Often when we give a tip on social media to manually download data from the internet, we get the an comment that we can also use an OSINT tool. Of course we are often aware of the lots of tools, but we think that using OSINT tools is not always the best solution. In this blog we give multiple reasons why the use of OSINT tools from third parties should be carefully considered.
Why wouldn’t you want to use tools?
Below you can read six reasons why the use of OSINT tools from third parties may be undesirable.
Reason 1: privacy risks
First, using a tool can cause you to unknowingly share data with the tool you’re using. This may not only be data about yourself or your organization, but also data about the subject you are investigating. Just as we can see with which IP address and with which web browser you are reading this blog, websites that offer tools can do that too. And in addition, administrators can often also see what kind of data you put into a tool. For example, this article by Matthias Wilson explains how the Lampyre tool may possible be connected to foreign intelligence services. The use of third party tools can cause privacy related risks.
Reason 2: targets may be notified
Secondly, using a tool can cause the subject you are investigating to inadvertently receive notifications that his or her profile is being viewed or that a password reset has been performed. If you do not understand how a tool works, it can pose a serious risk to your investigation. The target you are investigating can start to erase traces if he or she realizes that an investigations is being carried out.
Reason 3: oh no, malware!
A third risk when using third party tools is that not every tool is innocent. Similarly, you may inadvertently download malicious software if you visit an infected website or use an infected tool. For example, read this article from Avast which describes that browser extensions can also contain malware. So it’s good to check if a tool might contain malware. Can’t you do that yourself? Read reviews or consult someone who can help you further.
Reason 4: troubles in court
A fourth reason for sometimes not choosing to use a tool is that it is sometimes difficult to understand what the results of a tool are based on. If you don’t know this, it can be very difficult to justify in a courtroom where your investigative data comes from. A tool like pipl.com is a good example of a tool that is not transparent about where the data comes from. In addition, you may not be allowed to have certain data at all. Think of databases consisting breached and leaked data that you can access (sometimes after payment), as is the case with the Intelx.io website. Always comply with the laws and regulations that apply to you.
Reason 5: you don’t want to be dependant
Another reason to sometimes ignore OSINT tools is that you do not want to be dependent on the use of tools. In recent years we have seen that many tools and techniques are disappearing. This also applies to tools from third parties. If you’re not able to download a friends list yourself or manually save a video from Twitter, how well you actually understand what you’re doing? Our advice is to be able to use manual methods and techniques. In our OSINT training courses we will of course teach you how to do many things manually.
Reason 6: it’s made for other purposes
A final reason for sometimes not using tools is that some tools are not made for OSINT purposes at all. A website like namechk.com is super useful to see if a username is in use, but this website is intended to check if usernames are available and may not have all the websites you would like to search for your target on. So sometimes it might be better to do manual research, modify a tool or develop a tool yourself to make sure you get the results you want.
Why would you want to use OSINT tools?
If you have read the above, you may be wondering when you can use OSINT tools. An important reason may be that you cannot do certain things without a tool. Consider, for example, a tool that analyzes and visualizes large amounts of data, something that you would not be able to do manually (or much more difficult). Another reason is that using tools can save you a lot of time, because you don’t have to go through manual steps over and over again. Please always consider whether or not the use of a tool is desirable or not.
What if you do use a tool?
If you’ve decided to use a tool, consider the three questions below. You will see that you will often have to manually verify the data you have obtained.
Is the data I have obtained up to date?
Is the data I have obtained correct?
Is the data I have obtained complete?