This is a combined tool for Osint. It can be used in both GUI and CLI mode.
- It checks given username & find out sevral websites where the same username exist.
- It find out other websites where the given email is registerd or used.
- Checks for data breaches where the given is present and give detailed information about data breach.
- If the given email is gmail then it gives information about that google account. Including name, photo and google map reviews.
- It gives you owner name, carrier info and city or state name of given phone number. (As of now it only works for indian phone numbers.)
- First it gives basic info realted to given website. Like ip, serever address & ISP info.
- Then it gets whois information of given domain.
- It gets subdomains of given domain.
- It scan for reverse ip for getting other domains on the same server.
- Python3 must be installed on your system.
- Git clone this repo or download the zip and extract it in a folder.
git clone https://github.com/R4JVE3R/OsintTool.git - Install the requirements. For that go to
OsintToolfolder and run this command.pip install -r requirements.txt
- Goto
OsintToolfolder, open .env file and edit environment variable's values accordingly.
-
HIBP_KEYis a Have I Been Pwned API Key. It is used to fetch data breaches of the email. You can get this api key from here. It will cost 3.5$ for a month. If you dont have this API key, leaveHIBP_KEYempty and email breach module will be skipped. -
G_COOKIE,HANGOUTS_Authorization,HANGOUTS_KEY,GDRIVE_AuthorizationandGDRIVE_KEYare required to get google info of the given email. To get these values, follow below steps.G_COOKIEis combined of 3 cookies values__Secure-1PSID,__Secure-3PSIDand__Secure-3PAPISID.- Open mail.google.com or myaccount.google.com, open inspect element and go to storage tab.
Copy these 3 cookie's values, combine them like __Secure-1PSID=whatever;__Secure-3PSID=whatever;__Secure-3PAPISID=whatever;and set this asG_COOKIE's value.
- Open mail.google.com or myaccount.google.com, open inspect element and go to storage tab.
- For
HANGOUTS_AuthorizationandHANGOUTS_KEY, open hangouts.google.com, open network tab of the browser and search forpeople-pa.clients6.google.comdomain. There will be one post request, key parameter is ourHANGOUTS_KEY. So copy that value and paste it asHANGOUTS_KEY's value.
Scroll down to request headers and you will find Authorization header. Copy it's value and paste it as HANGOUTS_Authorization's value.
- For
GDRIVE_AuthorizationandGDRIVE_KEY, open drive.google.com, open network tab of the browser and search forpeople-pa.clients6.google.comdomain. There will be one post request, key parameter is ourGDRIVE_KEY. So copy that value and paste it asGDRIVE_KEY's value. Scroll down to request headers and you will find Authorization header. Copy it's value and paste it asGDRIVE_Authorization's value.
-
TRUECALLER_AUTHis an Authorization Bearer of truecaller. It is used to retrive the data of given phone number from truecaller. To get this, you need to have trucaller app installed on your device, login to the app, intercept any request and you will findAuthorizationheader in the request. Copy the Authorizarion Bearer and paste it here. -
WHOIS_KEYis an IP2WHOIS API key. It is used to get whois data of the given domain. It is free, you can get this API key from here. -
SECURITYTRAILS_KEYis a SecurityTrails API Key. It is used to get subdomains of the given domain. It is also free, you can get this API Key from here.
- To use it in CLI mode. You can run
python OsintTool.py -hcommand to see help.- There are 4 flags available for different 4 modules. Examples are given below.
- Username lookup:
python OsintTool.py -u example - Email lookup:
python OsintTool.py -e [email protected] - Phone lookup:
python OsintTool.py -p 1234567890 - Website lookup:
python OsintTool.py -w google.com
- Username lookup:
- There are 4 flags available for different 4 modules. Examples are given below.
- To use it in GUI mode.
- Run server.py
python server.py - Navigate to http://127.0.0.1:5000 to access GUI mode.
- Run server.py