Laptop and screens showing code and data

Home / IT Security / OSINT

What the internet already knows about you.

Digital footprint, attack surface, credential exposure and investigative due diligence — collected lawfully, through the intelligence cycle.

What OSINT is

Open-source intelligence is collection and analysis of publicly available information. Nothing more exotic than that.

The discipline is not access — it is method. Anyone can search. The value is in scoping the question correctly, collecting systematically, discarding what does not bear on the question, and producing an assessment somebody can act on with a stated level of confidence.

We operate strictly within the law and within the terms of the sources we use. We do not access systems without authorization, we do not use pretexting against your staff without a written engagement, and we will decline work that requires either.


The intelligence cycle

The method every credible intelligence function uses.

01

Direction

Agree the question. A collection effort without a decision behind it produces trivia.

02

Collection

Systematic gathering from public sources, with provenance recorded for every item.

03

Processing

Normalize, deduplicate, translate, and structure so the material is analyzable.

04

Analysis

Corroborate, weigh source reliability, and reach a judgement with a stated confidence level.

05

Dissemination

A written product aimed at the decision, followed by feedback that re-scopes the next cycle.

Scope of work

What we are engaged to find.

  • Digital footprint — domains, subdomains, IP ranges, certificates, exposed services
  • Attack surface discovery — internet-facing assets, misconfigurations, forgotten infrastructure, shadow IT
  • Credential & breach exposure — leaked credentials tied to your domains and staff, paste sites, dark-web monitoring
  • Metadata leakage — what your published documents and job adverts reveal about internal systems
  • Threat intelligence — actor tracking, infrastructure pivoting, indicator development
  • Investigative due diligence — entity and individual research supporting KYC and enhanced due diligence
  • Brand protection — impersonation, typosquatting, fraudulent domains
  • Executive exposure — what is publicly discoverable about key personnel
Method & limits

How we work, and what we will not do.

Intelligence cycleMITRE ATT&CK — Reconnaissance (TA0043)Source provenance recordedConfidence levels statedLawful collection onlyNo unauthorized accessWritten scope required

Do you know what is publicly exposed about your company right now?

Almost nobody does. A footprint assessment is the usual starting point — tell us your domains.

Contact us
Response
Within one business day
Engagement
Project, managed retainer, or advisory