OSINTomains🕵️‍♂️🌐🔎

Table of Contents

1. Project Overview
2. Features
3. Installation
4. Usage
5. Output

Overview

OSINTomains is an Open Source Intelligence (OSINT) tool designed to gather a variety of information about a given domain. This tool performs comprehensive checks and generates an HTML report containing detailed insights about the domain.

Features

• SSL Certificate Information
• Carbon Footprint Analysis
• DNS Records
• WHOIS Information
• Web Application Firewall Detection
• HTTP Headers
• Nmap Port Scanning
• Quality Metrics
• Robots.txt Analysis
• Security Headers Check
• Server Location Information
• Sitemap Retrieval
• Social Media Tags
• Threat Analysis
• Technology Stack Detection

Screenshots

Installation

1. Clone the repository:

   git clone https://github.com/H4ckN3rd/OSINTomains.git
   cd OSINTomains

2. API Keys Setup

   Get API Keys

   • Obtain your Google API key Here.
   • Get your Cloudmersive API key Here.

   Configure Environment Variables

   To set up your API keys:

   1. In the root directory of your project, create a .env file if it doesn't exist.

   2. Add the following content to the .env file:

      CLOUDMERSIVE_API_KEY="YOUR_CLOUDMERSIVE_API_KEY"
      GOOGLE_CLOUD_API_KEY="YOUR_GOOGLE_CLOUD_API_KEY"

      Replace "YOUR_CLOUDMERSIVE_API_KEY" and "YOUR_GOOGLE_CLOUD_API_KEY" with the API keys you obtained in the previous step.

3. Install the required dependencies:

   pip3 install -r requirements.txt

4. Ensure the templates directory contains `report_template.html'

Usage

1. Before running the script, ensure that nmap is installed. If not, you can download and install it from nmap.org.

2. Run the main script:

   python .\main.py

3. Enter the domain when prompted:

   Enter the Domain: https://example.com

4. Upon completion, an HTML report will be generated in the root directory of the project. The report filename will be based on the domain (e.g., example_report.html).

Output

The output of the tool is an HTML report (domain_report.html), which includes:

• Domain Information: Basic details about the domain.
• IP Address: The resolved IP address of the domain.
• Server Location: Geographical location of the server.
• SSL Certificate Details: Information about the domain's SSL certificate.
• WHOIS Information: Ownership and registration details.
• DNS Records: Details of DNS records associated with the domain.
• HTTP Headers: HTTP headers returned by the domain's server.
• Social Media Tags: Open Graph and Twitter Card tags.
• Open Ports: Results from an Nmap scan of the domain's IP address.
• Carbon Footprint: Estimate of the domain's carbon footprint.
• Technology Stack: Technologies used by the domain.
• Quality Metrics: Various quality metrics of the domain.
• WAF Detection: Detection of any web application firewalls.
• Robots.txt Content: Content of the domain's robots.txt file.
• Security Headers: Security-related HTTP headers.
• Sitemap URLs: URLs listed in the domain's sitemap.
• Threat Analysis: Analysis of potential threats associated with the domain.