Information Gathering

gOSINT – The Comprehensive Open Source Intelligence Toolkit In Go

gOSINT is a multiplatform OSINT Swiss army knife in Golang. If you want, feel free to contribute and/or leave a feedback!

What gOSINT Can Do

Currently gOSINT has different modules:

  • git support for mail retriving (using github API, or plain clone and search)
  • Search for mails, aliases and KeyID in PGP Server
  • haveibeenpwned.com/ search for mail in databreach
  • Retrieve Telegram Public Group Message History
  • Search for mail address in source
  • shodan.io search
  • Subdomain enumeration using crt.sh
  • Given a phone number, can retrieve the owner name
  • Search for password relatives to email address 😛
  • Reverse Whois given Email Address or Name

A complete features list and roadmap is available under Projects Tab

Installation

Dependencies

gOSINT currently depends from tesseract-ocr so you need to install on your system tesseract-ocrlibtesseract-dev and libleptonica-dev

Install On A Go-Dependent Way (Is The Easier And Faster Way)

You can install gOSINT using go get with a simple

go get github.com/Nhoya/gOSINT/cmd/gosint

Install On Windows

Check the AppVeyor Build page for builds

Manual Building

Building On Linux

Build gOSINT on linux is really easy, you just need to install dep, clone the repository and make and make instal

Building On Windows

If you have make installed you can follow the Linux instructions (and skip make install) otherwise be sure to have dep installed, clone the directory and run

dep ensure
go build cmd/gosint.go

Running On Docker

gOSINT currently supports container only for the rolling release, after the 1.0.0 release we will start working on a versioned Dockerfile. If you want to try it out:

mkdir gOSINT
wget https://raw.githubusercontent.com/Nhoya/gOSINT/develop/build/package/Dockerfile
docker build gosint .
docker run gosint bash

Usage

usage: gOSINT [<flags>] <command> [<args> ...]

An Open Source INTelligence Swiss Army Knife

Flags:
  --help     Show context-sensitive help (also try --help-long and --help-man).
  --json     Enable JSON Output
  --debug    Enable Debug Output
  --version  Show application version.
  --verify   Verify URL Status Code

Args:
  <url>  Domain URL

Commands:
  help [<command>...]
    Show help.


  git [<flags>] <url>
    Get Emails and Usernames from repositories

    --method=[clone|gh]  Specify the API to use or plain clone
    --recursive          Search for each repository of the user

  pwd [<flags>] <mail>...
    Check dumps for Email address using haveibeenpwned.com

    --get-passwords  Search passwords for mail

  pgp <mail>...
    Get Emails, KeyID and Aliases from PGP Keyring


  shodan [<flags>] <host>...
    Get info on host using shodan.io

    --new-scan  Schedule a new shodan scan (1 Shodan Credit will be deducted)
    --honeypot  Get honeypot probability

  shodan-query <query>
    Send a query to shodan.io


  axfr [<flags>] <url>...
    Subdomain enumeration using crt.sh

    --verify  Verify URL Status Code

  pni <number>...
    Retrieve info about a give phone number


  telegram [<flags>] <group>
    Telegram public groups and channels scraper

    --start=START  Start message #
    --end=END      End message #
    --grace=15     The number of messages that will be considered deleted before the scraper stops
    --dump         Creates and resume messages from dumpfile

  rev-whois <target>
    Find domains for name or email address
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecuritygOSINTinformationsecuritykalilinuxkalilinuxtools
9 months ago

Recent Posts

Starship : Revolutionizing Terminal Experiences Across Shells

Starship is a powerful, minimal, and highly customizable cross-shell prompt designed to enhance the terminal…

7 hours ago

Lemmy : A Decentralized Link Aggregator And Forum For The Fediverse

Lemmy is an innovative, open-source platform designed for link aggregation and discussion, providing a decentralized…

7 hours ago

Massive UX Improvements, Custom Disassemblers, And MSVC Support In ImHex v1.37.0

The latest release of ImHex v1.37.0 introduces a host of exciting features and improvements, enhancing…

8 hours ago

Ghauri : A Powerful SQL Injection Detection And Exploitation Tool

Ghauri is a cutting-edge, cross-platform tool designed to automate the detection and exploitation of SQL…

11 hours ago

Writing Tools : Revolutionizing The Art Of Writing

Writing tools have become indispensable for individuals looking to enhance their writing efficiency, accuracy, and…

11 hours ago

PatchWerk : A Tool For Cleaning NTDLL Syscall Stubs

PatchWerk is a proof-of-concept (PoC) tool designed to clean NTDLL syscall stubs by patching syscall…

1 day ago