🕵️OSINT

OSINT gathering usually starts with a review of the target's official online presence (website, blogs, social-media pages, and third-party data repositories such as public financial records). Information of interest includes the following:

• Geographical locations of offices, especially remote or satellite offices that share corporate information but may lack stringent security controls.

• An overview of the parent company and any subsidiary companies, especially any new companies acquired by mergers or acquisitions (these companies are frequently not as secure as the parent company).

• Employee names and contact information, especially names, e-mail addresses, and phone numbers.

• Clues about the corporate culture and language; this will facilitate social engineering attacks.

• Business partners or vendors that may connect into the target's network.

• Technologies in use. For example, if the target issues a press release about adopting new devices or software, the attacker will review the vendor's website for bug reports, known or suspected vulnerabilities, and details that could be used to facilitate various attacks.