In the context of investigations and forensics, “open source intelligence” is information collected from publicly available sources, such as newspapers and the internet. In a commercial forensics environment you may be asked to work out who is behind a certain anonymous identity; for example they might be posting secret company information on a blog or defaming the company’s reputation on a website forum. There are lots of free ways to help figure out people’s identities or gather more information about them.

1. Profile pictures. If the user has uploaded an image, use a reverse image search to see if they have used that image elsewhere. The best tools for this are TinEye and Google Reverse Image (Click on the blue camera in the search box). Perhaps a FaceBook or Twitter account will pop up.

2. Usernames. Pipl is by far the best username lookup tool; I would go as far as to say it’s the Google of the people searches. If you have extra information such as the location of the user (even in broad terms such as country), Pipl can narrow it down further. People tend to reuse the same usernames for different social media websites, so Pipl will be able to link up the users FaceBook, Twitter, Flickr, MySpace etc accounts. Googling the username can also reveal old blogs and forums the person has written on. Toddington also has a great set of tools such as specific search engines and data miners for open source intelligence.

3. Names and addresses. 192.com offers address and electoral role lookups – but it comes at a small price. Pipl might be able to help with this too, and Google’s often not a bad starting point. If the user is using Twitter or Flickr, then use a great free (Python!) tool called cree.py, which maps all the users tweets and Flickr posts on a Google map. Click here for a screenshot of my locations via cree.py.

4. Context. Sometimes users post information that they feel is not personally identifiable because they are anonymous; but you may be able to piece more bits of information together once you have a few links. For example they might reveal holiday dates or the type of job they do which you can link in with company data.

5. Personal websites. Many people have their own websites, and they may have registered their own domain name. You can opt to keep this private, but by default your name and home address is shown in the domain registry, which can be looked up easily with WHOIS (look under 'Registrant Information').

If the searches are providing lots of different leads and information, a great free tool called Maltego can help map all the information for you. I recommend using the tools above to search for yourself. However, do this on a clean build of your machine or in a VM. Google (even if you don’t have a Google account) tracks your searches and personalises them to you, so you will not find an accurate representation of the results someone else gets when they search for you unless you start from scratch.