Social Media OSINT: Platforms, Process, and Ethics ( Part 3)

 In my previous blog, I have written about People OSINT . Hope you found it useful.



Social Media OSINT is one of the most powerful and accessible forms of digital investigation. It involves collecting and analyzing available information from social media platforms to 

  • build profiles
  • understand connections 
  • uncover insights 
Core Principles & Ethics 
Before touching any tools, ethics comes first.
  • Legality & Compliance: 
    • Always adhere to a platform's terms of service ( ToS ). Scraping data might violate ToS, even if it's public. Respect privacy laws like GDPR ( right to be forgotten ).
  • Ethics: 
    • Use this knowledge responsible. Do not harass, dox, or stalk individuals. Common uses include:
      • Journalism
      • Threat intelligence
      • Due Diligence
      • Investigation
      • Cybersecurity research
  • Documentation: 
    • Always screenshot and archive findings. Social media content can be deleted or changed rapidly.

Key Platforms & Their Intelligence Value

X (formerly Twitter ):
  1. For : Real-time events, network analysis, sentiment tracking, influencer identification. 
  2. Techniques: Advanced search operators ( from: , to: , near: , since:, until: ). Analyze lists, followers/following patterns.
Facebook:
  1. For: Personal connections, life events, employment history, interests, groups.
  2. Techniques: Review public posts, photos , geotags, reactions (likes), and group memberships. Graph Search is limited but still useful with precise queries.
Instagram:
  1. For: Lifestyle analysis, location history, social circles, visual content.
  2. Techniques: Analyze geotags, hashtags, followers/following , story highlights, and available metadata from images. 
LinkedIn: 
  1. For: Professional background, career trajectory, skills, colleagues ( corporate mapping )
  2. Techniques: Search by company, school, or job title. Use Boolean search ( AND, OR, NOT) on the platform. Analyze connections for organizational charts. 
TikTok & YouTube: 
  1. For: Content themes, vocal/visual biometrics ( voice, face), interests, collaborations.
  2. Techniques: Analyze video metadata, descriptions, comments. Use YouTube's "Transcripts" feature to search spoken words. Note linked social handles in bios.

The OSINT  Process: A Framework

  1. Define the Question
    What exactly are you trying to learn?

  2. Identify Sources
    Which platforms are most relevant?

  3. Gather Data
    Use manual search, advanced platform tools, and OSINT utilities.

  4. Analyze & Correlate
    Connect data points, build timelines, or map networks.

  5. Verify & Report
    Cross-check important findings with at least one independent source.


Essential Tools and Techniques 

  • Username Enumeration:
    Namechk, WhatsMyName, Sherlock

  • Reverse Image Search:
    Google Images, Yandex Images (often better for faces), TinEye

  • Metadata Analysis:
    ExifTool for GPS data, timestamps, and device information

  • Archiving:
    Wayback Machine (archive.org), Archive.today

  • Geolocation:
    Google Earth, Google Street View, comparison with landmarks

  • Visualization & Link Analysis:
    Maltego for mapping relationships between accounts, emails, and domains

  • Aggregators:
    Social Searcher, Mentionmapp for cross-platform visibility


Advanced Concepts

Sock Puppetry: Creating a credible fake account to infiltrate private groups or send friend requests. Highly ethicallly and legally sensitive. Use only in authorized investigation with clear rules of engagement. 


Data Breach Correlation: Cross-referencing social data with leaked databases ( from sites like HaveIBeenPwned) to find older passwords, emails, or associated accounts. 


Network/Link Analysis:                                                                                                                                Using tools to visually map how accounts interact (who replies to whom, who is in the same groups) , revealing communities and key nodes.

Getting Started & Resources

  • Practice using your own data

  • Analyze test accounts

  • Study public figures (journalists, politicians) who expect public scrutiny

  • Always stay within legal and ethical boundaries

Final Thought
Social media  OSINT is powerful not because of tools, but because of patterns, patience, and responsibility. 
Used correctly, it helps uncover truth. Used carelessly, it becomes harmful.

In next post, we will move deeper into Image OSINT and Video OSINT. 

Comments

Post a Comment

Popular posts from this blog

Obfuscation and Deobfuscation

I was on Hack The Box Academy, happily reading along when the first word of the module popped up: understanding . Good. Next word: code . Still good. Then the third word appeared: deobfuscation . And I just stared at it like, “How many alphabets did they use to make this word?” I tried pronouncing it five or six times. For a moment, I genuinely believed Shashi Tharoor writes simpler words 😂. Eventually, yes, I managed to say it without hurting my tongue. Anyway, let’s move to the topic. Obfuscation  As the name suggest , it is process of converting simple things ( notes , words , sentences ) into complex form 😂.  More precisely , it is the process of taking a simple , clear sentence and writing it in a complex cipher, using synonyms from a dead language, and adding alot of irrelevant words. The meaning remains preserved, but it is extremely hard to understand ( same as the name of topic obfuscation) .  Defuscation It is simply opposite of obfuscation. It is the proc...
Read more

OSINT Basics: Introduction, Scope, and Ethical Boundaries (Part 1)

Image
Disclaimer: All the tools and methods discussed in this blog are part of what I am learning in a safe and legal environment . This content is strictly for educational purposes only and is not intended to harm any individual or organization. Even though we all know that theoretical knowledge alone is not enough, most of my learning so far has been on the theory side. From now on, I’ll try to balance both theory and practical understanding — slowly and responsibly. That brings us to today’s topic: OSINT . What is OSINT? OSINT stands for Open Source Intelligence . As the name suggests, it is about gathering information from publicly available sources such as: the internet social media news articles public records OSINT has nothing to do with hacking . It focuses on collecting and analyzing information that is already exposed — often unintentionally. Why OSINT matters in cybersecurity OSINT helps us understand the human attack surface , which is often the weakest link in sec...
Read more

Cybersecurity Devices and Technologies Part 1

There is no single device or technology that can solve all the security needs of an organization on its own. A secure network is built by choosing the right tools for the right purpose. This blog covers some of the basic devices and technologies used in the field of network security. Security Appliances Security appliances can be physical devices like routers, or software tools running on those devices. They generally fall into six categories: Routers : Routers primarily connect different network segments, but they also offer basic traffic-filtering features. This helps decide which devices can connect and which networks they’re allowed to communicate with. Firewalls : Firewalls are the guardians of a network. They inspect traffic more deeply and can detect suspicious or harmful behaviour. Firewalls enforce security policies on every packet that passes through them. Intrusion Prevention System (IPS) : An IPS uses traffic signatures to detect and block malicious activities i...
Read more