LOGBOOK

HELP

Quiz Entry - updated: 2026.07.01

What could a practical OSINT investigation workflow look like, step by step?

One typical five-step OSINT workflow moves from username discovery through social media analysis to profile image tracking, building a progressively more complete picture. (It's an illustrative sequence, not a fixed recipe — real investigations reorder and skip steps.)

Step 1: Username search. Tools like Sherlock and Maigret enumerate a username across hundreds of social networks simultaneously. Run sherlock username or maigret username and within minutes you know every platform where that handle exists.

Step 2: Twitter/X analysis. Examine the public profile for bio information, location hints, external links, and posting patterns. Analyze the follower and following network to map social connections and professional relationships.

Step 3: Profile image analysis. Download the profile picture and run a reverse image search through Google Images. This reveals other platforms where the same image appears, linking accounts the user may have believed were separate and unconnected.

Step 4: LinkedIn investigation. Even without logging in, LinkedIn reveals surprising amounts of information. Names, job titles, employers, locations, education history, and profile pictures are all publicly indexed. Search operators like site:linkedin.com "Name" security narrow results quickly.

Step 5: Instagram analysis. Bio information, post volume, tagged photos revealing social networks, and story content documenting daily activities. Most critically, photos uploaded from external sources may contain GPS data that pinpoints exact locations.

What 55 minutes of OSINT reveals: full name, employer, education history, social circle, daily routines, and physical locations. The security risks are clear: reusing usernames across platforms, GPS data in photos, public work emails, and old social media posts that were never deleted.

From Quiz: PRIVACY / TOM and OSINT | Updated: Jul 01, 2026