CLI tool for open source and threat intelligence
Switch branches/tags
Nothing to show
Clone or download
Failed to load latest commit information.
harpoon add MISP research to ip intel Oct 24, 2018
tests fixes bing bug Dec 11, 2017
.gitignore add libs Sep 26, 2017
LICENSE Initial commit Sep 25, 2017 Fixes dependencies bugs Feb 26, 2018 alphaorder for readability Sep 12, 2018
requirements.txt fixes bugs Oct 23, 2018 Move to the new consolemd library Aug 2, 2018


OSINT tool.


First, you need to have development headers of python 3 installed, on ubuntu/debian just do sudo apt install python3-dev

Then, you can simply pip install the tool:

pip install git+ --process-dependency-links

Optionally if you want to use the screenshot plugin, you need phantomjs and npm installed:

npm install -g phantomjs

If the above install instructions didn't work, you can build the tool from source by executing the following commands in the terminal (this assumes you are using virtualenvs):

git clone
cd harpoon
pip3 install -r requirements.txt
pip3 install .

To configure harpoon, run harpoon config and fill in the needed API keys. Then run harpoon config -u to download needed files. Check what plugins are configured with harpoon config -c.


After configuration the following plugins are available within the harpoon command:

asn                 Gather information on an ASN
bitly               Request information through the API
cache               Requests webpage cache from different sources
censys              Request information from Censys database (
certspotter         Get certificates from
config              Configure Harpoon
crtsh               Search in (Certificate Transparency database)
cybercure           Check if intelligence on an IP exists in
dns                 Map DNS information for a domain or an IP
fullcontact         Requests Full Contact API (
github              Request Github information through the API
googl               Requests Google url shortener API
greynoise           Request Grey Noise API
help                Give help on an Harpoon command
hibp                Request Have I Been Pwned API (
hunter              Request information through the API
hybrid              Requests Hybrid Analysis platform
ip                  Gather information on an IP address
ipinfo              Request information
malshare            Requests MalShare database
misp                Get information from a MISP server through the API
opencage            Forward/Reverse geocoding using OpenCage Geocoder API
otx                 Requests information from AlienVault OTX
permacc             Request information through the API
pgp                 Search for information in PGP key servers
robtex              Search in Robtex API (
safebrowsing        Check if the given domain is in Google safe Browsing list
save                Save a webpage in cache platforms
screenshot          Takes a screenshot of a webpage
shodan              Requests Shodan API
spyonweb            Search in SpyOnWeb through the API
telegram            Request information from Telegram through the API
threatgrid          Request Threat Grid API
totalhash           Request Total Hash API
twitter             Requests Twitter API
vt                  Request Virus Total API

You can get information on each command with harpoon help COMMAND

Access Keys