Role of OSINT in Di...
Clear all

Role of OSINT in Digital Forensics Investigations

2 Posts
2 Users
0 Reactions
Posts: 72
Estimable Member
Topic starter

Dear members, 

OSINT, short for open-source intelligence, is a process designed to gather information from public sources. These sources may be government databases, websites, or brochures, for example. To achieve this, investigators use several manual as well as automatic tools.

What do you think can OSINT play an important role in Digital Forensics Investigations (specifically when performing forensic analysis of suspect's mobile or laptop etc to attribute the evidence to a suspect)?. What are the legal and ethical issues related to it?

Your valuable insights are appreciated. 

This topic was modified 1 year ago by Ahsan
Posted : 10/06/2023 2:23 pm
Posts: 42
Eminent Member

It can be helpful but it very much depends on the case. Often it can be useful for gathering further evidence, for example when you've forensically recovered a suspect's username on illicit forums and that can be used to gather more evidence online - the issue there is proving the link between the person and the online content. I had jobs whilst in LE where I presented this evidence in reports but made it very clear that this was not nailed-down evidence and should be used as intelligence only.

In some cybercrime cases it was useful to look at activity on hacking forums relating to the suspect, and in one case I could trace the guy's work in developing a hacking tool by his posts on technical forums - in this case it also told me how to decipher a unique marker in installations of his tool, which turned out to be very helpful.

So yeah, it's useful but it's not always the highest standard of evidence and everyone involved should have that emphasised to them.

Posted : 26/06/2023 11:00 am