Three of the most popular OSINT frameworks each take a different approach. Maltego is the visual link-analysis platform; SpiderFoot is the automated scanning engine; Recon-ng is the modular CLI workflow. Here is when to reach for each.
Browsing: Uncategorized
For investigations of organisations, infrastructure, threat actors, or attack surface, the DNS and certificate ecosystem is one of the most productive places to look. Here are the tools — Certificate Transparency logs, passive DNS, and modern recon platforms — and how to use them well.
Locating a photograph or video to a specific spot on Earth is one of the most distinctive OSINT skills. Bellingcat’s geolocation work has cracked everything from MH17 to Russian war-crimes investigations. Here is how the technique actually works.
Reverse image search is one of the most useful OSINT primitives. Google was the original; in 2026 Yandex, TinEye, Bing Visual Search, and a handful of specialised tools each find different things. Here is when to use which, and what limits each one.
Open-Source Intelligence is older than the internet but has been transformed by it. Here is what OSINT actually is, what distinguishes it from passive web searching, the ethical lines that matter, and the tools that practitioners actually use.
The EU AI Act, in force since August 2024 and phasing in through 2027, is the first comprehensive AI regulation in any major jurisdiction. Here is what it actually requires, who it applies to, and what organisations should be doing now.
Red teaming for traditional software is well-defined. Red teaming for AI systems borrows the term but operates differently. Here is what AI red teaming actually involves, the documented methodologies, and how to structure an effective exercise.
Should you build on a closed API like GPT-5 or Claude, or run an open-weight model like Llama 4 or Mistral on your own infrastructure? The choice has real security implications that go beyond cost and performance.
A trained model represents enormous investment in compute, data, and expertise. The threat of model theft — through extraction, distillation, or outright weight exfiltration — is real and increasingly operationalised. Here is the threat landscape and the realistic protections.
Add a small, carefully chosen perturbation to an image and a state-of-the-art classifier sees a school bus instead of a panda. Adversarial examples are the longest-running unresolved problem in machine-learning security and increasingly relevant to deployed systems.