach is not limited to just these techniques.
Active OSINT -
Here, we collect information from all sources, it doesn’t matter if we interact with the target or not. The main motive of this approach is gathering as much information as we can, doesn’t matter which sources and techniques, just stay in legal boundaries and follow the ethics.
Here, we can also use sock puppets to interact with the target, we can also use soical engineering techniques too. But always. keep your safety and security in mind while following this approach too.
A active approach mainly includes the following -
- Connecting to your target on social media websites
- Talking to them via sock puppet accounts
- using any tool which have chances of notifying the target
- Using automation tools for scrapping
Note - Again, these are just commonly used techniques and Active OSINT is not just limited to these technniques.
When to Use What?
Now, many of you may be having this doubt, that how do we came to know if we shall use Active OSINT Or Passive OSINT?
The answer is pretty simple, if its ok for your or your client if the target came to know that someone is doing investigation about them, then you should follow Active OSINT. But, if it’s not ok for you or your client to notify the target, then you shall follow Passive OSINT. Now, Let’s understand this with a real life example.
If I would have been investigation about a scammer, cybercriminals, i would be using Passive OSINT as i never want that he should came to know that i am investigating about him/her.
Similarly, if i would have been investigating about a company on behalf of their higher officials as a part of Pentesting or any cybersecurity actiivity, i would be using Active OSINT as my client wouldn’t be having any issues in this in most of the cases.
Now, many of you may be having a doubt in mind, why do we need this approaches ?
The answer to this is, sometime what happens is if we are doing investigation about someone, and if he would get any alert that someone is investigating about him, he would surely be trying to delete, hide or manipulate the information and in order to avoid this situation, we should always pay attention to what approach we shall use in the process.
That’s it for today. Tomorrow, we will be learning about use cases of OSINT in real life along with examples.
If i missed something, let me know, so we can cover that topic or point in upcoming blogs.
Thanks for reading this blog.
Follow out amazing writer Dheeraj Yadav on Twitter.
Don’t forgot to follow @OSINTAmbition on Twitter for staying ahead and updated in the OSINT community.