Loading repository data…
Loading repository data…
Jieyab89 / repository
OSINT cheat sheet, list OSINT tools, wiki, dataset, article, book , red team OSINT for hackers and OSINT tips and OSINT branch. This repository will grow every time will research, there is a research, science and technology, tutorial. Please use it wisely.
Contains a list of OSINT tools, OSINT tips, datasets, Maltego transform and others. There are free and paid tools you can use and owner is not responsible (take your own risks), only for knowledge or educational purposes. Apologies if some of the resources are no longer available or contain errors, as the owner does not regularly check the status of these resources, If there is new information, the owner will add it to this repo along with the category. If you want to read about techniques and intelligence some have already been added to the Wiki page Jieyaboo Wiki The owner will add them back. If there are any errors let us know thank you.
Please take a notes. Due to the large number of supply chain attacks, refer to OWASP TOP 10 2025 also the TA campaign like fake captcha, injected script, obfuscate script and other. My advice is to use a sandbox machine that does not contain your personal data and office. With the rise of malware stealers, crypto miners, and other threats, to reduce this risk, you can use fake accounts on social media, email, phone numbers, and your sandbox machine, as well as turn on your AV (Anti Virus) and firewall. For malicious activiy also untracked resouces Jieyab will remove it
Tips:
Contains information about OSINT tips, OSINT branches and knowledge about intelligence
Contains information about OSINT tips, write up usage resouces and more tips about OSINT and OSINT branch
Notes: "I recommend always using the hot reload function (CTRL + F5 OR Ctrl + Shift + R) to view updated content and clear the cache. I use DeepL to assist with creating articles in English also AI LLM, and my writing style tends to be a mix of informal and formal language, adhering to EYD (Enhanced Spelling) standards. Narrative"
Info
| Date | Remarks |
|---|---|
| 16 Jul 2026 | Update the article about Intelligence Base & Knowledge Base at Gitbook and Wiki Github pages |
| Country / Region | Legal Framework | Key Legal Considerations | OSINT / PII Implications |
|---|---|---|---|
| Indonesia 🇮🇩 | Personal Data Protection Law (Law No. 27 of 2022) — UU PDPElectronic Information and Transactions Law (UU ITE) — Law Overview | Requires a lawful basis for processing personal data (consent, contract, legal obligation, legitimate interest, etc.). Data subjects have rights. UU ITE prohibits unlawful access and misuse of electronic data. | OSINT using publicly available data is generally permissible, but processing identifiable personal data must comply with PDP Law principles such as purpose limitation and data minimization. |
| European Union 🇪🇺 | General Data Protection Regulation (GDPR) — Official EU Text | Processing requires a lawful basis (consent, legitimate interest, etc.). Transparency, accountability, and data subject rights apply. High-risk processing may require a DPIA. | Public availability does not remove GDPR obligations. OSINT involving EU residents’ personal data must meet GDPR compliance standards. |
| Spain 🇪🇸 | LOPDGDD (Spain’s Organic Law on Data Protection) + GDPR — Official Text (BOE) | Supplements GDPR with national rules. Legitimate interest may apply for research under strict necessity and proportionality tests. | OSINT research must document lawful basis and balance privacy impact against legitimate interest. |
| Mexico 🇲🇽 | Federal Law on Protection of Personal Data Held by Private Parties — Official Government Portal | Requires privacy notice, lawful basis, and safeguards when processing personal data. Individuals have rights to access, rectify, cancel, or oppose data use. | Collecting public data is allowed, but processing personal data still falls under legal protections. |
| United States 🇺🇸 |
You can build it with VM or Live USB make sure you have sandbox machine
Artist string
Author
| Computer Fraud and Abuse Act (CFAA) — Cornell Law School ReferenceState Privacy Laws (e.g., CCPA/CPRA) — California DOJ |
| Prohibits unauthorized access to computers and bypassing authentication. Privacy laws vary by state. |
| OSINT is legal when using publicly accessible sources. Accessing restricted systems or circumventing security controls is illegal. |
| China 🇨🇳 | Personal Information Protection Law (PIPL) — Official Text (NPC)Cybersecurity Law (CSL) — OverviewData Security Law (DSL) — Overview | PIPL requires lawful basis and strict consent rules for personal data processing. Strong state controls on data handling, cross-border transfer restrictions, and broad definitions of sensitive personal information. | Even publicly available personal data can be regulated under PIPL. Large-scale OSINT data aggregation, profiling, or export outside China may trigger compliance reviews or security assessments. |
| International (Human Rights) | International Covenant on Civil and Political Rights (ICCPR), Article 17 — UN Text | Recognizes the right to privacy and protection from arbitrary interference. Applies to digital environments. | OSINT activities should respect fundamental privacy rights even when data is publicly accessible. |
| OSINT Ethical Principles (Non-Legal) | Community-driven OSINT codes of conduct and research ethics | Use only lawfully and publicly available sources. Avoid doxxing, stalking, harassment, or data resale. Minimize sensitive data collection. | Ethical practice often goes beyond legal requirements and reduces risk of harm, misuse, or reputational damage. |