Open Source Intelligence (Osint) Executive Summary - Source Excerpt 02 - Authoritative Frameworks and Standards
Back to Open Source Intelligence (Osint) Executive Summary
Summary
This source excerpt begins near Authoritative Frameworks and Standards and preserves the surrounding evidence from 2IA.org/agent-file-handoff/Archive/2026-05-16-home-psychological-warfare-improvement/Improvement/Open-Source Intelligence (OSINT) Executive Summary.md.
**Source path:** 2IA.org/agent-file-handoff/Archive/2026-05-16-home-psychological-warfare-improvement/Improvement/Open-Source Intelligence (OSINT) Executive Summary.md
| **Tool/Platform** | **Category (Primary Use)** | **Data Sources** | **License/Cost** | **Platform** | **Typical Use Cases/Features** |
|------------------------|----------------------------------|---------------------------------------|---------------------|--------------------|----------------------------------------------------------|
| **Google / Bing** | General web search | Internet index (webpages, news) | Free | Web | Broad web queries, news archives |
| **OSINT Framework** | Tool directory | Curated list of OSINT resources | Free | Web | Portal of links to many OSINT tools |
| **Google Dorks** | Advanced search operators | Google indexes | Free | Web (Google) | Locate hidden files, extract data via query syntax |
| **theHarvester** | E-mail/subdomain harvesting | Search engines, PGP servers, LinkedIn | Free (open-source) | CLI, Linux | Enumerate e-mails, hosts for pen-testing |
| **Maltego CE/Pro** | Link analysis / graphing | Multiple (links, social media, DNS) | Freemium/Paid | Windows/Mac/Linux | Build connection graphs between people, domains, etc. |
| **SpiderFoot** | Automated reconnaissance | 200+ sources (DNS, web, social, etc.) | Free (Python) | CLI/Server | Bulk collect data, automations via modules |
| **Shodan** | Internet devices search | IoT devices, certificates, services | Freemium | Web/API | Find exposed webcams, servers, industrial ICS |
| **Censys** | Network reconnaissance | SSL/TLS certificates, IPv4/6 hosts | Freemium | Web/API | Map attack surface (hosts, IoT) |
| **VirusTotal** | Malware/URL analysis | Upload files/URLs to multiple scanners | Free/Freemium | Web/API | Scan for malware, check domain reputations |
| **Social Searcher** | Social media search | Facebook, Twitter, Instagram | Free/Freemium | Web | Keyword search across social platforms |
| **CrowdTangle** | Social media monitoring | Facebook, Instagram, Reddit | (By application) | Web | Track viral posts, page trends |
| **Meltwater** | Media monitoring (commercial) | Web news, social, broadcast | Paid | Web | Sentiment analysis, brand monitoring |
| **Google Earth / Maps**| Geolocation/Imagery | Satellite & aerial imagery, StreetView | Free | Desktop/Web | Visual verification, location distance measurement |
| **Sentinel Hub** | Satellite imagery API | Sentinel/ESA, Landsat, commercial | Freemium/APIs | Web/API | Custom GIS analysis, time-series imagery |
| **EXIFTool** | Metadata extraction | Image/audio/video files | Free | CLI (All OS) | Read/write file metadata (GPS, timestamps) |
| **InVID/WeVerify** | Video/image verification plugin | YouTube, Google, Yandex images | Free (Browser ext) | Browser Plugin | Reverse-search frames, check video provenance |
| **Exif Cleaners** | Metadata removal | Image files | Free | Desktop/Web | Strip personal metadata before publication |
| **Wayback Machine** | Web archives | Historical web snapshots | Free | Web/API | Retrieve deleted/changed web pages |
| **Recon-ng** | OSINT framework | Modules for Bing, Google, Shodan, etc. | Free (open-source) | CLI (Python) | Modular reconnaissance scripts (domain, email, phones) |
| **Social-Analyzer** | Username profiling | Social networks (Twitter, IG, etc.) | Free | CLI (Python) | Check username availability, profile scraping |
| **Gephi** | Network visualization | Graph data (from Maltego, etc.) | Free | Desktop | Visualize clusters and relationships |
