loading
Loading content
loading
Also known as Open Source Intelligence
Open source intelligence (OSINT) draws on data that anyone can access without breaking in. Sources include DNS and WHOIS records, certificate transparency logs, public code repositories, job postings, employee profiles, leaked credential dumps, and search-engine results. An analyst correlates these fragments into a picture of a target's technology, people, and exposure.
OSINT matters in offensive work because it builds the map before anyone touches the target. A penetration tester profiles the organization, finds the cloud provider from a DNS record, spots an internal hostname in a public GitHub commit, and identifies likely usernames from email patterns. None of that generates traffic against the target, so it stays quiet during the recon phase.
OSINT feeds the broader recon effort and overlaps with techniques like subdomain enumeration and google dorking. Pulling metadata analysis from published documents often reveals usernames, software versions, and internal paths.
In Trickest you wire OSINT sources into a single workflow that queries each one, deduplicates the results, and outputs a structured dataset, so the legwork that usually means juggling a dozen tools by hand runs in one pass.
Related terms