Balanced Approach

  • some "assembly" is always required
    • integrating paid tools
    • deploying free tools
    • automation component
  • Mix build and buy to meet your OSINT goals
Easy Examples:
  • Buy
    • internet-sized attack surface data -- building this would involve scanning billions of hosts, cost lots in hosting, and require lots of development to enrich the data to make it usable. and Shodan is quite affordable
  • Build
    • profile enumeration by username (demo) -- there are tons of ways to do this, and it's relatively straightforward
    • anything that doesn't exist already -- you have no other options...