Professional Intelligence Gathering Suite - Complete Edition
Features • Installation • Usage • Tools • Documentation
THIS TOOLKIT IS FOR AUTHORIZED OSINT OPERATIONS ONLY
This toolkit is provided for educational purposes and authorized open-source intelligence gathering ONLY. The creator assumes NO responsibility for misuse or illegal activities.
- ✅ Only conduct OSINT on targets you're authorized to research
- ✅ Respect privacy laws and regulations (GDPR, CCPA, etc.)
- ✅ Follow responsible disclosure practices
- ✅ Obtain proper authorization before OSINT operations
- ✅ Use for legitimate security research only
- ❌ Use for stalking, harassment, or malicious purposes
- ❌ Violate terms of service of platforms
- ❌ Access or attempt to access unauthorized systems
- ❌ Share or misuse collected intelligence
- ❌ Conduct illegal surveillance activities
Unauthorized surveillance and privacy violations are ILLEGAL and subject to prosecution.
By using this toolkit, you agree to use it responsibly and ethically.
- Email Harvesting - theHarvester integration for passive email/subdomain discovery
- Email Format Detection - Automated corporate email pattern generation
- Email Verification - MX record validation & breach checking
- Domain WHOIS - Registration information retrieval
- DNS Records Analysis - Comprehensive A, AAAA, MX, NS, TXT, SOA records
- MX Record Analysis - Mail server investigation & IP resolution
- SPF/DKIM/DMARC Check - Email security configuration assessment
- Domain Reputation - Security assessment via multiple sources
- Certificate Transparency - SSL certificate discovery (crt.sh)
- Comprehensive Domain Report - All-in-one HTML report generation
- Sherlock - Username search across 300+ platforms
- Maigret - Enhanced username enumeration (500+ sites)
- Twitter OSINT (Twint) - No API required! Profile, tweets, followers
- Instagram Intelligence - Instaloader profile data extraction
- LinkedIn Enumeration - Professional network reconnaissance
- Facebook Profile Search - Public profile discovery techniques
- WhatsMyName - Username availability checker
- Social Analyzer - Multi-platform automated analysis
- Username Correlation - Combined tool results analysis
- Comprehensive Social Report - Full social media audit with HTML output
- Ahmia.fi Search - Tor network search engine integration
- OnionScan Analysis - .onion site security scanning
- Dark Web Link Checker - Bulk .onion URL validation
- Paste Site Monitoring - Pastebin, Paste2, Ghostbin searching
- Data Leak Monitoring - XposedOrNot, HIBP, Dehashed integration
- Marketplace Check - Dark web marketplace research (educational)
- Tor Setup Helper - Complete Tor Browser installation guide
- TruffleHog - Find secrets (API keys, passwords, tokens) in git repos
- GitLeaks - Detect hardcoded credentials in code
- GitDorker - Automated GitHub reconnaissance with dorks
- User Enumeration - Profile intelligence, repos, gists, events
- Repository Analysis - Deep repo investigation & contributor analysis
- Code Search - Find API keys and secrets in public code
- Commit History Analysis - Git forensics & author identification
- Organization Enumeration - Company intelligence gathering
