Unmasking Digital Identities: The OSINT Investigator’s Guide to People Search Engines and Data Aggregation + Video

By /

Listen to this Post

Featured Image

Introduction:

In the world of Open-Source Intelligence (OSINT), the ability to quickly pivot from a single data point—a name, a phone number, or an email—to a comprehensive profile is a core competency. Platforms like “That’s Them” have emerged as powerful, free-to-use people search engines that aggregate billions of public records, offering investigators a shortcut through the fragmented landscape of government and commercial databases. This article explores the technical underpinnings of such tools, how to integrate them into a professional OSINT workflow, and the crucial steps for automating, verifying, and ethically managing the data they unearth.

Learning Objectives:

  • Understand the data aggregation architecture and sources behind modern people-search engines like That’s Them.
  • Master the practical steps for conducting effective reverse lookups and data enrichment using these platforms.
  • Learn to automate OSINT workflows using APIs, Python scripts, and complementary toolkits for enhanced investigative efficiency.

You Should Know:

  1. The Data Aggregation Engine: How That’s Them Works
    That’s Them positions itself as a “living consumer database,” boasting a staggering 2.2 billion people records, 1.7 billion emails, and 1 billion phone numbers. It achieves this scale by continuously pulling and linking data from over 50 different public and commercial sources. These include property records, business registrations, court filings, social media profiles, and marketing databases. The core technical challenge for such platforms is data normalization and entity resolution—the process of connecting disparate records to a single individual in real-time. This involves sophisticated algorithms to match names, aliases, current and historical addresses, and associated phone numbers and emails into a unified profile. For the investigator, this means a single search can yield a rich tapestry of information, but it’s critical to treat every result as an investigative lead rather than confirmed intelligence, as data can be outdated or produce false positives, especially for common names.

Step‑by‑step guide: Manual Search on That’s Them

  1. Navigate to the Tool: Access the tool directly via the OSINT Newsletter’s curated link (https://tools.osintnewsletter.com/osint-tools/thats-them) or the main site.
  2. Choose Your Strongest Identifier: Begin with the most specific data point you have—a full name combined with a city/state is more effective than a name alone.
  3. Input and Search: Enter the identifier (name, phone number, email, or physical address) into the search field.
  4. Review the Returned Records: Analyze the compiled profile, which may include:

– Current and Historical Addresses: Establish a location timeline.
– Associated Phone Numbers and Emails: Expand your contact network.
– Relatives and Associates: Map household or familial relationships.
5. Verify and Enrich: Use the findings as a pivot point for further research. Cross-reference the discovered phone numbers or email addresses with social media platforms, property records, or company registries.

  1. Automating OSINT with the Apify API and Blaster
    For investigators handling multiple targets, manual searches are inefficient. The “Skip Trace People Search” tool on Apify provides a programmatic solution that queries That’s Them, Radaris, and Spokeo simultaneously, deduplicating and merging results into a clean, structured record. This API can be integrated into larger workflows to automate lead generation for skip tracing, background checks, or sales enrichment. Similarly, the open-source tool “Blaster” offers a lightweight Python script that automates data gathering from That’s Them alongside WhatsApp and Numverify. These automation tools enable batch processing and ensure consistent data retrieval, which is essential for large-scale investigations.

Step‑by‑step guide: Automating a People Search via API

  1. Choose Your Platform: For a robust solution, navigate to the Apify “Skip Trace People Search” actor page.
  2. Prepare Your Input: Structure your query as a JSON object. For a name search, specify `searchType` as “name” and provide firstName, lastName, and optionally `state` and city. For batch processing, use a `queries` array. 
    {
"searchType": "name",
"queries": [
{ "firstName": "John", "lastName": "Smith", "state": "CA" }
]
}
  3. Execute the Search: Run the actor via the Apify platform or its API. The system will query the three sources in parallel.
  4. Parse the Output: The API returns a structured JSON object containing fields like fullName, aliases, currentAddress, phoneNumbers, emailAddresses, and relatives.
  5. Integrate into Your Workflow: Use the JSON output to automatically populate a CRM, update a case management system, or feed into further OSINT analysis tools.

