OSINT stands for open source intelligence — the practice of finding information from public sources. Learn what it is, how it works, and how to try it yourself for free.

OSINT stands for open source intelligence. It is the practice of collecting and analysing information from publicly available sources — social media profiles, websites, public records, forums, news articles — without accessing any private or protected systems.

You have almost certainly done OSINT without knowing it had a name. Searching someone's name on Google before a first date, looking up a company before a job interview, or checking whether a seller has a real online presence before buying from them — all of that is OSINT.

What separates casual searching from proper OSINT is methodology and tooling. This guide explains what OSINT actually is, who uses it, how it works, and how you can try it yourself today for free using WhatsMyName App.

What OSINT stands for and what it means

The term breaks into two parts.

Open source does not refer to open source software. In this context it means information that is publicly available — accessible to anyone without special permissions, without hacking, and without payment. A public social media profile is an open source. A news article is an open source. A government business registration database is an open source.

Intelligence means information that has been collected, processed, and analysed to produce something useful — not just raw data but insight derived from it.

Put together: OSINT is the systematic collection and analysis of publicly available information to produce useful intelligence. The key word is systematic. A random Google search is not OSINT. A structured process of gathering, cross-referencing, and verifying information from multiple public sources is.

What counts as open source intelligence

OSINT draws from a wide range of publicly accessible sources. The most commonly used include:

Social media platforms — public profiles on Instagram, Twitter, Facebook, TikTok, LinkedIn, Reddit, YouTube, and hundreds of other platforms. Posts, photos, comments, bios, location check-ins, follower lists, and profile history are all open sources when set to public.

Usernames across platforms — tools like WhatsMyName App check 732 platforms simultaneously to find where a specific username is registered. This is one of the most effective OSINT starting points because most people reuse usernames across platforms for years.

Websites and blogs — content published on personal websites, company sites, forums, and content platforms. This includes articles, forum posts, comments, and archived versions of pages that have since been removed.

Public records and government data — business registration records, court filings, property records, electoral rolls, patent filings, and government reports that are publicly accessible.

News and media — articles from local and international outlets that mention a person, organisation, or event.

Metadata — information embedded in files. A photo taken on a smartphone contains metadata including the device used, the time of capture, and sometimes GPS coordinates of where the photo was taken.

Domain and network data — WHOIS records showing who registered a domain, DNS records, and publicly visible server information.

Who uses OSINT and why

Security researchers

Cybersecurity professionals use OSINT to understand what attackers can learn about their targets before launching an attack. If a company's employees are using the same passwords across personal and professional accounts, OSINT can surface that. If a server is running outdated software that is publicly visible, OSINT can find it. Understanding your own exposure is a core defensive practice.

Journalists and investigators

Investigative journalists use OSINT to verify identities, find connections between people and organisations, and build evidence for stories based entirely on publicly available information. Major investigations into corruption, fraud, and organised crime have been built on OSINT techniques alone. Bellingcat — one of the world's most respected investigative journalism outlets — conducts most of its work using publicly available information and open source tools.

HR teams and recruiters

Hiring managers use OSINT to verify that candidates are who they say they are, that their stated work history is consistent across platforms, and that there are no public red flags that would reflect poorly on the organisation. This is standard practice at many companies before making senior hires.

Law enforcement and intelligence agencies

Police and intelligence services around the world use OSINT as part of lawful investigation processes. Publicly available social media content, forum posts, and other open source data are routinely used in criminal investigations. OSINT is one of the primary intelligence disciplines alongside signals intelligence and human intelligence.

Individuals checking their own data

One of the most common and most accessible uses of OSINT is checking your own digital footprint. Using WhatsMyName App to find every platform where your username is registered, or running a Google search on your own name to see what appears publicly, is a practical use of OSINT techniques that anyone can do without any technical knowledge.

Is OSINT legal

Yes, in most jurisdictions, when done correctly.

OSINT only involves accessing information that is publicly available. There is no hacking involved, no bypassing of authentication systems, and no accessing of private data. Viewing a public social media profile is the same action whether you do it manually in a browser or use a tool to do it faster across multiple platforms simultaneously.

What is not legal — regardless of how the information was found:

Using OSINT findings to stalk, harass, or threaten someone
Using information to commit fraud or identity theft
Accessing systems that require authentication even if the credentials were found in public data
In some jurisdictions, aggregating public data in ways that violate privacy laws such as GDPR in Europe

The information gathering itself is lawful. The use of what you find determines the legality of the overall action.

The difference between OSINT and hacking

This is the most common point of confusion for people new to the topic.

OSINT uses information that is already publicly accessible. No systems are compromised. No passwords are cracked. No authentication is bypassed. Anyone with a browser could find the same information — OSINT tools just make the process faster and more systematic.

Hacking involves gaining unauthorised access to systems, accounts, or data that are not publicly accessible. This is illegal in virtually every country.

The simplest way to understand the difference: if the information is visible to anyone who visits the URL in a normal browser without logging in, it is fair game for OSINT. If accessing it requires bypassing a login, breaking encryption, or exploiting a vulnerability, it is hacking.

