When we search for information on the Internet we almost always use search engine tools such as Google which presents the general results. But what if we want more specific information such as files that are in PDF format or only email addresses? That is where open source intelligence tools (OSINT) come into play. We can use free OSINT tools to gather and correlate specific data information for further analysis. OSINT tools assists us in collecting specific data that Google does not find. Most importantly these tools can provide even better results when used together.

Learning Curve for OSINT

There is a definite learning curve to use many of these investigative OSINT tools. A few of the OSINT tools can only be used with the LINUX platform while others can be used with Windows and the MAC operating systems. So, for newbies, we highly recommended that you use tutorials, books, and even online courses to better learn to use these tools effectively. Other considerations are that some intelligence tools can only be used by certified security personnel even though they are free open source software. However, some OSINT tools are websites that are easily used. Since there are many OSINT tools, we are going to present the top 10 most popular intelligence collecting software from public sources.

Top 10 Most Popular Open Source Intelligence Collecting Tools

Most of us have not heard about the these investigative OSINT tools but in the wrong hands such as hackers they can bring down entire corporate and government websites. However, these tools can be used collaboratively to obtain collaboration solutions. With that in mind, let’s begin our OSINT tools’ examination:

1. Paterva’s Maltego

Here is one powerful collector of interfaces to various OSINT databases. Maltego scans a target’s website to connect the web information to various databases or “transform.” This tool also displays graphical output to permit the user to draw connects as well. For example, with Maltego you can obtain employee email addresses and then connect them to a database of emails that have been involved in a security data breach. As a result, Maltego can be used to increase security and remove those email addresses or it can be used to exploit the email addresses by hackers to obtain employee passwords.



Maltego is written in Java and is prepackaged in Kali Linux. To use Maltego a free registration is required. Then users can transform to their heart’s content to obtain private data intelligence.

2. Shodan

This OSINT provides information about devices connected to your internet including the IOT devices. Shodan’s results are presented in a format for security professionals. As a certified information security professional you can access the network’s assets such as laptops, webcams, and traffic signals. Incidently, this OSINT is nicknamed the hackers’ search engine.

3. Google Dorks

Google dorks provides additional specific information from extra operators. These are: 

  • Intitle – looks for the mentions words in the title
  • Inurl – looks for mentions words in the URL 
  • Filetype – This feature finds file types 
  • Ext – It identifies file with specific extensions. Use this to find log files which are not indexed 
  • Intext – This searches for specific text on a page

4. The Harvestor

This tool is great for getting email and DNS information. It is also part of Linux’s Kali build. 

5. Metagoofil

And yet another Kali Linux bundle that gathers meta data of public documents. Features include: 

  • document type
  • extraction of metadata
  • local download
  • reporting of results

6. Recong-ng

This Kali Linux tool creates workspaces in which modules are used to extract data from the domain. Modules include bing_domain_web and google_site_web.Another module permits researchers to obtain email addresses

7. Check Usernames

If you need to find a particular username from over 150 social media websites, you can click on www.checkusernames.com. Additionally, you can search for more than 500 social media websites by going to www.knowem.com.

8. Tineye

Unlike the previous tools, Tineye intelligently searches for images on the web. Specifically, Tineye uses neural networks, machine learning, and pattern recognition to get results. As a result, instead of keyword searching, it uses: 

  • image matching
  • watermark identification
  • signature matching

9. Sourcecode

Contrary to goggle’s search capability, sourcecode searches several code databases for just about any type of code written in just about any programming language. We typed in a random code from the Java snipet at sourcecode.com and watched the amazing results.

10. Recorded Future

This OSINT tool represents a paradigm shift in data analytics. Recorded future uses an AI based technology to search the Internet,the open, the dark web, and OSINT databases for real-time updates and analysis of threat intelligence.

1 COMMENT

  1. I read the whole post and got you to have the talent to explain the matter in very simple wordings. I am a huge follower of this blogging website because I have learned a lot from here. Thanks for sharing such a wonderful post with us.

LEAVE A REPLY

Please enter your comment!
Please enter your name here