| **Linkurious** | Graph analysis platform | Data from DBs or transcripts | Commercial | Web | Large network analysis for law enforcement |
| **Torch/Tor Browser** | Dark web browsing/search | .onion websites | Free | Browser | Access Tor hidden services, search engines like Torch |
| **Ahmia** | Onion site index | Tor network | Free | Web | Search accessible dark-web sites |
| **SpiderOak** | Secure storage (for OPSEC) | (Auxiliary for OSINT investigators) | Freemium | Desktop/Web | Encrypted cloud storage for evidence |
| **Proprietary Platforms:** ShadowDragon, Recorded Future, Paliscope, Babel Street, Maltego Enterprise, etc., | Integrated solutions | Vast proprietary & open sources (social, deep web, news, trade data, etc.) | Paid (enterprise) | Web/Cloud | Enterprise investigations, fusion of sources, automated watchlists, link analysis |
*(Table is illustrative, not exhaustive; source coverage and features vary.)* As Lazarov *et al.* note, **OSINT tools differ widely** in functionality, coverage, licensing and cost, and no single tool is sufficient【40†L53-L60】. A typical modern investigation will use multiple tools: e.g. using Google Dorks or TheHarvester to find hidden data, Shodan/Censys to map exposed infrastructure, social media monitors to track online chatter, and geospatial tools (Google Earth) to verify locations. (See below for more on tool evaluation criteria.)
## Authoritative Frameworks and Standards
Several governments and alliances have issued formal OSINT strategies or doctrine. Key examples:
- **U.S. Intelligence Community OSINT Strategy (2024–26).** Directed by the Office of the Director of National Intelligence (ODNI), this strategy explicitly defines OSINT as “intelligence derived exclusively from publicly or commercially available information” addressing intelligence priorities【22†L74-L79】. It outlines four focus areas: coordinating data acquisition/sharing; integrated collection management; driving innovation for new capabilities; and developing the next-generation OSINT workforce【22†L74-L79】. It emphasizes professionalization and partnership with industry and academia, aligning with free-society values【22†L74-L79】.
- **U.S. Department of Defense OSINT Strategy (2024–28).** Issued by the DoD OSINT Council, this strategy calls to “elevate OSINT as a core intelligence discipline” supporting all warfighters【3†L386-L394】. It frames OSINT as “the premier source of intelligence information for decisionmakers and warfighters”【6†L10-L16】, and assigns a coordinating role to the Defense OSINT Enterprise. (It aligns with U.S. Executive Order 12333 and expands OSINT training, tools, and cross-agency governance.)
- **U.S. Department of State / INR OSINT Strategy (May 2024).** The State Department’s Bureau of Intelligence & Research (INR) published an OSINT strategy outlining four pillars: (1) **Governance and Policy** – establish formal standards/SOPs (consistent with law, e.g. Exec Order 12333) for OSINT use; (2) **Capacities** – acquire/develop OSINT tools and datasets, engage industry partners; (3) **Training and Tradecraft** – build workforce skills via curricula and exercises; and (4) **Partnerships** – deepen collaboration with IC allies, academia and NGOs【13†L17-L26】【13†L33-L42】. INR’s vision is to “effectively and efficiently [use] OSINT” to meet diplomatic and analytic needs【13†L17-L26】.
- **NATO OSINT Publications.** NATO’s publicly available OSINT Handbook (2002) and related readers provide training guidance. The NATO framework stresses that OSINT provides a **multilateral common picture** in coalition operations and supplements classified intelligence【20†L600-L609】【20†L717-L726】. The Handbook defines OSINT as information that has been “deliberately discovered, discriminated, distilled, and disseminated” to answer specific questions【20†L717-L726】, applying tradecraft to public data. It also emphasizes that OSINT must be legally and ethically gathered from public sources【17†L263-L272】.