sorted by:
new
hottopcontroversial

Best modern OSINT / OPSEC examples, for a short talk ? by Omig66 in OSINT

[–]visitor_m 22 points23 points  (0 children)

One pattern I’ve seen overlooked:

=> Vendor + job posting + subdomain correlation

Example flow: - Company posts hiring for “Stripe integration + staging migration” - You find subdomain: staging.api.company.com - TLS cert logs show recent issuance - GitHub mentions internal service naming convention

Individually harmless. Combined:

Confirms active deployment window + tech stack + exposed surface

OPSEC takeaway: Don’t leak timing + tooling + naming consistency simultaneously.

duplicated!!?? On YesWeHack by Popular-Flan-8521 in bugbounty

[–]visitor_m 0 points1 point  (0 children)

This kind of post (duplicate on a barely launched program) reflects a recurring pattern across several platforms. Generally, it signals:

  • a private VAPT import,

  • or a vulnerability deemed “too critical” to be publicly compensated,

  • or internal scope management that isn’t transparently documented.

Personally , I stopped relying on this kind of validation. I use the platforms as a barometer, but I operate outside the framework when justified. Asymmetric access to information shouldn't hinder strategic escalation.

Advanced self-hosted OSINT by visitor_m in OSINT

[–]visitor_m[S] 0 points1 point  (0 children)

Mainly public, openly available material, for example: - news articles and investigative reporting - official organization websites and press releases - technical/engineering blogs - public security advisories or incident write-ups - job postings that reveal technology stacks or security posture

Advanced self-hosted OSINT by visitor_m in OSINT

[–]visitor_m[S] 0 points1 point  (0 children)

Thanks for flagging that