OSINT Tools for Personal Security: How to Audit Your Digital Footprint
Hackers, stalkers, and social engineers use OSINT (Open Source Intelligence) techniques to gather information about targets. Learn how to use the same tools defensively to audit your own exposure, find leaked credentials, and reduce your digital footprint.
Open Source Intelligence (OSINT) refers to information gathered from publicly available sources: social media profiles, public records, data breaches, search engines, and data broker databases. Security professionals use OSINT for investigations and penetration testing, but the same techniques are used by attackers to target individuals.
The best defense is understanding your own exposure. This guide walks you through a personal OSINT audit using free and accessible tools so you can see exactly what an attacker would find when researching you.
What Can Someone Find About You Online?
Before diving into tools, it helps to understand the scope of what is typically discoverable about any individual:
- Full name, address, phone number – Data brokers aggregate public records and make them searchable by anyone.
- Email addresses – Often leaked in breaches or discoverable through domain records and social media.
- Employment and education history – LinkedIn, university directories, company websites.
- Relatives and associates – Data brokers cross-reference family connections from public records.
- Photos and geolocation – Social media posts, reviews, and images with EXIF metadata revealing GPS coordinates.
- Leaked credentials – Passwords and session tokens from data breaches and stealer log infections.
- Online accounts – Username searches reveal which platforms you have registered on.
This information is used by attackers for social engineering (crafting convincing phishing messages), credential attacks (password guessing using known information), doxxing (publishing personal details), and identity theft.
Your Personal OSINT Audit: Step by Step
Step 1: Search Your Name and Variants
Start with what anyone with your name can find:
- Search your full name (in quotes) on Google, Bing, and DuckDuckGo
- Search name + city, name + employer, name + email
- Search with Google Dorks for deeper results:
"John Smith" site:linkedin.com– Find LinkedIn profiles"john.smith@" filetype:pdf– Find documents containing your email"John Smith" inurl:about– Find about pages mentioning you
What to look for: Unexpected results like old forum posts, cached pages, documents with your contact details, or data broker profiles.
Step 2: Check Data Broker Sites
Data brokers collect and sell personal information from public records, voter rolls, property records, and online activity. The following sites likely have a profile on you:
| Data Broker | What They Expose | How to Remove |
|---|---|---|
| Spokeo | Name, address, phone, relatives, social profiles | spokeo.com/optout |
| Whitepages | Name, address, phone, age, relatives | whitepages.com/suppression-requests |
| BeenVerified | Criminal records, property, social profiles | beenverified.com/faq/opt-out |
| PeopleFinder | Address history, phone numbers, relatives | peoplefinder.com/optout |
| Intelius | Background checks, contact info | intelius.com/opt-out |
Automated removal: Services like DeleteMe and Incogni will submit opt-out requests on your behalf across dozens of data brokers for a subscription fee. If you value your time, these services are worthwhile.
Step 3: Check for Leaked Credentials
This is one of the most critical steps. Search for your email address across breach databases and stealer log collections:
- Intelligence Security Email Breach Check – Searches 500B+ records including breach databases, stealer logs, and dark web sources. One free audit per day.
- Stealer Log Search – Specifically searches infostealer malware output for your credentials.
- Session Cookie Search – Checks if your active session tokens are in circulation.
If any credentials are found, follow the breach response guide immediately.
Step 4: Audit Your Username Presence
Most people reuse the same username across platforms. Tools like Sherlock and Namechk can check whether a username exists on hundreds of platforms simultaneously.
This reveals:
- Old accounts you forgot about (which may still contain personal data)
- Accounts someone else created impersonating you
- The scope of information linked to your username
For each discovered account, decide whether to update its privacy settings, delete it, or leave it. Abandoned accounts with old credentials are a significant risk.
