Module 2 · OSINT Collection for CTI

Manish Garg
Manish Garg Associate of (ISC)² · RingSafe
Apr 22, 2026
5 min read
Read as

Last updated: April 29, 2026

Search operators, Shodan, Censys, subdomain enumeration, GitHub dorking, dark-web research, tradecraft OpSec.

Open-Source Intelligence (OSINT) is the practice of collecting information from publicly available sources — no hacking, no paid access required. For CTI analysts, it fills 60-80% of the picture at zero marginal cost. This module covers the tools, techniques, tradecraft, and operational security a researcher needs to do OSINT safely and effectively.

What OSINT covers

  • Surface web — search engines, social media, company websites, press releases
  • Technical data — DNS records, WHOIS, SSL certs, passive DNS
  • Code / infrastructure — GitHub, Docker Hub, PyPI, cloud metadata
  • Dark web / paste sites — forums, marketplaces, leaked data dumps
  • Archive / historical — Wayback Machine, archive.today, cached versions
  • Adjacent data — business records, court filings, regulatory disclosures
Want this for your team?

Custom team training + practitioner advisory

Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.

Book team training call Replies in 4 working hrs · India-only · Senior consultants
← Previous · Module 1
Module 1 · Cyber Threat Intelligence Fundamentals
← Back to Academy Hub
Continue Learning

Other modules in this track

View all modules
Academy
Module 1 · Beginner

Four levels of intelligence, the intelligence cycle, sources, attribution, Diamond Model, and metrics that track real…

Apr 22, 2026 · 4 min read
Academy
Module 3 · Intermediate

Bianco's Pyramid of Pain, IOC lifecycle, 90-day rule, TTP-focused detection priorities.

Apr 22, 2026 · 5 min read
Academy
Module 4 · Advanced

ATT&CK taxonomy, tactics and sub-techniques, Navigator for coverage mapping, detection-as-technique, D3FEND.

Apr 22, 2026 · 5 min read