About OSINT
OSINT is defined in the United States of America by Public Law 109-163 as cited by both the U.S. Director of National Intelligence and the U.S. Department of Defense (DoD), as intelligence "produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement." As defined by NATO, OSINT is intelligence "derived from publicly available information, as well as other unclassified information that has limited public distribution or access.
According to political scientist Jeffrey T. Richelson, “open source acquisition involves procuring verbal, written, or electronically transmitted material that can be obtained legally. In addition to documents and videos available via the Internet or provided by a human source, others are obtained after U.S. or allied forces have taken control of a facility or site formerly operated by a foreign government or terrorist group.
Learn moreOSINT is defined in the United States of America by Public Law 109-163 as cited by both the U.S. Director of National Intelligence and the U.S. Department of Defense (DoD), as intelligence "produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement." As defined by NATO, OSINT is intelligence "derived from publicly available information, as well as other unclassified information that has limited public distribution or access.
A main hindrance to practical OSINT is the volume of information it has to deal with ("information explosion"). The amount of data being distributed increases at a rate that it becomes difficult to evaluate sources in intelligence analysis. To a small degree the work has sometimes been done by amateur crowd-sourcing.
The web browser is a powerful OSINT tool that provides access to numerous websites and both open source and proprietary software tools that are either purpose-built for open source information collection or which can be exploited for the purposes of either gathering of open source information or to facilitate analysis and validation to provide intelligence.
To get started, you'll need to have Python 2 installed and updated on your system. The developer of Skiptracer, xillwillx, is in the process of updating the tool to Python 3 since Python 2 is no longer supported, but it's not entirely done yet, so Python 2 is what we'll need for now. To see if you have Python 2 installed, use:
Python 2.7.18 is the latest version, so you're good if that's what comes up. If you don't have it yet, install or update it using:
Now, once you have the U.S. license plate number and state of the vehicle you want to conduct an OSINT investigation on, you could start plugging the data into websites online. Still, most of them will try and charge you hefty fees to access any information. That's why Skiptracer is an excellent tool to use, as it queries a bunch of APIs to see if it can find free information from the best sources that are available.
Now, to get started with Skiptracer, after knowing you already have Python 2 installed and up to date, you'll need to download the tool from xillwillx's GitHub. It's pretty easy to install since you just need to clone the repository with:
To see what's inside the repository downloaded, you can cd into skiptracer, then ls to list its files.
If you've ever installed a Python program before, it may be fairly obvious what needs to happen next. For those of you who haven't or don't know, you'll need to install the requirements.text file, which is a list of all the different modules Skiptracer needs to work. Use the pip install -r command to install it.
The most obvious choice here is "plate." A lot of the other options you see are in other tools, such as Sherlock ("ScreenName"), but we're just focusing on the plate search. Go ahead and select number 5 to do so.
Now, let's select number 2 for "Plate Search." After doing so, it will ask you for the plate number, so enter that in at this time.
After entering that, it'll ask you for the U.S. license plate's state abbreviation.
If everything went well, you should see results. If you get the "No results" warning as I did, press Enter to continue, then select number 1 for "All." It's for all modules associated to the email module group, which doesn't make sense, I know, but it works. Then, reenter the state ID.
From that, we were able to extract some information about the vehicle. We started with just the plate number, but now we have the automobile's VIN, which we can use to pull up all sorts of other information. That data could include when it was registered and who it was registered to. If you're an OSINT investigator, you know that the more clues you can get about a specific target, the easier it is to plug it into other sources and learn a little bit more, bit by bit.
If you're looking for other information, there are other useful modules included in Skiptracer. For example, if you have a specific screen name you're looking for, it's easy to use the ScreenName module and run it against "All." It'll do the work for you, looking for accounts online that use that screen name. So if you need to do a quick profile on someone, or if you have a U.S. license plate to scan, either one of these modules will work just fine.
Skiptracer isn't a complete solution for an OSINT investigation, but it's a great way to start pulling clues together quickly, provided you have Python 2 installed on your system.