[#DailyOSINT - Day#324] The best way to check if an #OSINT technique might alert your target,is to perform this technique to yourself beforehand (e.g. social accounts). Check regularly again and again because site policies/processes/algorithms might change from time to time.(1/5)

However, a technique that doesn't normally alert a user, might do so in case it is performed in an unusual way (e.g. IP address different than target's local IP address) or if performed repeatedly (from same or different user). Since you can never know the algorithms behind (2/5)

different platforms, using techniques such as those that exploit partial or full mobile phone revealing, should be done in extreme caution. When using tools that claim to find social media accounts via phone numbers as input, always check issues reported by users and (3/5)

also try them to your own social media accounts first. Moriarty is an example of such a tool (github.com/AzizKpln/Moria…). After you have gained some experience, even just inspecting the code yourself, will give you an insight of such a danger in a tool you are about to use. (4/5)

Apart from the above, remember that there are ethical issues concerning the above techniques as in essence you are falsely pretending to be the target yourself. So keep that in mind. If it feels wrong, it is most probably wrong and thus you should abstain from it. #OSINT (5/5)