Hi everyone. Let's walk through on the active and passive OSINT technique.
Active open-source collection involves engagement, and for certain organizations or individuals, it might be viewed as an undercover operation. Examples of active OSINT are website scanning and creating connection with target's social media profile using fake social media account.
The term "passive open-source collection" refers to acquiring information on a target using publicly available data. Passive indicates there will be no online communication or engagement with the target, including commenting, messaging, befriending or following. Examples of passive OSINT are looking up target's historical website using Wayback Machine and looking up for target's office phone number at public website.
Each OSINT approach poses risks such as:
- Getting detected: This is the most typical risk, as conducting an OSINT probe may reveal your identity as the one seeking for the material.
- Loss of access to information: Being detected may result in you losing access to information since it may lead to the safeguarding of publicly available information or the concealment of trails.
- The hunter becomes the hunted: If your cover is compromised, you may become the subject of an investigation or espionage.
I will explain on example of OSINT tools on the next blog post. Stay tuned :-)
Thanks for sharing
ReplyDelete