Code Monkey home page Code Monkey logo

gosint's Introduction

gOSINT Build Status Build status GitHub stars GitHub forks Twitter Go Report Card Codacy Badge

OSINT framework in Go

Take a look at the develop branch for more updates.

Introduction

gOSINT is a multiplatform OSINT Swiss army knife in Golang. If you want, feel free to contribute and/or leave a feedback!

Like my project? Please consider donation :)

Paypal Badge BTC Badge Monero Badge Ethereum Badge

What gOSINT can do

  • Find mails from git repository
  • Find Dumps for mail address
  • Search for mail address linked to domain/mail address in PGP keyring
  • Search for mail address in source code
  • Retrieve Telegram Public Groups History
  • Retrieve info about hosts via shodan scan

Building on Linux

You can use the building script, just clone the directory and execute it

git clone https://github.com/Nhoya/gOSINT
./build.sh

The package will be installed in /usr/local/bin

You can then call gOSINT from command line

$ gOSINT --help

Manual Building on Linux

Dependecies

Before building gOSINT manually you need to solve the dependencies:

go get "github.com/deckarep/golang-set"
go get "github.com/nhoya/goPwned"
go get "github.com/jessevdk/go-flags"
go get "gopkg.in/src-d/go-git.v4"
go get "github.com/jaytaylor/html2text"
go get "gopkg.in/ns3777k/go-shodan.v2/shodan"

git clone https://github.com/Nhoya/gOSINT && cd gOSINT && go build

Binaries for Windows

Check the AppVeyor Build page for builds

Modules

Currently gOSINT has different modules:

  • git support for mail retriving (using github API, bitbucket API or RAW clone and search)
  • Search for mails in PGP Server
  • https://haveibeenpwned.com/ search for mail in databreach
  • Retrieve Telegram Public Group Messages
  • Search for mail address in source
  • https://shodan.io search
  • Social Media search
  • Search Engine search

Usage

Usage:
  gOSINT [OPTIONS]

Application Options:
  -m, --module=[pgp|pwnd|git|plainSearch|telegram|shodan] Specify module
  -v, --version                                           Print version
      --url=                                              Specify target URL
      --gitAPI=[github|bitbucket]                         Specify git website API to use (for git module,optional)
  -c, --clone                                             Enable clone function for plainSearch module (need to specify repo URL)
      --mail=                                             Specify mail target (for pgp and pwnd module)
      --grace=                                            Specify telegram messages grace period (default: 15)
  -g, --tgroup=                                           Specify Telegram group/channel name
  -s, --tgstart=                                          Specify first message to scrape
  -e, --tgend=                                            Specify last message to scrape
      --dumpfile                                          Create and resume messages from dumpfile
      --ask-confirmation                                  Ask confirmation before adding mail to set (for plainSearch module)
  -p, --path=                                             Specify target path (for plainSearch module)
  -t, --target=                                           Specify shodan target host
      --newscan                                           Ask shodan for a new scan (-1 Scan credit)
      --honeypot                                          Check Honeypot probability
  -f, --full                                              Make deep search using linked modules

Help Options:
  -h, --help                                              Show this help message

Configuration file

The configuration file is in $HOME/.config/gOSINT.conf

If some API Keys are missing insert it there

PGP module Demo

asciicast

Pwnd module Demo

asciicast

Telegram Crawler Demo

asciicast

Shodan module Demo

asciicast

Examples

Currently gOSINT supports the following actions:

gOSINT -m git --url=[RepoURL] --gitAPI [github|bitbucket] (optional)

retrieve mail from git commits

gOSINT -m git --url [RepoURL] --gitAPI [github|bitbucket] (optional) -f

pass the result to pgp search and pwnd module

gOSINT -m pwnd --mail [targetMail]

search for breaches where targetMail is preset

gOSINT -m pgp --mail [targetMail]

search for others mail in PGP Server

gOSINT -m pgp --mail [targetMail] -f

pass the result to haveibeenpwn module

gOSINT -m sourceSerch --path [targetDirectory]

search for mails in source code (recursively)

gOSINT -m sourceSearh --path [targetDirectory] --ask-confirmation

ask confirmation before adding mail to search results

gOSINT -m sourceSearch --path [targetDirectory] -f

pass the result to pgp search and haveibeenpwnd modules

gOSINT -m sourceSearch --clone --url [targetRepository]

clone and search mail in repository source

gOSINT -m sourceSearch --clone --url [targetRepository] -f

pass the resoult to pgp search and haveibeenpwnd modules

gOSINT -m sourceSearch --clone --url [targetRepository] --ask-confirmation

ask confirmation before adding mail to search results

gOSINT -m telegram --tgroup | -g [PublicGroupName]

retrieve message history for telegram public group

gOSINT -m telegram --tgroup | -g [PublicGroupName] --dumpfile

the output will be stored in a file, if the file is already populated it will resume from the last ID

gOSINT -m telegram --tgroup | -g [PublicGroupName] --dumpfile -s [masageID] -e [messageID]

Set start and end messages for scraping

gOSINT -m shodan -t [HOST IP]

Get Shodan services report for Host

gOSINT -m shodan -t [HOST IP] --honeypot

Start Shodan service report for host and honeypot probability

gOSINT -m shodan -t [HOST IP] --newscan

Send request for new shodan scan (1 scan credit will be removed)

gosint's People

Contributors

nhoya avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.