Safety & Research Standards

Good OSINT work is lawful, proportionate, documented, and careful about harm.

Core Rules

• Define scope before collecting data.
• Prefer passive public-source methods unless active testing is authorized.
• Keep evidence separate from speculation.
• Do not expose private people to unnecessary risk.
• Do not handle live malware outside isolated training environments.
• Do not store plaintext leaked credentials.

Breach Data

Use reputable breach-notification services and hashed lookup models. The platform should support awareness and remediation, not access to credential dumps.

Dark Web Research

Dark web research requires isolation, clear purpose, and careful legal review. Users should not purchase contraband, interact with criminal marketplaces, or identify private individuals without lawful basis.

Malware Learning

Begin with public sandbox reports, packet captures, logs, and training labs. Do not download or execute unknown samples on personal or production devices.