Awesome
gOSINT
OSINT framework in Go
Take a look at the develop branch for more updates.
Introduction
gOSINT is a multiplatform OSINT Swiss army knife in Golang. If you want, feel free to contribute and/or leave a feedback!
Like my project? Please consider donation :)
What gOSINT can do
- Find mails from git repository
- Find Dumps for mail address
- Search for mail address linked to domain/mail address in PGP keyring
- Search for mail address in source code
- Retrieve Telegram Public Groups History
- Retrieve info about hosts via shodan scan
Building on Linux
You can use the building script, just clone the directory and execute it
git clone https://github.com/Nhoya/gOSINT
./build.sh
The package will be installed in /usr/local/bin
You can then call gOSINT
from command line
$ gOSINT --help
Manual Building on Linux
Dependecies
Before building gOSINT
manually you need to solve the dependencies:
go get "github.com/deckarep/golang-set"
go get "github.com/nhoya/goPwned"
go get "github.com/jessevdk/go-flags"
go get "gopkg.in/src-d/go-git.v4"
go get "github.com/jaytaylor/html2text"
go get "gopkg.in/ns3777k/go-shodan.v2/shodan"
git clone https://github.com/Nhoya/gOSINT && cd gOSINT && go build
Binaries for Windows
Check the AppVeyor Build page for builds
Modules
Currently gOSINT
has different modules:
- git support for mail retriving (using github API, bitbucket API or RAW clone and search)
- Search for mails in PGP Server
- https://haveibeenpwned.com/ search for mail in databreach
- Retrieve Telegram Public Group Messages
- Search for mail address in source
- https://shodan.io search
- Social Media search
- Search Engine search
Usage
Usage:
gOSINT [OPTIONS]
Application Options:
-m, --module=[pgp|pwnd|git|plainSearch|telegram|shodan] Specify module
-v, --version Print version
--url= Specify target URL
--gitAPI=[github|bitbucket] Specify git website API to use (for git module,optional)
-c, --clone Enable clone function for plainSearch module (need to specify repo URL)
--mail= Specify mail target (for pgp and pwnd module)
--grace= Specify telegram messages grace period (default: 15)
-g, --tgroup= Specify Telegram group/channel name
-s, --tgstart= Specify first message to scrape
-e, --tgend= Specify last message to scrape
--dumpfile Create and resume messages from dumpfile
--ask-confirmation Ask confirmation before adding mail to set (for plainSearch module)
-p, --path= Specify target path (for plainSearch module)
-t, --target= Specify shodan target host
--newscan Ask shodan for a new scan (-1 Scan credit)
--honeypot Check Honeypot probability
-f, --full Make deep search using linked modules
Help Options:
-h, --help Show this help message
Configuration file
The configuration file is in $HOME/.config/gOSINT.conf
If some API Keys are missing insert it there
PGP module Demo
Pwnd module Demo
Telegram Crawler Demo
Shodan module Demo
Examples
Currently gOSINT
supports the following actions:
gOSINT -m git --url=[RepoURL] --gitAPI [github|bitbucket] (optional)
retrieve mail from git commits
gOSINT -m git --url [RepoURL] --gitAPI [github|bitbucket] (optional) -f
pass the result to pgp search and pwnd module
gOSINT -m pwnd --mail [targetMail]
search for breaches where targetMail is preset
gOSINT -m pgp --mail [targetMail]
search for others mail in PGP Server
gOSINT -m pgp --mail [targetMail] -f
pass the result to haveibeenpwn module
gOSINT -m sourceSerch --path [targetDirectory]
search for mails in source code (recursively)
gOSINT -m sourceSearh --path [targetDirectory] --ask-confirmation
ask confirmation before adding mail to search results
gOSINT -m sourceSearch --path [targetDirectory] -f
pass the result to pgp search and haveibeenpwnd modules
gOSINT -m sourceSearch --clone --url [targetRepository]
clone and search mail in repository source
gOSINT -m sourceSearch --clone --url [targetRepository] -f
pass the resoult to pgp search and haveibeenpwnd modules
gOSINT -m sourceSearch --clone --url [targetRepository] --ask-confirmation
ask confirmation before adding mail to search results
gOSINT -m telegram --tgroup | -g [PublicGroupName]
retrieve message history for telegram public group
gOSINT -m telegram --tgroup | -g [PublicGroupName] --dumpfile
the output will be stored in a file, if the file is already populated it will resume from the last ID
gOSINT -m telegram --tgroup | -g [PublicGroupName] --dumpfile -s [masageID] -e [messageID]
Set start and end messages for scraping
gOSINT -m shodan -t [HOST IP]
Get Shodan services report for Host
gOSINT -m shodan -t [HOST IP] --honeypot
Start Shodan service report for host and honeypot probability
gOSINT -m shodan -t [HOST IP] --newscan
Send request for new shodan scan (1 scan credit will be removed)