Step 5: Examine Your Social Media Exposure
View each of your social media profiles as if you were a stranger. Log out and visit your profiles to see what is publicly visible:
- Profile photo – Can be used for reverse image search or facial recognition
- Bio details – Employer, location, birthday, school
- Posts and check-ins – Patterns reveal routines, travel schedules, home location
- Friends/followers list – Reveals relationships and can be used for social engineering
- Tagged photos – Others may have posted photos revealing your location or activities
Step 6: Check Photo Metadata
Photos taken with smartphones and cameras contain EXIF metadata that may include:
- GPS coordinates (latitude/longitude of where the photo was taken)
- Date and time
- Device model and serial number
- Camera settings
Use ExifTool or online EXIF viewers to check photos you have posted online. Many social media platforms strip EXIF data on upload, but not all do, and images shared via email or messaging apps often retain it.
Step 7: Scan Your Domain (If You Own One)
If you own a personal domain or run a website, use the Domain Reconnaissance tool to discover:
- Subdomains that might expose internal services
- Email addresses associated with your domain
- URLs indexed by search engines that should not be public
Reducing Your Digital Footprint
After completing your audit, take these steps to reduce your exposure:
Immediate Actions
- Opt out of data brokers – Submit removal requests to every broker that has your data
- Set social media to private – Limit profile visibility to friends/connections only
- Delete unused accounts – Every old account is a potential breach target
- Change leaked passwords – Use unique passwords via a password manager
- Enable 2FA everywhere – Prefer authenticator apps over SMS
Ongoing Practices
- Use separate email addresses – One for important accounts, one for subscriptions and sign-ups
- Strip photo metadata before posting – Most photo editors have an option to remove EXIF data
- Use a VPN on public Wi-Fi to prevent IP-based tracking
- Limit personal details in profiles – Avoid posting birthdate, phone number, or home city
- Use aliases for non-essential accounts – Forums, newsletters, and casual services do not need your real name
- Review privacy settings quarterly – Platforms frequently change their defaults
OSINT Tools Reference Table
| Category | Tool | What It Does |
|---|---|---|
| Breach Search | Intelligence Security | Search 500B+ records: breaches, stealer logs, dark web |
| Breach Search | Have I Been Pwned | Check known public data breaches |
| Stealer Logs | IS Stealer Log Search | Search infostealer malware output |
| Session Cookies | IS Cookie Search | Check for stolen session tokens |
| Domain Recon | IS Domain Recon | Subdomains, emails, URLs for any domain |
| Username Search | Sherlock / Namechk | Find accounts across 300+ platforms |
| Photo Analysis | ExifTool | Extract metadata from images |
| Data Brokers | DeleteMe / Incogni | Automated opt-out from data brokers |
| OSINT Directory | OSINT Framework | Curated directory of OSINT tools |
Frequently Asked Questions
Is OSINT legal?
Yes. OSINT by definition uses only publicly available information. However, how you use the information matters. Using OSINT for personal security auditing, authorized security testing, and legitimate investigations is legal. Using it to stalk, harass, or doxx someone is illegal in most jurisdictions.
How often should I run a personal OSINT audit?
A comprehensive audit every 6 months is a good practice. For breach checking specifically, quarterly or monthly scans are recommended since new breaches are discovered daily.
What if I find someone impersonating me online?
Report the impersonation to the platform where it occurs. Most social media platforms have impersonation reporting features. If the impersonation involves fraud or threats, report it to law enforcement as well.
Can I hire someone to do an OSINT audit for me?
Yes. OSINT investigators and cybersecurity consultants offer personal threat assessments. This is especially common for executives, public figures, and people concerned about stalking. However, the steps in this guide cover the most critical areas you can check yourself.
Sources & References
- OSINT Framework — Collection of free OSINT tools and resources
- NordStellar — Dark web and breach monitoring platform
- Have I Been Pwned — Breach notification service by Troy Hunt
- Shodan — Internet-connected device search engine
- Maltego — OSINT and graphical link analysis tool
This article is for educational and security awareness purposes only.
Check Your Exposure Now
Search 500B+ records from publicly disclosed data breaches and compromised credential databases.
Free Breach Check