Skip to content
Useful for digital forensics investigations or initial black-box pentest footprinting.
Python
Branch: master
Clone or download
Latest commit 2ce01d0 May 2, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md Update README.md May 2, 2019
osintS34rCh.py Update osintS34rCh.py Apr 29, 2019
requirements.txt Update requirements.txt Apr 29, 2019

README.md

OSINT-Search Description

Functionality

  • Presents personal information like full name, age, gender, location, languages, social networks, etc...
  • Presents information related to data breaches.
  • Presents information related to pastes of data breaches made public.
  • Presents which country a phone number belongs to.
  • Presents results of google hackings searches.
  • Presents results related to a domain or an IP address.
  • Presents digital certificates for a certain domain.
  • Presents CMS for a certain website.
  • Presents DNS Records and zone transfers information for a certain domain.
  • Presents URL links that contain valuable data related with a Facebook ID.
  • Presents URLs present in some web page.
  • Presents URL that tells what torrents are being downloaded from some IP.

The script allows specfic searches and in bulk.

More functionalities to be added later.

Tested On

  • Kubuntu 18.04.2 LTS
  • Kali Linux 2019.1
  • Windows 10

Requirements (Install)

Run

  • On the first run of the script you need to submit your API fields to get all the functionality of the script. I suggest you create the accounts mentioned in the description.
  • A configuration file called 'osintSearch.config.ini' is created with your data and can be edited by you.

Usage

$ osintS34rCh v1.0

USAGES
  Email
  ./osintS34rCh -e <target@email>				# All Searches: Pipl, FullContact, Haveibeenpwnded Data Breaches and Credentials Pastes, TowerData - validate e-mail
  ./osintS34rCh -e <target@email> --pipl 			# Pipl
  ./osintS34rCh -e <target@email> --fullcontact 		# FullContact
  ./osintS34rCh -e <target@email> --pwned 			# Haveibeenpwnded Data Breaches and Credentials Pastes
  ./osintS34rCh -e <target@email> --validate			# TowerData - validate e-mail

  Domain
  ./osintS34rCh.py -t <domain>					# All Searches: Shodan Recon, crt.sh, DNSDumpster, All Google Hacking Dorks, HackerTarget - DNS Zonetransfer
  ./osintS34rCh.py -t <domain> --shodan				# Shodan Recon
  ./osintS34rCh.py -t <domain> --crt 				# crt.sh
  ./osintS34rCh.py -t <domain> --dns 				# DNSDumpster, HackerTarget - DNS Zonetransfer
  ./osintS34rCh.py -t <domain> -d <dork> -n <num_pages>		# Google Hacking
  ./osintS34rCh.py -t <domain> -d --all				# All Google Hacking Dorks

  IP
  ./osintS34rCh.py -t <IP>					# All Searchs: Shodan and Censys Recon
  ./osintS34rCh.py -t <IP> --shodan				# Shodan Recon
  ./osintS34rCh.py -t <IP> --censys				# Censys Recon
  ./osintS34rCh.py -t <IP> --torrent				# KnowWhatYouDownload URL

  URL
  ./osintS34rCh.py -u <url>					# WhatCMS Check, HackerTarget - Extract URLs
  ./osintS34rCh.py -u <url> --cms				# WhatCMS Check
  ./osintS34rCh.py -u <url> --extract				# HackerTarget - Extract URLs
  ./osintS34rCh.py -u <url> --facebook 				# Facebook

  Phone
  ./osintS34rCh.py -p <phonenumber> --callerID			# CallerID

OPTIONS:
  -h or --help
  -e <email> [--pipl] [--fullcontact] [--pwned]
  -t <target IP or Domain> [--shodan] [--crt] [--dns] [-d] [<dork>] [--all] [-n <num_pages>]
  -u [--cms] [--censys] [--extract] [--facebook]
  -p <phone> --callerID

DORKS:
  dir_list
  files
  docs
  db
  login
  sql
  sensitive
  php

CONFIG_FILE:
  /yourdirectory/osintSearch.config.ini
You can’t perform that action at this time.