Williama Heerleina Lindleya 16, 02-013 Warsaw
KRS: 0000973896 | NIP: 7011093842


Back to Top

Open Source Intelligence (OSINT)

OSINT (Open Source Intelligence), or open source intelligence, is the process of acquiring and analysing information from open sources, resulting in open source intelligence. OSINT encompasses the stages of planning, collection, processing, analysis and inference, and the distribution of collected knowledge to a specific recipient or group of recipients, according to defined needs. The importance of OSINT methods is not so much to provide information, but to use it in a way that will support the decision-making process or investigative procedure, providing a real basis for action.


Oryon Systems (formerly MIIS), as a leader in open source intelligence (OSINT) in Poland, offers basic and advanced training programmes tailored to the individual needs of its recipients. OSINT trainings provide practical skills necessary for effective implementation of investigative and analytical processes, as well as access to the best open source solutions and proven, proprietary OSINT methodology.


The advanced variant of OSINT training involves the use of a personalised Linux virtual machine – Oryon Env (Oryon Environment). OryonEnv is an operating system based on the Debian distribution. The system has been designed for open source intelligence (OSINT) specialists and people focused on identifying, preventing and combating cybercrime. A pre-installed set of ready-to-use programmes allows automating the processes of acquiring and analysing information from open sources. The system is equipped with privacy protection functions guaranteeing security while performing complex information operations on the network. Oryon has a configured access to Darknet networks (TOR, Freenet, ZeroNet, Lokinet) and the latest recognised version of the OSINT browser.

Oryon Systems P.S.A. is the exclusive trainer and distributor of OryonEnv and the methodology developed within the system.

For whom?

The training is aimed at those interested in improving their knowledge of open source intelligence (OSINT) and investigative techniques and methods to support the work of an analyst or investigator, including:

  • Law enforcement agencies
  • IT security professionals
  • Cyber threat specialists
  • Business and political intelligence
  • Information professionals
  • Journalists
  • Detectives
  • Law firms


Marcin Meller, author of training courses, including the first OSINT training course in Poland, experienced trainer and consultant in various areas of intelligence and security. He lectured on the Strategic Business Intelligence course at Kozminski University. His solutions and specialised training courses have gained recognition among experts and represent a proven methodology for information acquisition and analysis. He has a rich history of working with major public and private sector companies including:

  • Law enforcement agencies
  • Customs and Fiscal Offices National Tax Administration (KAS)
  • National School of Public Administration
  • Ministry of Finance Vocational Education Centre
  • Chief Sanitary Inspectorate
  • PwC Polska
  • mBank
  • Bank Zachodni WBK
  • Allegro Group
  • Kapsch Polska
  • and with others
Example modules
  1. OSINT 101 Introduction to the issue: Theoretical section, key assumptions of white intelligence (OSINT), applicability, strengths and weaknesses and predictions, including:
    1. Definition and concepts, related fields
    2. The intelligence cycle – models and applicatione
    3. Planning and organisation of tasks prior to the start of OSINT processes
  2. QueryTool -100+ selected tools for finding information on the Internet. Web search engines in a nutshell:
    1. Single search engines
    2. Metawyszukiwarki
    3. Meta-search engines
    4. Darknet (hidden internet) search engines
    5. Specialised search engines
    6. Search operators, including Google hacking (dorking)
  3. Przeglądarka internetowa Oryon OSINT Browser:
    1. Installation and configuration of the Oryon browser (Win, Linux)
    2. Personalisation and optimisation of the browser
    3. Demonstration and exercises of browser functions
  4. Acquisition and analysis of information on individuals (I2, Identity Intelligence) and companies:
    1. Preparation for collecting information from the Internet
    2. Public and commercial registers
    3. Identifying internet users by email addresses, username, phone number, etc.
    4. Social media – extracting information from social media platforms
    5. Searching for information in databases of leaked information on individuals and entities
    6. Searching for information in the resources of the deep web, the so-called Deep Web, the hidden internet, databases, repositories
    7. Searching for information on Darknet resources, e.g. TOR, Zeronet, Freenet, Lokinet
    8. Comprehensive personal profiling and creation of reports on a person or entity
  5. Metadata extraction and analysis of metadata from various file types
    1. Metadata in pdf, doc. xlsx. odt, txt, etc.
    2. Metadata in images (EXIF)
    3. Manipulation detection, error level analysis (ELA))
    4. Steganography detection in various file types
  6. Keyword-based internet monitoring – monitoring of news media, social networks, corporate and private websites
  7. Data breaches and information leaks – databases, search tools, data protection
  8. Deep Web – deep Internet resources: hidden Internet, databases, forums, repositories
  9. Darknet – hidden networks:
    1. TOR
    2. ZeroNet
    3. Freenet
    4. Lokinet
    5. I2P
  10. Internet of Things (IoT):
    1. Introduction and definition
    2. IoT search tools and methods
    3. Search automation using APIs (Linux)
  11. Encryption and steganography:
    1. Encryption and decryption of files
    2. Steganography and detection
    3. Tools and methods – best and latest solutions
  12. Conducting OSINT investigations using Maltego Classic:
    1. Installing Maltego and configuring plugins and API access for selected add-ons, e.g. Shodan, Pipl, etc.
    2. Presentation of functions and familiarisation with the programme interface
    3. Main analytical functions
    4. Entities
    5. Transformations
    6. Operations (transformations) on selected Entities
    7. Local transformations and installation of external scripts for OSINT investigations
    8. Export of data from Maltego
    9. Import of data into Maltego
  13. Enumeration – web domains, websites, infrastructure information
    1. Metadata
    2. Determination of ownership
    3. WHOIS search
    4. IP geolocation
    5. Reverse IP lookup
    6. Traceroute
    7. DNS queries
    8. DNS lookup)
    9. Reverse DNS Lookup
    10. ASN lookup
    11. Finding subdomains (host records)
    12. Finding shared DNS servers
    13. TCP port scan
    14. UDP port scanning
    15. Banner interception (search))
    16. HTTP headers
    17. Extraction of links and other media from web pages
    18. Determination of associated domains, IP addresses, websites
    19. Determination of links using tracking codes and inbound and outbound links
    20. Security vulnerability scanning
    21. Searching for information in leak databases
  14. OSINT automation: ORYON ENV (advanced level, Python, Go, Ruby scripts on Linux)
  15. GEOINT: Methods and tools (advanced level, by arrangement, Linux)
  16. SIGINT: Methods and tools (advanced level, by arrangement, Linux)
  17. Securing digital evidence and reporting