14 Free OSINT Tools for Adding Context in Person-of-Interest Investigations
The digital landscape continues to change faster than the technologies used for intelligence gathering. Alongside the rapid evolution of digital communication platforms, the sheer amount of information generated daily poses a significant challenge in terms of resources. Law enforcement agencies, private companies, or security consultancies alike suffer from shortage of personnel, time, and budget to run comprehensive investigations that could match the scale of their task.
Person-of-interest (POI) – Definition
Person-of-interest is a term originally widely used by law enforcement and intelligence officials to identify someone linked to and/or in possession of information pertinent to an ongoing criminal investigation. As the specialisation of online investigations grew beyond the military and law enforcement into private sectors, the term has been adopted by trained practitioners (for example cyber security experts or open-source intelligence analysts) conducting specialised investigations of persons. The term has no legal implications.
Nowadays, the persons suspected of illicit activities are tech-savvy and resourceful; with access to a much broader set of tools to conceal their identity and activity online. As a result, it became much easier for persons-of-interest (POI) in investigations to slip under the radar of LEAs, prosecutors, or investigative journalists.
However, there is one important critical aspect of POI investigations, which can sway the conclusions of an OSINT report, namely context.
Connecting the Dots with Context Awareness in OSINT Investigations
Peter Cochrane, an international sought-after advisor and consultant with over 40 years of technology and operational experience, summarised the necessity for context awareness in interpreting intel perfectly during last year’s HENSOLDT Analytics Intelligence Webinar on the topic of modern hybrid warfare:
“[…] intelligence systems have to be responsive to long-term monitoring and engage in deep observation and analysis of the situation. The data must be applied to the wider context to reveal unknowns and contingencies.”
This, postulated Peter Cochrane, calls for minimization conditions that foster errors, for example, focusing on narrow situation modelling or not factoring in human and machine cognitive bias.
Therefore, an efficient and conclusive strategy for OSINT investigations of POIs has to combine automated cross-media intelligence gathering workflows with open-source tools developed to target very specific information gaps.
14 Useful OSINT Tools for Persons-of-Interest Investigations
Use the tool to check if and where an email account was breached over the last years. It’s useful in tracking if an email had been used on more than one platform. This tool similar to Have I Been Pwned, however, Breach Checker focuses exclusively on email data breaches.
BuiltWith covers 60,409+ internet technologies which include analytics, advertising, hosting, CMS and many more. By entering a url in the search bar, you can see the elements a website had been built with and what tools it uses. With BuiltWith.com Technology Trends data back to January 2000.
This online service enables investigators to quickly check whether their POIs email or phone address featured in any of the past data breaches.
Allows users to instantly fetch any address or place from the Google Street View.
This tool helps you estimate and fact-check the maximum number of people standing in a given area.
According to the creator of the Reddit Search tool, this application allows for cross-post and comment search, as well as specific user or subreddit search. In addition, OSINT analysts can aggregate data to identify trends. As of 2022, reddit is blocked in India, Indonesia, Russia, and China.
This service allows you to browse radio stations by rotating the 3D globe. It doesn’t map all of the existing stations but it’s a helpful tool to add local reference sources to your report.
The Snap Map service ran by Snapchat aggregates a selection of public snapchat media. The information includes geolocations.
Strava’s Global Heatmap focuses specifically on monitoring and visualising ‘heat’ made by aggregated, public activities over the last year. The public data shared by athletes from around the world identifies activity hotspots. The tool is also used by athletes to identify their next destination.
For those investigating events from all angles, weather conditions can play an important part in explaining the context of the POI’s movements. The Ventusky app provides interesting food for thought. The tool clearly displays meteorological data from around the world and allows users to monitor weather developments for any place on Earth at different times. Depending on data sources, some of the data visualisations date back decades.
The Wayback Machine captures websites as they are and stores the screenshot, url changes, and the timeline of changes for reference. The Wayback Machine is a crucial resource in the fight against disinformation as it records content meant to be ephemeral.
TinEye’s computer vision, image recognition and reverse image search matches your upload image with its duplicates online. It’s a useful tool for verifying users activity or connecting images to stock images databases.
Whois lists domain information allowing users to check the person owning the website you are looking at. The information provided to the Whois registry is voluntarily provided by the domain owners and unverified by the service.
A useful email verification tool, which connects to the mail server and checks whether the mailbox exists or not.