Cybersecurity Lab
Netflix OSINT Reconnaissance
An OSINT report practice exercise focused on public information gathering, scope discipline, and responsible documentation.
Completed2026Beginner
Objective
Learn how to collect public information responsibly and avoid intrusive activity during reconnaissance practice.
Tools Used
WHOISDNS lookupSearch operatorsPublic sources
Steps Performed
- Defined a public-information-only scope.
- Reviewed domain, DNS, and public web signals.
- Collected notes from open sources without authentication or intrusive scanning.
- Grouped observations into business, infrastructure, and security-relevant context.
Key Findings
- OSINT requires strict scope control.
- Public information can reveal useful context without touching private systems.
- Good OSINT reports clearly separate facts from assumptions.
Screenshots
Public domain lookup
DNS summary
OSINT report outline
Lessons Learned
- Reconnaissance can be ethical, passive, and well documented.
- A report should avoid overstating conclusions from public data.
Future Improvements
- Add a source reliability rating.
- Build a reusable OSINT report checklist.
References
- OWASP Amass documentation
- OSINT Framework