- Comprehensive GitHub OSINT - Full GitHub intelligence with HTML reports
- Email & Domain Tools - theHarvester, Sublist3r
- Username Tools - Sherlock, Maigret
- Breach Tools - h8mail, XposedOrNot
- Dark Web Tools - OnionScan, Ahmia integration
- GitHub Tools - TruffleHog, GitLeaks, GitDorker
- Social Media Tools - Twint, Instaloader, Social Analyzer
- Geolocation Tools - Creepy (planned)
- Google Dorking - Pagodo, GooFuzz (planned)
- SpiderFoot - Automation framework
- Recon-ng - Modular framework
- Go Tools - Subfinder, Amass, Assetfinder
- Install ALL - One-click complete installation
- Install Core - Essential tools only
- Update All - Automated tool updates
All optional, toolkit works 100% without APIs:
- Shodan - IoT & device search engine
- Censys - Certificate & host search
- VirusTotal - Threat intelligence platform
- AlienVault OTX - Open threat exchange
- Hunter.io - Email verification service
- SecurityTrails - DNS intelligence
- Have I Been Pwned - Breach notification service
- Dehashed - Breach search engine
- PimEyes - Face recognition search
- Pipl - People search engine
- Blockchain.info - Cryptocurrency tracking
- HTML Reports - Professional, presentable intelligence reports
- JSON Export - Machine-readable data format
- CSV Export - Spreadsheet-compatible output
- TXT Logs - Quick reference text files
- Comprehensive Logging - Detailed activity tracking
- Organized Results - Timestamped directory structure
- Indonesian Flag Banner - Professional branding 🇮🇩
- Color-Coded Output - Enhanced readability
- Progress Indicators - Multi-step operation tracking
- Error Handling - Graceful failure management
- Help System - Contextual usage information
- Menu Navigation - Intuitive interface
|
Email & Domain Intelligence
Username & Social Media
Dark Web & Deep Web
|
GitHub & Code Intelligence
Frameworks & Automation
Utilities
|
- OS: Linux (Ubuntu 20.04+, Debian 11+, Kali Linux)
- Shell: Bash 5.0+
- RAM: 4GB minimum, 8GB+ recommended
- Storage: 2GB free space (tools & cache)
- Internet: Required for tool installation & OSINT operations
# Automatically installed on first run
- python3 (3.8+)
- python3-pip
- curl
- dig (dnsutils)
- git
- golang (1.16+) - for Go-based tools
- exiftool - metadata extraction# 1. Clone repository
git clone https://github.com/windantara/ultimate-osint-toolkit.git
# 2. Navigate to directory
cd ultimate-osint-toolkit
# 3. Make executable
chmod +x ultimate_osint_toolkit.sh
# 4. Run (auto-installs dependencies)
./ultimate_osint_toolkit.sh# 1. Clone and setup
git clone https://github.com/windantara/ultimate-osint-toolkit.git
cd ultimate-osint-toolkit
chmod +x ultimate_osint_toolkit.sh
# 2. Run toolkit
./ultimate_osint_toolkit.sh
# 3. Install OSINT Tools
# Menu → 10. Install OSINT Tools → 14. Install ALL Tools
# Wait ~15-20 minutes for complete installation
# 4. Configure APIs (Optional)
# Menu → 11. API Configuration
# Add API keys for enhanced features
# 5. Ready to use! 🚀# Install to custom location
export OSINT_BASE_DIR="/opt/osint-toolkit"
./ultimate_osint_toolkit.sh
# Or specify directory
mkdir ~/my-osint
cd ~/my-osint
/path/to/ultimate_osint_toolkit.sh# Start the toolkit