  6. Implementing an OSINT Toolkit in Your Browser and Locally
    A modern OSINT investigator’s workflow extends beyond a single people-search engine. Dedicated toolkits can transform your browser into a powerful intelligence workstation. For instance, the IntelHub browser extension integrates various OSINT capabilities directly into your browser interface. For a more comprehensive, self-hosted solution, projects like the “OSINT Toolkit” can be run locally using Docker, consolidating various security tools into a single environment. These toolkits streamline everyday tasks and provide a unified interface for managing complex investigations, from domain intelligence to dark web monitoring.

Step‑by‑step guide: Setting Up a Local OSINT Workbench

  1. Choose Your Toolkit: Select a self-hostable option like the OSINT Toolkit found on GitHub or the OSINT-BIBLE for a comprehensive reference.
  2. Install Using Docker: For containerized tools, ensure Docker is installed on your system. Clone the repository and run `docker-compose up` to deploy the environment.
  3. Configure and Explore: Access the web interface (often at localhost:8000) and explore the integrated modules. These may include tools for social media intelligence (SOCMINT), geospatial intelligence (GEOINT), and network reconnaissance.
  4. Utilize AI-Assisted Features: Some modern OSINT workbenches incorporate AI agents (like OpenOSINT) that can automate data collection and analysis using tested prompts, reducing manual effort.

4. Cross-Platform Verification Techniques

Data from a single source like That’s Them should never be taken at face value. Best practice involves cross-referencing discovered information across multiple platforms and tools. This can include using specialized search engines like Shodan for IoT device discovery, the Wayback Machine for historical web data, or Pipl for people search. Furthermore, integrating command-line tools for data parsing and enrichment is a hallmark of a skilled investigator. For instance, using grep, awk, and `sed` on Linux can filter and clean large datasets, while Windows PowerShell can be used for similar tasks.

Step‑by‑step guide: Command-Line Data Enrichment (Linux)

  1. Export Data: Save the JSON output from an API search to a file, e.g., profile.json.
  2. Extract Email Addresses: Use `jq` to parse the JSON and extract all email addresses. 
    jq '.emailAddresses[]' profile.json
  3. Check Against Breach Databases: Use a tool like `hibp-check` to see if the email has been involved in a data breach (requires Have I Been Pwned API key). 
    hibp-check -e [email protected]
  4. Perform WHOIS Lookup: For domains associated with an email address, perform a WHOIS lookup. 
    whois example.com
  5. Verify Social Media Presence: Use automated tools like Sherlock or Maigret to check for account existence across hundreds of platforms. 
    sherlock username

5. Ethical Considerations and Privacy

The power of OSINT tools comes with significant responsibility. The fact that information is publicly accessible does not make its use ethical or legal in all contexts. Investigators must be aware of privacy laws like the GDPR in Europe or the CCPA in California, which govern the collection and use of personal data. Furthermore, the ownership of databases like That’s Them is often opaque, with domain registrations privacy-protected and corporate ownership undisclosed. Investigators should use these tools to verify information relevant to a legitimate investigation (journalism, law enforcement, fraud detection) and avoid practices like stalking, harassment, or unauthorized surveillance. Always consider the potential for harm and adhere to a strict code of conduct.

What Undercode Say:

  • Key Takeaway 1: That’s Them is an exceptional starting point for US-based people investigations, offering a vast aggregation of public records that would otherwise take hours to compile manually. However, its primary value lies in lead generation, not as a final source of truth.
  • Key Takeaway 2: Automation is the future of OSINT. Leveraging APIs like the one on Apify and scripting tools like Blaster is essential for efficiency, allowing investigators to handle large volumes of data and pivot quickly between different intelligence sources.

Prediction:

  • +1 The integration of AI agents (like OpenOSINT) into OSINT workflows will dramatically reduce the time needed to analyze and correlate data from multiple sources, making advanced intelligence gathering accessible to a wider range of professionals.
  • +1 As public awareness of data brokers grows, we can expect a surge in demand for tools and services that help individuals “opt-out” and manage their digital footprints, creating a new niche in the privacy and cybersecurity market.
  • -1 The lack of transparency and the “always-on” data aggregation of platforms like That’s Them will continue to fuel privacy concerns and may lead to stricter regulations, potentially limiting the free access that currently makes these tools so powerful.

▶️ Related Video (80% Match):

🎯Let’s Practice For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

IT/Security Reporter URL:

Reported By: Thats Them – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeTesting & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky

Related Posts: