Editorial OSINT Guide

Best OSINT Tools for Journalists

A newsroom-ready OSINT guide for verifying claims, preserving sources, checking companies, investigating domains, and avoiding false certainty.

Journalism Verification Archives

Verify before amplifying

Tool hits should support a narrower conclusion, not replace newsroom judgment.

Preserve sources

Capture pages, posts, and files early so the evidence trail survives edits and deletions.

No paid ranking

Commercial context never decides the order or framing of these recommendations.

Quick answer

Start with the evidence, not the tool.

The strongest OSINT workflow for journalists is not a giant bookmark list. It is a sequence: preserve the original source, identify the evidence type, run the smallest useful checks, then write a narrow conclusion that can be defended later.

For images or video: start with InVID, TinEye, ExifTool, Google Earth, SunCalc, and satellite context.
For web claims: preserve with Wayback Machine, archive.today, Perma.cc, or Hunchly before pages change.
For companies and networks: combine registry sources, Aleph, OpenSanctions, LittleSis, and direct filings.
For domains: use urlscan.io, SecurityTrails, crt.sh, WHOIS checks, and archived pages as separate evidence layers.

Recommended newsroom stack

Visual claims

InVID Verification Toolkit + TinEye

Use these first when a photo or short video may be old, reused, clipped, or attached to the wrong event. Keyframes and reverse matches are leads; they do not prove origin by themselves.

Best for: reuse checks, keyframe extraction, first-pass visual triage

Preservation

Wayback Machine, archive.today, Perma.cc

Use before contacting a subject or publishing. Pages, captions, prices, bios, job posts, and product claims can disappear once attention arrives.

Best for: source trail, editorial review, legal defensibility

Entities

OpenCorporates, Aleph, OpenSanctions

Useful for turning names, companies, officers, addresses, sanctions mentions, and leaked-public-record leads into a research map. Always check jurisdiction and source date.

Best for: company identity, networks, sanctions context

Infrastructure

urlscan.io, SecurityTrails, crt.sh

Use when a story starts with a website, suspicious landing page, email domain, or public claim hosted on a changing domain.

Best for: redirects, certificates, DNS history, web footprint

How to choose under deadline pressure

If the claim is visual

Preserve the post, extract frames, reverse-search key images, test location clues, then separate what is confirmed from what is only plausible.

If the claim is about a person or company

Confirm exact names and jurisdictions first. A matching name is not enough. Look for registration numbers, role labels, dates, direct filings, and independent records.

If the claim is about a website

Capture the page, check archives, look at redirects, certificates, DNS, and public scans. Treat infrastructure overlap as a lead, not attribution.

If the claim is already viral

Use Google Fact Check Explorer, GDELT, and Media Cloud to understand who has repeated it, but still verify the original evidence yourself.

Editorial caveat

A tool result is not a publishable conclusion. Good newsroom OSINT says exactly what was checked, what the result showed, what it did not show, and what remains unresolved. Avoid exposing private people just because a tool found personal data.

A defensible OSINT note should include

The original URL, file, post, or source name.
The timestamp of the check and the tool used.
The exact query or input, if safe to record.
The narrow finding, without stronger wording than the evidence supports.
The next verification task or independent source needed.

Where to go next

For a curated stack, open Best OSINT Tools for Journalists. For visual claims, use Verify an Image or Short Video. For broader discovery, use the OSINT tools directory.