./ultimate_osint_toolkit.sh
# Navigate menus with numbers
# Exit anytime with: 01. Select Module (Email, Social, Dark Web, GitHub)
2. Choose Feature (Harvesting, Search, Analysis)
3. Enter Target (Domain, Username, URL)
4. Wait for Results
5. View in Results Directory
# Goal: Find all emails and subdomains for company.com
# Steps:
1. Menu → 1. Email & Domain Intelligence
2. Select: 1. Email Harvesting (theHarvester)
3. Enter domain: company.com
4. Choose: 1. All sources
5. Wait 2-3 minutes
# Results:
~/osint_results/email_harvest_company.com_*/
├── harvester.html # Full HTML report
├── harvester.xml # XML data
└── all_emails.txt # Unique emails
# Found:
- 47 email addresses
- 23 subdomains
- 12 IP addresses# Goal: Find all social media accounts for username "john_doe"
# Steps:
1. Menu → 2. Username & Social Media
2. Select: 1. Username Search (Sherlock)
3. Enter: john_doe
4. Wait ~30 seconds
# Results:
Found accounts on:
✓ GitHub
✓ Twitter
✓ Instagram
✓ LinkedIn
✓ Reddit
✗ Facebook (not found)
# Full details in:
~/osint_results/sherlock_john_doe_*.txt# Goal: Complete intelligence on target.com
# Steps:
1. Menu → 1. Email & Domain Intelligence
2. Select: 10. Comprehensive Domain Report
3. Enter: target.com
4. Wait 5-10 minutes
# Report includes:
- WHOIS information
- DNS records (A, MX, NS, TXT, SOA)
- Subdomains (30+ found)
- SSL certificates
- Emails (15+ found)
- Email security (SPF/DKIM/DMARC)
- IP geolocation
- HTML report
# View report:
~/reports/domain_target.com_*/report.html# Goal: Find exposed secrets in organization repos
# Steps:
1. Menu → 5. GitHub & Code Intelligence
2. Select: 9. Comprehensive GitHub OSINT
3. Enter: target-organization
4. Wait ~10 minutes
# Findings:
- 15 public repositories
- 3 API keys found (TruffleHog)
- 2 hardcoded passwords (GitLeaks)
- 47 contributors identified
- Full HTML report generated# Goal: Search Tor network for data leaks
# Steps:
1. Install Tor Browser first
2. Menu → 4. Dark Web & Deep Web
3. Select: 1. Ahmia.fi Search
4. Enter query: "company data breach"
5. Review results
# Also check:
- 4. Paste Site Monitoring (Pastebin leaks)
- 5. Data Leak Monitoring (breach databases)ultimate-osint-toolkit/
├── ultimate_osint_toolkit.sh # Main script
├── README.md # This file
├── QUICKSTART.md # Quick start guide
├── CHANGELOG.md # Version history
├── CONTRIBUTING.md # Contribution guidelines
├── SECURITY.md # Security policy
├── LICENSE # MIT License
├── .gitignore # Git ignore rules
│
├── logs/ # Activity logs
│ └── osint.log # Main log file
│
├── osint_results/ # OSINT scan results
│ ├── email_harvest_*/ # Email harvesting results
│ ├── sherlock_*/ # Username search results
│ ├── comprehensive_*/ # Comprehensive scans
│ └── ...
│
├── reports/ # HTML/JSON reports
│ ├── domain_*/ # Domain intelligence reports
│ ├── social_*/ # Social media reports
│ ├── github_*/ # GitHub intelligence reports
│ └── ...
│
├── tools/ # Installed OSINT tools
│ ├── theHarvester/ # Email harvesting
│ ├── sherlock/ # Username OSINT
│ ├── Sublist3r/ # Subdomain enumeration
│ ├── Photon/ # Web crawler
│ ├── social-analyzer/ # Social media
│ ├── spiderfoot/ # Automation
│ ├── recon-ng/ # Framework
│ └── ...