How OSINT actually works — a practical example

Here is a real-world example of a simple OSINT investigation using only free tools:

Imagine you receive a message from someone online and you want to verify whether they are who they claim to be. You have their username.

Step 1: Enter the username into WhatsMyName App. Results come back showing the username is registered on Reddit, GitHub, Twitter, a gaming forum, and a photography site.

Step 2: Visit each found profile. The Reddit account has years of post history. The GitHub account shows code contributions. The Twitter account has real interactions with other people. The photography site has a portfolio with a consistent name and location.

Step 3: Cross-reference the information. The location mentioned in the Twitter bio matches the location metadata in photos posted on the photography site. The name used on the GitHub profile matches the name the person gave you.

Step 4: The pattern of consistent information across multiple independent platforms, built up over years, gives you a reasonable basis for confidence that this is a real person with a genuine online history.

That entire process uses only publicly available information and takes less than 10 minutes with the right tools. It is basic OSINT but it is effective.

How to start doing OSINT today — for free

You do not need technical skills or paid tools to begin. Here is how to start:

Start with username search. Go to WhatsMyName App and search your own username. See every platform where you are registered. This teaches you what the tool does and shows you what your own footprint looks like at the same time.

Learn Google search operators. Using quotation marks, site:, filetype:, and other operators turns Google into a significantly more powerful research tool. Search "your name" in quotes and see what comes back that a normal search misses.

Check your email for breaches. Visit Have I Been Pwned and enter your email address to find out whether it has appeared in any known data breaches. This is basic but important.

Read and explore. The OSINT community is large and shares techniques openly. Once you understand the basics, explore the resources available through the OSINT tools hub to expand what you can do.

Free OSINT tools for beginners

These are the tools worth knowing when starting out:

WhatsMyName App — username search across 732 platforms, free, no install, works in any browser. The best starting point for anyone new to OSINT.

Google with operators — advanced search using site:, "exact phrase", filetype:, and date filters. Free and already available to everyone.

Have I Been Pwned — checks whether an email address has appeared in known data breaches. Free at haveibeenpwned.com.

Wayback Machine — archive.org lets you view historical versions of websites and profiles, including content that has since been deleted.

Sherlock — command-line Python tool that searches usernames across 400+ platforms. Requires technical setup but is free and open source.

For a full comparison of username search tools specifically, read Best Free OSINT Username Search Tools in 2026.

OSINT ethics — what you should and should not do

Just because information is publicly available does not mean it is ethical to use it in any way you want. The OSINT community operates by a set of widely accepted principles:

Only collect what you need for the specific purpose you have. Gathering information out of curiosity with no defined purpose is not investigation, it is surveillance.

Verify before you act on anything. A username match across platforms does not prove identity. A photo with location metadata does not prove someone was at that location on that date. Cross-reference everything before drawing conclusions.

Do not publish or share personal information you find about private individuals. Finding information and publishing it are very different actions. Aggregating and sharing personal data about private people — even if each piece is technically public — can constitute a privacy violation in many jurisdictions.

Do not use OSINT findings to harm people. Using publicly found information to stalk, harass, blackmail, or threaten someone is a crime regardless of how the information was obtained.

Maintain operational security. If you are conducting an investigation, be aware that visiting profiles and accounts may leave traces. Use appropriate measures depending on the sensitivity of the work.

Frequently asked questions

What does OSINT stand for? OSINT stands for open source intelligence. The "open source" refers to publicly available information sources, not open source software. It is the practice of gathering and analysing information from sources that anyone can access without special permissions or hacking.

Is OSINT legal? Yes, in most jurisdictions. OSINT only accesses publicly available information — the same information anyone could find manually. The legality of what you do with OSINT findings depends on your jurisdiction and your intent. Using findings to harass or harm someone is illegal. Gathering public information for research, journalism, or personal verification is lawful.

Do I need technical skills to do OSINT? Not to start. Tools like WhatsMyName App require nothing beyond a browser. Google search operators require only learning a few simple commands. Technical skills become more relevant when using command-line tools like Sherlock or Maigret, but these are not required for beginners.

What is the easiest OSINT tool to start with? WhatsMyName App. Open it in your browser, type a username, and see results in under 90 seconds. No signup, no install, no configuration. It is the most accessible way to understand what username-based OSINT can reveal.

Can I do OSINT on myself? Yes and this is actually the best way to start. Searching your own username shows you what others can find about you, helps you discover forgotten accounts, and gives you a concrete understanding of what OSINT reveals without any ethical concerns about the target.

What is the difference between OSINT and background checks? Commercial background check services pull from data brokers, proprietary databases, and purchased records. OSINT uses only publicly available sources. Background check services often find more comprehensive personal information but cost money and require consent in certain contexts. OSINT is free and requires no consent because it only accesses public data.

Next steps

Now that you understand what OSINT is, the best next step is to try it. Search your own username at WhatsMyName App and see what comes back. That single search will teach you more about OSINT than any amount of reading.

After that, explore these related guides:

What is OSINT? A Plain English Guide for Beginners (2026)