OSINT Swiss Army Knife in Go
Take a look at the develop branch for more updates.
gOSINT is a multiplatform OSINT Swiss army knife in Golang. If you want, feel free to contribute and/or leave a feedback!
Currently gOSINT
has different modules:
- git support for mail retriving (using github API, or plain clone and search)
- Search for mails, aliases and KeyID in PGP Server
- haveibeenpwned.com/ search for mail in databreach
- Retrieve Telegram Public Group Message History
- Search for mail address in source
- shodan.io search
- Subdomain enumeration using crt.sh
- Given a phone number, can retrieve the owner name
- Search for password relatives to email address :P
- Reverse Whois given Email Address or Name
A complete features list and roadmap is available under Projects Tab
gOSINT currently depends from tesseract-ocr so you need to install on your system tesseract-ocr
, libtesseract-dev
and libleptonica-dev
You can install gOSINT
using go get
with a simple
go get github.com/Nhoya/gOSINT/cmd/gosint
Check the AppVeyor Build page for builds
Build gOSINT on linux is really easy, you just need to install dep, clone the repository and make
and make install
If you have make
installed you can follow the Linux instructions (and skip make install
) otherwise be sure to have dep installed, clone the directory and run
dep ensure
go build cmd/gosint.go
gOSINT currently supports container only for the rolling release, after the 1.0.0 release we will start working on a versioned Dockerfile. If you want to try it out:
mkdir gOSINT
wget https://raw.githubusercontent.com/Nhoya/gOSINT/develop/build/package/Dockerfile
docker build gosint .
docker run gosint bash
usage: gOSINT [<flags>] <command> [<args> ...]
An Open Source INTelligence Swiss Army Knife
Flags:
--help Show context-sensitive help (also try --help-long and --help-man).
--json Enable JSON Output
--debug Enable Debug Output
--version Show application version.
--verify Verify URL Status Code
Args:
<url> Domain URL
Commands:
help [<command>...]
Show help.
git [<flags>] <url>
Get Emails and Usernames from repositories
--method=[clone|gh] Specify the API to use or plain clone
--recursive Search for each repository of the user
pwd [<flags>] <mail>...
Check dumps for Email address using haveibeenpwned.com
--get-passwords Search passwords for mail
pgp <mail>...
Get Emails, KeyID and Aliases from PGP Keyring
shodan [<flags>] <host>...
Get info on host using shodan.io
--new-scan Schedule a new shodan scan (1 Shodan Credit will be deducted)
--honeypot Get honeypot probability
shodan-query <query>
Send a query to shodan.io
axfr [<flags>] <url>...
Subdomain enumeration using crt.sh
--verify Verify URL Status Code
pni <number>...
Retrieve info about a give phone number
telegram [<flags>] <group>
Telegram public groups and channels scraper
--start=START Start message #
--end=END End message #
--grace=15 The number of messages that will be considered deleted before the scraper stops
--dump Creates and resume messages from dumpfile
rev-whois <target>
Find domains for name or email address
The default configuration file is in $HOME/.config/gosint.toml
for linux environment and ./config/toml
for windows env
You can place it in different paths, load prioriy is:
.
./config/ or $HOME/.config/
/etc/gosint/
If some API Keys are missing insert it there