OSINT Protips
Collection of useful OSINT tips and tricks.
​#OSINTProtipIf you follow my Twitter (@ohshint_), you may have noticed that recently have been going on a tweeting spree providing useful OSINT tips and tricks using the hashtag #OSINTProtip.
For those who don't use and/or don't care about Twitter, you can view all of these pro-tips on this page. I will be updating this page whenever I post a new OSINT pro-tip.

OSINT Protip 1

Posted on 4/11/2021 at 11:17 PM.
​#OSINT Protip:
You can easily download any Google document for offline use by simply editing its URL. Example (Using @bellingcat's Online Investigation Toolkit): https://docs.google.com/spreadsheets/d/18rtqh8EG2q1xBo2cLNyhIDuK9jrPGwYr9DI2UncoqJQ/export?format=xlsx​
Just add /export?format=<file type> to the document's URL!
/spreadsheets/d/<document ID>/export?format=<file type> and/or /document/d/<document ID>/export?format=<file type>
Export spreadsheets in pdf or xlsx format. Export documents in pdf, docx, epub, txt, md, and more!

OSINT Protip 2

Posted on 6/11/2021 at 3:42 PM.
​#OSINT Protip 2:
You can view and download an #Instagram post in full resolution by simply adding "/media/?size=l" to the post URL.
You can also use "?size=m", if you want a smaller resolution.

OSINT Protip 3

Posted on 8/11/2021 at 3:18 AM.
​#OSINT Protip 3:
There are archives of Chrome, Firefox and Edge browser extensions that allow you to download older versions, view history, see developer information and other metadata.
Here is another useful archive of #Firefox add-ons:
This is a tool for downloading and extracting the source code from a .crx file:
These archives can be very useful when researching and discovering malicious activity!

OSINT Protip 4

Posted on 8/11/2021 at 10:59 PM.
​#OSINT Protip 4:
Get yourself a library card (Register with fake information, if possible).
Many times local libraries offer free access to large datasets such as immigration records, ancestry data, newspaper archives, current and historical maps, and much more.

OSINT Protip 5

Posted on 10/11/2021 at 12:29 PM.
​#OSINT Protip 5:
Use 3rd party viewers to browse Instagram profiles without having to use a sock-puppet account.
Also, it's worth noting that sometimes these pages have been archived on the Wayback Machine and archive.today.
So it's worth checking in case you encounter a private account or to see if an Instagram account has deleted some of their posts!

OSINT Protip 6

Posted on 11/10/2021 at 6:41 PM.
​#OSINT Protip 6:
Flowcharts, use them.
These will ensure that you don't potentially miss anything while investigating different platforms and subjects. Extremely useful!
Created by @sinwindie, so go give him a follow and star his GitHub: https://github.com/sinwindie/OSINT​
Attached images:
Dark web marketplace attack surface flowchart.
Instagram attack surface flowchart.
Person attack surface flowchart.
Twitter attack surface flowchart.

OSINT Protip 7

Posted on 12/11/2021 at 7:16 PM.
​#OSINT Protip 7:
Federal and local governments often offer GIS data and other data sets for free. Including interactive maps, property, environmental and infrastructure information for specific areas.
Many of them can be found here:
Here is another example of what I'm talking about here.
This is a great collection of Canadian open data portals, both federal and provincial. This site also provides some other useful non-Canadian data sets.

OSINT Protip 8

Posted on 13/11/2021 at 6:27 PM.
​#OSINT Protip 8:
OSINT is essentially an umbrella term for intelligence work. You should familiarize yourself with the common acronyms used in the in intelligence field, as you will likely encounter them in your journey. Read more here:
Attached image:
Common intelligence acronyms and their meanings.

OSINT Protip 9

Posted on 13/11/2021 at 8:19 PM.
​#OSINT Protip 9:
If you didn't know about this before, you should!
Simple way to bypass the login prompt when scrolling through an #Instagram profile.
This technique also works with #Pinterest.
Attached image:
Instagram and Pinterest login bypass trick.

OSINT Protip 10

Posted on 14/11/2021 at 5:32 PM.
​#OSINT Protip 10:
​#Gmail addresses ignore dots, but everything else usually does not. Potentially discover new information and additional leads!
Example: [email protected] and [email protected] is the same address, but they provide different results:
Attached images:
HIBP search results.
Accounts connected to each email address.

