Generally, the first step in a penetration test or an attack is the collection of open source intelligence, or OSINT. It is the art of collecting information from public sources, particularly the internet. The amount of available information is considerable – most intelligence and military organizations are actively engaged in OSINT activities to collect information about their targets, and to guard against data leakage.

OSINT can be divided into two types: offensive and defensive. Offensive OSINT deals with all the data that is required to prepare an attack on the target, while defensive OSINT is the art of collecting the data of a previous breach and other security incidents relevant to the target.

The following diagram depicts a basic mind map for OSINT: