Modern OSINT, HUMINT, SOCMINT, GEOINT, OPSEC and Digital Investigation Resources
OSINT Toolkit is a curated documentation project for responsible open-source research. It combines verified tools, repeatable investigation workflows, evidence-handling guidance, and maintenance controls in one navigable repository.
Important
Use these resources only for lawful, authorized purposes. Publicly accessible information can still be sensitive. Minimize collection, respect platform rules, protect sources, and document uncertainty.
- Why this repository exists
- Features
- Quick navigation
- Repository architecture
- Categories
- Workflows
- Tool-card standard
- Repository philosophy
- Statistics
- Contributing
- Security
- License
Most resource collections optimize for volume. This project optimizes for investigative usefulness: what a tool does, where it fits, how to start, what it can observe, where it fails, and how to preserve results. Every listed project is real; unknown facts are marked TODO instead of being inferred.
- Consistent, reviewable tool cards with operational limits.
- Investigation workflows that begin with authority and end with preservation.
- Category guides organized by the analyst's starting artifact.
- Explicit status and verification dates for maintenance triage.
- A curation policy that rejects abandoned, unverifiable, duplicated, or popularity-only entries.
- Automated Markdown linting, link checking, and table-of-contents validation.
- Structured issue forms for bugs, features, and tool submissions.
- Minimal dependencies and fast, plain-Markdown navigation.
| Start with | Go to | Use when |
|---|---|---|
| A known identifier | Categories | You have a username, email, number, image, document, domain, or address. |
| A research objective | Workflows | You need a safe, repeatable investigation sequence. |
| A new tool | Tool submission | You want to propose a real, verifiable project. |
| A curation decision | Curation policy | You need to understand why a tool is accepted, rejected, removed, or downgraded. |
| A documentation change | Contribution guide | You are preparing a focused pull request. |
| A sensitive defect | Security policy | Reporting publicly could put users or sources at risk. |
OSINT-Toolkit/
├── assets/ # Repository-owned visual assets
├── categories/ # Artifact- and discipline-oriented guides
├── workflows/ # End-to-end investigation procedures
├── docs/ # Architecture, curation, style, and review standards
├── scripts/ # Deterministic documentation maintenance
└── .github/
├── ISSUE_TEMPLATE/ # Structured reports and submissions
├── workflows/ # Lint, link, and TOC automation
└── PULL_REQUEST_TEMPLATE.md
Category and workflow pages are generated from reviewed data in scripts/build_docs.py. This keeps cards, safety language, and navigation consistent. See the architecture guide for ownership and update boundaries, and the curation policy for selection rules.
| Identity | Platforms | Media and files | Network and analysis |
|---|---|---|---|
| Username | Telegram | Images | Domains |
| Discord | Documents | IP | |
| Phone | Steam | GEOINT | Infrastructure |
| HUMINT | Gaming | SOCMINT | AI |
| OPSEC | Social Media | Misc |
| Identity and person | Media and platform | Organization and infrastructure |
|---|---|---|
| Username Investigation | Telegram Investigation | Domain Investigation |
| Email Investigation | Image Investigation | Infrastructure Investigation |
| Phone Investigation | Company Investigation | |
| Person Investigation |
Every tool uses the same fields: name, description, category, platform, repository, official website, license, status, installation, quick example, supported sources, pros, limitations, and last verified date. Copy the tool-card template; do not improvise a new layout.
Status model
| Status | Meaning |
|---|---|
| Active | Operational service or project with current availability. |
| Maintained | Upstream shows ongoing maintenance and supported installation paths. |
| Experimental | Useful but unstable, narrow, or explicitly experimental upstream. |
| Archived | Upstream is read-only or explicitly discontinued. |
| Deprecated | Upstream advises users to migrate or stop using it. |
| Community | Useful community project with variable or limited maintenance guarantees. |
- Method before tool. A tool result is a lead, not a conclusion.
- Primary sources first. Prefer official repositories, documentation, registries, and original publications.
- Evidence over volume. A smaller verified catalog is better than a large unreliable catalog.
- Safety by design. Use the least invasive source that can answer the question.
- Honest maintenance. Remove or reclassify stale entries; do not keep abandoned projects for count.
- Reproducibility. Another qualified analyst should be able to understand and repeat the work.
| Metric | Current value |
|---|---|
| Category guides | 19 |
| Investigation workflows | 9 |
| Curated tool cards | 38 |
| Tool-card fields | 14 |
| Last catalog verification | 2026-07-07 |
Statistics describe this release and are updated with catalog changes. They are not a quality target; a smaller verified catalog is preferable to a larger unreliable one.
Read CONTRIBUTING.md and the curation policy before opening an issue or pull request. New tools require an official source, license review, maintenance evidence, a safe example, concrete limitations, and manual link verification. The review process prioritizes accuracy, legality, maintenance, and category fit.
Do not disclose credentials, private datasets, live targets, bypass instructions, or personal data in issues. Follow SECURITY.md for private reporting and the repository's supported-version policy.
Repository content and maintenance scripts are available under the MIT License. Listed tools and services retain their own licenses and terms.