OSINT Protip 11

Posted on 18/11/2021 at 4:47 PM.
​#OSINT Protip 11:
IP addresses can sometimes be useful. Other than geolocation, you can also check to see if and what torrents have been downloaded by searching a specific IP:

OSINT Protip 12

Posted on 18/11/2021 at 9:18 PM.
​#OSINT Protip 12:
Sometimes it's needed to use foreign information services while working on a specific case. Here is a list of telephone and business directories for different parts of the world. Very useful!
Translation may be needed.

OSINT Protip 13

Posted on 19/11/2021 at 7:09 PM.
​#OSINT Protip 13:
Is #Instagram banning your sockpuppets? Use this simple trick to bypass their new "video verification" data collection scheme.
Step 2: Use your phones camera and follow Instagram's instructions.

OSINT Protip 14

Posted on 22/11/2021 at 2:16 AM.
​#OSINT Protip 14:
Books. They contain lots of information, so you should read some! Here is a list of great OSINT books:
  • Open Source Intelligence Techniques, 8th Edition by Bazzell, M.
  • US Army ATP 2-22.9.
  • The Psychology of Intelligence Analysis by Heuer, R.
If you want to read more, check out these great lists of #OSINT related books and research papers.
These are all certainly worth downloading and reading. Go get learn't!

OSINT Protip 15

Posted on 23/11/2021 at 7:32 PM.
​#OSINT Protip 15:
There are many datasets, maps and more online for many different, and very specific things. Everything from public toilets to license plates. Here are a few examples:

OSINT Protip 16

Posted on 25/11/2021 at 10:23 PM.
​#OSINT Protip 16:
You can search for amateur radio operators by callsign, name or FRN. Results can provide a person's full name, callsign, addresses and in some cases, felony records.

OSINT Protip 17

Posted on 3/12/2021 at 1:09 AM.
​#OSINT Protip 17:
When investigating footage coming out of conflict areas, it's important to identify the types of ordnance used and where it came from.
Here are a few great resources:
Being able to identify other things like firearms, ordnance, vehicles, aircraft, boats, uniforms and more is also important.
I have a large list of resources to help identify these different types of military equipment, find it here:
Attached images:
Both lethal and less-lethal weapon identification is important during conflicts and mass protests.
Images taken from https://riotid.com/.

OSINT Protip 18

Posted on 4/12/2021 at 9:45 PM.
​#OSINT Protip 18:
Online maps exist for just about anything. Locations of military bases to Orthodox churches, and everything in between.
Here's a few:
As always, I keep a list of things like this over on my blog and also on GitHub.

OSINT Protip 19

Posted on 9/12/2021 at 10:30 PM.
​#OSINT Protip 19:
The last frontier is certainly an interesting one to research! Earths orbit is a fun thing to investigate, see how polluted our orbit actually is. Check these tools out:
Check out my growing list of #OSINT resources for all things space:
Attached image:
Low Earth orbit is full of interesting things. Source: http://stuffin.space/

OSINT Protip 20

Posted on 12/12/2021 at 6:32 PM.
​#OSINT Protip 20:
There are a few databases of scammers available online. Search by email, crypto, name, etc. Some of these sites are crowd-sourced. So there is a risk of false positives.

OSINT Protip 21

Posted on 14/12/2021 at 12:04 AM.
​#OSINT Protip 21:
When searching for a person, username, email or phone number. Sometimes you can discover additional information by searching with emojis.

OSINT Protip 22

Posted on 17/12/2021 at 11:05 PM. URL: https://twitter.com/ohshint_/status/1472100597595717632​
​#OSINT Protip 22:
Email addresses are a very powerful piece of information to have.
Discover email addresses via domain:
Confirm that it belongs to your target and see what services they use:
Check for any PGP keys:
Search for any additional information via breached data:

OSINT Protip 23

Posted on 22/12/2021 at 8:31 PM. URL: https://twitter.com/ohshint_/status/1473873765800939524​
​#OSINT Protip 23:
Twitter lists are a great source of information about all kinds of different subjects bundled into one. Here are a few that I've made:
​#OSINT Protip 23:
​#OSINT Protip 23:
Some other great lists made by other Twitter users that are certainly worth following.

OSINT Protip 24

Posted on 4/1/2022 at 6:15 PM. URL: https://twitter.com/ohshint_/status/1478550818685022209​
​#OSINT Protip 24:
Newspapers, both current and historic, are very valuable sources. Marriages, events, obituaries and more can be found.
Here's a few useful sites.
Last modified 19d ago