│
├── wordlists/ # Wordlists & dictionaries
│ └── SecLists/ # Common wordlists
│
└── cache/ # Temporary data
████████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████████
================================================================
ULTIMATE OSINT TOOLKIT v2.0
Professional Intelligence Gathering Suite
================================================================
Created by:
Putu Wind Antara
Certified Security Researcher (CEH) | Bali 🇮🇩
================================================================
╔════════════════════════════════════════════════════════════╗
║ MAIN MENU ║
╚════════════════════════════════════════════════════════════╝
1. Email & Domain Intelligence
2. Username & Social Media
3. Leaked Data & Credentials (Coming Soon)
4. Dark Web & Deep Web
5. GitHub & Code Intelligence
6. Image Intelligence (Coming Soon)
7. Geolocation Tracking (Coming Soon)
8. Google Dorking (Coming Soon)
9. Phone Intelligence (Coming Soon)
10. Install OSINT Tools
11. API Configuration
12. Utilities
13. About & Credits
0. Exit
Working Dir: ~/ultimate-osint-toolkit
- Email & Domain Intelligence (10 features)
- Username & Social Media (10 features)
- Dark Web Intelligence (7 features)
- GitHub & Code Intelligence (9 features)
- Tool Management (14 categories)
- API Configuration (11 services)
- Leaked Data Module - Enhanced breach database tools
- Image Intelligence - Reverse search, face recognition (PimEyes)
- Geolocation Module - GPS tracking, Creepy, Wigle
- Google Dorking - Pagodo automation
- Phone Intelligence - PhoneInfoga integration
- PDF Reports - Automated PDF generation
- Advanced Filters - Search result filtering
- Blockchain Intelligence - Cryptocurrency tracking
- Threat Intelligence Feeds - AlienVault OTX, AbuseIPDB
- Company Intelligence - Corporate OSINT automation
- Maltego Integration - Graph visualization
- Enhanced SpiderFoot - Full automation support
- Machine Learning - Pattern recognition
- Web Dashboard - Browser-based UI
- API Endpoints - RESTful API
- Database Integration - PostgreSQL storage
- Team Features - Multi-user support
- Notifications - Slack/Discord/Email alerts
- Scheduled OSINT - Cron integration
- Plugin System - Custom modules
- README.md - This file (main documentation)
- QUICKSTART.md - 5-minute quick start guide
- CHANGELOG.md - Complete version history
- CONTRIBUTING.md - How to contribute
- SECURITY.md - Security policy & best practices
- OSINT Framework - https://osintframework.com
- Bellingcat - https://bellingcat.com
- OSINT Combine - https://www.osintcombine.com
- Intelligence X - https://intelx.io
Contributions are greatly appreciated!
- Fork the Project
- Create Feature Branch (
git checkout -b feature/AmazingFeature) - Commit Changes (
git commit -m 'Add: AmazingFeature') - Push to Branch (
git push origin feature/AmazingFeature) - Open Pull Request
See CONTRIBUTING.md for detailed guidelines.
This project exists thanks to all the people who contribute:
Found a bug? Want a feature?
- Bug Report: Open Issue
- Feature Request: Open Issue
- Discussions: Join Discussion
See CHANGELOG.md for complete version history.
Added:
- Complete Email & Domain Intelligence module (10 features)
- Complete Username & Social Media module (10 features)
- Complete Dark Web Intelligence module (7 features)
- Complete GitHub Intelligence module (9 features)
- Enhanced tool management (14 categories)
- API configuration system (11 services)
- HTML report generation
- Comprehensive logging
Distributed under the MIT License. See LICENSE for more information.
MIT License
Copyright (c) 2025 Putu Wind Antara
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
Putu Wind Antara
Security Researcher & Developer | Bali, Indonesia 🇮🇩
🌐 windantara.dev • 📧 putu@windantara.dev
"Intelligence is knowing where to look. OSINT is knowing how to look."
- Christian Martorella - theHarvester
- Sherlock Project - Sherlock
- Ahmed Aboul-Ela - Sublist3r
- S0md3v - Photon
- ProjectDiscovery - Subfinder, Nuclei
- OWASP - Amass
- TruffleSecurity - TruffleHog
- Zach Hanley - GitLeaks
- And many more amazing developers!
- EC-Council - CEH Certification & Training
- OSINT Community - Knowledge sharing & support
- Open Source Community - Amazing tools & frameworks
- Bellingcat - OSINT techniques & methodologies
- Security Researchers - Best practices & guidance
- Beta Testers - Feedback & bug reports
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Email: putu@windantara.dev
- Website: windantara.dev
- LinkedIn: Putu Wind Antara
If you find this toolkit useful, please give it a star! ⭐
- Awesome OSINT - List of OSINT resources
- Security Tools Collection - Comprehensive security toolkit list
- CEH Study Materials - Recommended for OSINT learning
Made with ❤️ in Bali, Indonesia 🇮🇩
© 2025 Putu Wind Antara - Certified Security Researcher (CEH)
Stay curious, stay ethical, stay intelligent.