OSINT (Open-Source Intelligence) refers to the systematic collection and analysis of information from publicly available sources. These include websites, social media, public registries, DNS records, job postings, and technical metadata. Attackers use OSINT during the reconnaissance phase to identify attack surfaces (e.g., deployed technologies, email addresses, org charts). You can also use OSINT defensively: regular checks on what information about your organization is publicly accessible help you reduce the attack surface. Tools like Shodan, theHarvester, or Maltego support OSINT research.