OSINT framework in Go
Take a look at the develop branch for more updates.
gOSINT is a small OSINT framework in Golang. If you want, feel free to contribute and/or leave a feedback!
- Find mails from git repository
- Find Dumps for mail address
- Search for mail address linked to domain/mail address in PGP keyring
- Retrieve Info from domain whois (waiting to be implemented)
- Search for mail address in source code
- Retrieve Telegram Public Groups History
You can use the building script, just clone the directory and execute it
git clone https://github.com/Nhoya/gOSINT
./build.sh
The package will be installed in /usr/local/bin
You can then call gOSINT from command line
$ gOSINT --help
Before building gOSINT manually you need to solve the dependencies:
go get "github.com/deckarep/golang-set"
go get "github.com/nhoya/goPwned"
go get "github.com/jessevdk/go-flags"
go get "gopkg.in/src-d/go-git.v4"
go get "github.com/jaytaylor/html2text"
git clone https://github.com/Nhoya/gOSINT && cd gOSINT && go build
Currently gOSINT is still an early version and few modules are supported
- git support for mail retriving (using github API, bitbucket API or RAW clone and search)
- Search for mails in PGP Server
- https://haveibeenpwned.com/ search for mail in databreach
- Retrive Telegram Public Group Messages
- WHOIS support (the module is ready but has to be integrated)
- Search for mail address in source
- https://shodan.io search
- Social Media search
- Search Engine search
Usage:
gOSINT [OPTIONS]
Application Options:
-m, --module=[pgp|pwnd|git|plainSearch|telegram] Specify module
-v, --version Print version
--url= Specify target URL
--gitAPI=[github|bitbucket] Specify git website API to use (for git module,optional)
-c, --clone Enable clone function for plainSearch module (need to specify repo URL)
--mail= Specify mail target (for pgp and pwnd module)
--grace= Specify telegram messages grace period (default: 15)
-g, --tgroup= Specify Telegram group/channel name
-s, --tgstart= Specify first message to scrape
-e, --tgend= Specify last message to scrape
--dumpfile Create and resume messages from dumpfile
--ask-confirmation Ask confirmation before adding mail to set (for plainSearch module)
-p, --path= Specify target path (for plainSearch module)
-f, --full Make deep search using linked modules
Help Options:
-h, --help Show this help message
Currently gOSINT supports the following actions
gOSINT -m git --url=[RepoURL] --gitAPI [github|bitbucket] (optional)
retrieve mail from git commits
gOSINT -m git --url [RepoURL] --gitAPI [github|bitbucket] (optional) -f
pass the result to pgp search and pwnd module
gOSINT -m pwnd --mail [targetMail]
search for breaches where targetMail is preset
gOSINT -m pgp --mail [targetMail]
search for others mail in PGP Server
gOSINT -m pgp --mail [targetMail] -f
pass the result to haveibeenpwn module
gOSINT -m sourceSerch --path [targetDirectory]
search for mails in source code (recursively)
gOSINT -m sourceSearh --path [targetDirectory] --ask-confirmation
ask confirmation before adding mail to search results
gOSINT -m sourceSearch --path [targetDirectory] -f
pass the result to pgp search and haveibeenpwnd modules
gOSINT -m sourceSearch --clone --url [targetRepository]
clone and search mail in repository source
gOSINT -m sourceSearch --clone --url [targetRepository] -f
pass the resoult to pgp search and haveibeenpwnd modules
gOSINT -m sourceSearch --clone --url [targetRepository] --ask-confirmation
ask confirmation before adding mail to search results
gOSINT -m telegram --tgroup | -g [PublicGroupName]
retrieve message history for telegram public group
gOSINT -m telegram --tgroup | -g [PublicGroupName] --dumpfile
the output will be stored in a file, if the file is already populated it will resume from the last ID
gOSINT -m telegram --tgroup | -g [PublicGroupName] --dumpfile -s [masageID] -e [messageID]
Set start and end messages for scraping
