Skills

osint-methodology

Installation
SKILL.md

OSINT Methodology — External Red-Team Edition

0. When to use this skill / When NOT

Use this skill when:

  • Planning or executing external reconnaissance against an authorized target (red team, bug bounty in-scope, ASM engagement).
  • Mapping an organization's external attack surface end-to-end (subdomains → assets → exposure → attack paths).
  • Investigating a person, entity, or threat actor where evidence discipline matters.
  • Tracing cryptocurrency flows, geolocating media, performing image/video forensics, or chronolocating events.
  • Building a structured OSINT campaign that needs reproducibility, severity grading, and clean handoffs.
  • Producing client-facing deliverables (exec summaries, technical reports, reproduction packages) from offensive engagements.

Do NOT use this skill when:

  • The user is asking for active exploitation, post-exploitation, lateral movement, AD privilege escalation, malware development, or anything beyond reconnaissance — those are out of scope.
  • The user is asking for blue-team / defensive content (SIEM rules, detection engineering) — different domain.
  • The target's authorization is unclear and the user is asking you to act against a third-party asset they don't own — see §1 below; gently surface the scope question before proceeding.
Installs
33
Repository
elementalsouls/…ughunter
GitHub Stars
2.6K
First Seen
May 24, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykFail
osint-methodology — elementalsouls/claude-bughunter