Pockint : A Portable OSINT Swiss Army Knife for DFIR/OSINT Professionals

POCKINT (a.k.a. Pocket Intelligence) is the OSINT swiss army knife for DFIR/OSINT professionals. Designed to be a lightweight and portable GUI program (to be carried within USBs or investigation VMs), it provides users with essential OSINT capabilities in a compact form factor: POCKINT’s input box accepts typical indicators (URL, IP, MD5) and gives users the ability to perform basic OSINT data mining tasks in an iterable manner.

You can grab the latest version from the releases page. POCKINT is provided as a single executable that can be stored and run anywhere on computers. POCKINT is available for Windows and Linux platforms.

Also Read – ATTACKdatamap : A Datasource Assessment On An Event Level To Show Potential Coverage

Features

Why use it? POCKINT is designed to be simple, portable and powerful.

  • ⭐️ Simple: There’s a plethora of awesome OSINT tools out there. Trouble is they either require analysts to be reasonably comfortable with the command line (think pOSINT) or give you way too many features (think Maltego). POCKINT focuses on simplicity: INPUT > RUN TRANSFORM > OUTPUT … rinse and repeat. It’s the ideal tool to get results quickly and easily through a simple interface.
  • 📦 Portable: Most tools either require installation, a license or configuration. POCKINT is ready to go whenever and wherever. Put it in your jump kit USB, investigation VM or laptop and it will just run.
  • 🚀 Powerful: POCKINT combines cheap OSINT sources (whois/DNS) with the power of specialised APIs. From the get go you can use a suite of in-built transforms. Add in a couple of API keys and you can unlock even more specialised data mining capabilities.

The latest version is capable of running the following data mining tasks: Domains IP Adresses Urls Hashes Emails

New APIs and input integrations are constantly being added to the tool. Consult the roadmap to check out what’s brewing or propose your own favourite API/input.

Credits: Olaf Hartong, Uriel, Jake Creps & Simon Biles

R K

Recent Posts

BypassAV : Techniques To Evade Antivirus And EDR Systems

BypassAV refers to the collection of techniques and tools used to bypass antivirus (AV) and…

16 hours ago

ComDotNetExploit : Exploiting Windows Protected Process Light (PPL)

ComDotNetExploit is a Proof of Concept (PoC) tool designed to demonstrate the exploitation of Windows…

16 hours ago

Trigon : A Revolutionary Kernel Exploit For iOS

Trigon is a sophisticated deterministic kernel exploit targeting Apple’s iOS devices, leveraging the CVE-2023-32434 vulnerability.…

16 hours ago

Bug Bounty Report Templates : Enhancing Efficiency In Vulnerability Reporting

Bug bounty report templates are essential tools for streamlining the process of documenting vulnerabilities. They…

16 hours ago

FullBypass : A Tool For AMSI And PowerShell CLM Bypass

FullBypass is a tool designed to circumvent Microsoft's Antimalware Scan Interface (AMSI) and PowerShell's Constrained…

18 hours ago

Carseat : A Python Implementation Of Seatbelt

Carseat is a Python-based tool that replicates the functionality of the well-known security auditing tool,…

21 hours ago