gOSINT

OSINT Swiss Army Knife in Go

Take a look at the develop branch for more updates.

Introduction

gOSINT is a multiplatform OSINT Swiss army knife in Golang. If you want, feel free to contribute and/or leave a feedback!

Like my project? Please consider donation :)

What gOSINT can do

Currently gOSINT has different modules:

• git support for mail retriving (using github API, or plain clone and search)
• Search for mails, aliases and KeyID in PGP Server
• haveibeenpwned.com/ search for mail in databreach
• Retrieve Telegram Public Group Message History
• Search for mail address in source
• shodan.io search
• Subdomain enumeration using crt.sh
• Given a phone number, can retrieve the owner name
• Search for password relatives to email address :P
• Reverse Whois given Email Address or Name

A complete features list and roadmap is available under Projects Tab

Installation

Dependencies

gOSINT currently depends from tesseract-ocr so you need to install on your system tesseract-ocr, libtesseract-dev and libleptonica-dev

Install on a go-dependent way (is the easier and faster way)

You can install gOSINT using go get with a simple

go get github.com/Nhoya/gOSINT/cmd/gosint

Install On Windows

Check the AppVeyor Build page for builds

Manual Building

Building On Linux

Build gOSINT on linux is really easy, you just need to install dep, clone the repository and make and make install

Building On Windows

If you have make installed you can follow the Linux instructions (and skip make install) otherwise be sure to have dep installed, clone the directory and run

dep ensure
go build cmd/gosint.go

Running on Docker

gOSINT currently supports container only for the rolling release, after the 1.0.0 release we will start working on a versioned Dockerfile. If you want to try it out:

mkdir gOSINT
wget https://raw.githubusercontent.com/Nhoya/gOSINT/develop/build/package/Dockerfile
docker build gosint .
docker run gosint bash

Usage

usage: gOSINT [<flags>] <command> [<args> ...]

An Open Source INTelligence Swiss Army Knife

Flags:
  --help     Show context-sensitive help (also try --help-long and --help-man).
  --json     Enable JSON Output
  --debug    Enable Debug Output
  --version  Show application version.
  --verify   Verify URL Status Code

Args:
  <url>  Domain URL

Commands:
  help [<command>...]
    Show help.


  git [<flags>] <url>
    Get Emails and Usernames from repositories

    --method=[clone|gh]  Specify the API to use or plain clone
    --recursive          Search for each repository of the user

  pwd [<flags>] <mail>...
    Check dumps for Email address using haveibeenpwned.com

    --get-passwords  Search passwords for mail

  pgp <mail>...
    Get Emails, KeyID and Aliases from PGP Keyring


  shodan [<flags>] <host>...
    Get info on host using shodan.io

    --new-scan  Schedule a new shodan scan (1 Shodan Credit will be deducted)
    --honeypot  Get honeypot probability

  shodan-query <query>
    Send a query to shodan.io


  axfr [<flags>] <url>...
    Subdomain enumeration using crt.sh

    --verify  Verify URL Status Code

  pni <number>...
    Retrieve info about a give phone number


  telegram [<flags>] <group>
    Telegram public groups and channels scraper

    --start=START  Start message #
    --end=END      End message #
    --grace=15     The number of messages that will be considered deleted before the scraper stops
    --dump         Creates and resume messages from dumpfile

  rev-whois <target>
    Find domains for name or email address

Configuration file

The default configuration file is in $HOME/.config/gosint.toml for linux environment and ./config/toml for windows env

You can place it in different paths, load prioriy is:

• .
• ./config/ or $HOME/.config/
• /etc/gosint/

If some API Keys are missing insert it there

PGP module Demo (OUTDATED)

Pwnd module Demo (OUTDATED)

Telegram Crawler Demo (OUTDATED)

Shodan module Demo (OUTDATED)