skip to content

$ cat ./osint

Two sides of the same craft: finding what people leave online, and making sure the right people leave less of it. Investigative OSINT and attribution on one side; OPSEC and privacy hardening on the other. Method first, ethics non-negotiable.

# what I do

  • OSINT & attribution

    Incident attribution, adversary deanonymization, corporate and personal due diligence, pre-employment screening. Multi-source: social, infrastructure, forums, breach data, image and geolocation.

  • OPSEC & privacy hardening

    Proactive footprint reduction for executives, founders, and at-risk individuals. Threat modeling, data-broker removal, account and device hygiene, public-record sanitization. The defensive mirror of attribution.

  • Exposure response

    Reactive work after a leak, doxx, or targeted harassment: what's out there, how it spreads, what to pull first, how to lock down the path that was used.

  • Drone-assisted recon

    Aerial ground-truth when online OSINT needs verification — perimeter and terrain documentation, geolocation confirmation, signal mapping. Compliant flying, ROE per operation, zero interference with third-party systems.

# method

  • Multi-source collection — never a single point of truth.
  • Confidence level stated per finding. No claim travels without its evidence.
  • Chain of evidence preserved — sources, timestamps, captures.
  • Graph the relationships; pivot on username, email, phone, image, infrastructure.
  • Documentation a third party can follow and reproduce.

# ethics & legality

OSINT without ethics is stalking. The line is law, ROE, and consent — and it doesn't move. The same skill set that attributes an incident can be abused to hunt a person; the difference is who asked, why, and under what authority. Investigative work runs under contract and NDA, licensed under Polish detective-services law.

what I won't do
  • No stalking, no domestic-dispute snooping, no "check on my partner".
  • No deanonymization for clout, harassment, or retaliation.
  • No work without ROE, contract, and verification of who you are and why.
  • Nothing that crosses the line drawn by law or by the engagement terms.

# tooling

The stack and playbooks I build in public — osint.bersec.me . Methods public, specifics private: I explain the approach openly and keep client data and specific TTPs on the OPSEC side.

Investigation, attribution, or a privacy problem you can't put on a slide? Email contact@bersec.me. PGP and Signal on request; sensitive material → /pgp .