In this video, Mishaal Khan walks through real-world OSINT techniques that show how anyone can be found online using free, publicly available tools. David is joined by Mishaal who demonstrates how to go from basic Google searches to advanced data extraction using license plates, phone numbers, email addresses, and usernames. He covers tools and methods that range from simple people search websites to advanced techniques using breach data, APIs, metadata extraction, and more.

Topics covered include:

• Google Dorking and advanced search engines (Yandex, DuckDuckGo, Bing)
• People and phone number search tools (FastPeopleSearch, Sync.Me, TrueCaller)
• Social media enumeration (WhatsMyName.app, Maigret, Holehe)
• Image and location analysis (Google Street View, GeoINT, Wigle.net)
• Historical Whois and DNS lookups (Whoxy, WebTechSurvey)
• Vehicle and VIN lookup via Carvana, O’Reilly Auto, Turo, and government APIs
• OSINT through metadata in Google Docs and social media profiles
• Automation with tools like Burp Suite, Caido, and Postman
• Breach data investigation using HaveIBeenPwned and offline breach dumps
• Real-world examples including voter databases, hotel Wi-Fi systems, and email profiling

This is a detailed, scenario-driven walkthrough of how OSINT is used in real investigations, not just theory. The video also touches on operational security (OpSec) and the limits of privacy in a world where so much personal data is available to anyone who knows where to look.