osint

Map Threats.
Uncover Truth.

From open-source signals to a living case graph. Start with an Instagram handle, auto-link email and phone, pin the address — then walk the confidence-scored edges.

No credit card required · Web & API access

Trusted by investigation and threat teams worldwide

NINorthwind Intel
HSHarbor Security
CLClearpath Labs
VIVertex Investigations
SDSignalDesk
CWCobalt Watch
FOFieldwire OSINT
AFAnchor Forensics

Product showcase

See every connection

OSINT mirrors how investigators work — map identifiers, walk the graph, then pin the places that matter.

osint.app / case / graph
Confidence 0.91
GraphRelationship Mapping
  • Auto-link identifiers across platforms

    Connect Instagram, email, phone, and domains into one case graph.

  • Visualize relationships as an interactive graph

    Drag nodes, inspect edges, and follow confidence-scored links.

  • Pin and connect real-world locations

    Cluster addresses and geolocations that share linked identifiers.

  • Confidence-scored connections

    See why two entities linked — shared attributes, not guesswork.

Capabilities

Built for serious OSINT work

From first identifier to court-ready brief — structure, connect, and share what your investigation finds.

Entity & relationship mapping

Model persons, orgs, accounts, devices, and locations as a connected graph. Spot clusters, bridges, and hidden links in seconds.

  • Confidence-scored edges (0–1)
  • IG → email → phone → address chains
  • Hub detection for pivotal entities
Case graph
Operation Northwind
5 entities · 4 edges
@jordan.hale
Person · hub
Instagram
profile
Email
j.hale@mail.io
Phone
+1 415 ··· 8842
Address
14 Oak Ave
0.91
Shared deviceEmail ↔ IGGeo cluster

Source aggregation, one canvas

Pull identifiers and open-source signals into a single workspace. Tag provenance so every node stays evidence-backed.

  • Social, WHOIS, leaks, public records
  • Per-source status & hit counts
  • Audit-friendly provenance trail
Source feed
Provenance timeline
4 sources active
I
Instagram profileLinked
@jordan.hale
12 attrs
E
Email enrichmentVerified
j.hale@mail.io
3 hits
D
Domain WHOISNew
relay-north[.]io
Registrar
B
Breach / leak feedMatched
credential pair
2 dumps

Watchlists & live monitoring

Track high-value targets and get alerted when new edges, aliases, or public mentions appear across your watches.

  • Alias & WHOIS change alerts
  • New edge / geo-pin notifications
  • Team-shared priority targets
Live watchlist
High-value targets
3 alerts
Alert@jordan.hale
New alias mention
Linked handle · trust 0.84
2m ago
Alertrelay-north[.]io
WHOIS change
Registrar transfer detected
18m ago
Alert+1 415 ··· 8842
Edge added
Phone ↔ address · map pin
1h ago

Export & reporting that travel

Ship investigator briefs and machine-readable graphs to counsel, SOC, or partners — without rebuilding the narrative.

  • PDF briefs for counsel
  • JSON / CSV for SOC tooling
  • Time-boxed share links
Case export
Northwind · share pack
Ready
PDF
PDF brief
2.4 MB

Counsel-ready narrative

JSON
JSON graph
GraphQL

Nodes + edges + scores

CSV
CSV entities
184 rows

Sheet for analysts

URL
Share link
Expires 7d

Read-only case view

Last exported by MayaDownload pack →

Workflows

For the way you work

OSINT adapts to analyst desks, fusion centers, and lean research teams — same graph core, different missions.

Investigations

Case graphs for law enforcement & private investigators

Threat Intelligence

Map actor infrastructure and campaign overlap

Due Diligence

Surface corporate, beneficial, and alias links fast

Fraud Detection

Cluster mule networks and reused identifiers

Research

Keep open-source notebooks visual and shareable

Trust

Security built around investigations

We design for operational reality: verified users, approved access, and clear ownership of every map you create.

01

Encryption in transit & at rest

TLS for every API call and encrypted storage for projects and auth credentials in transit to your database.

02

Role-based access control

Admin approval gates new accounts. Investigators only see their own projects; admins manage status without touching graphs.

03

Verified account lifecycle

Email verification plus admin activation keep unverified and pending users out of sensitive workspaces.

04

Audit-friendly events

Track logins, approvals, and critical account state changes so compliance and ops stay aligned.

05

Scoped project isolation

Graphs are owned by the creating user. Cross-user exposure requires explicit collaboration paths you control.

06

API token hygiene

Short-lived JWTs with server-side status checks — blocked accounts lose access immediately on the next request.

Voice of the field

Teams that map with OSINT

OSINT let us collapse three spreadsheets and a whiteboard into one living graph. Handoffs between analysts finally share the same picture.

Sara M.
Lead Analyst, Fusion Cell

Start mapping your next case

Spin up OSINT, invite your team after admin approval, and turn loose identifiers into a clear investigative graph.

No credit card required · Web & API access