A comprehensive, overpowered Open Source Intelligence (OSINT) gathering
tool with a modern GUI. Perform deep reconnaissance on domains, emails,
usernames, IP addresses, phone numbers, cryptocurrency wallets, and more -
all without requiring API keys.
sinX
bca3ad86e1
A comprehensive, overpowered Open Source Intelligence (OSINT) gathering tool with a modern GUI. Perform deep reconnaissance on domains, emails, usernames, IP addresses, phone numbers, cryptocurrency wallets, and more - all without requiring API keys.     ## 🔥 Features ### 🌐 Domain Intelligence - **WHOIS Deep Lookup** - Complete domain registration information with age calculation - **DNS Deep Scan** - 14 different DNS record types (A, AAAA, MX, NS, TXT, SOA, CNAME, PTR, SRV, CAA, DNSKEY, DS, NAPTR, TLSA) - **Subdomain Mega Scan** - Aggressive enumeration of 300+ common subdomains with multi-threading - **SSL/TLS Analysis** - Certificate inspection, cipher analysis, and security assessment - **Tech Stack Detection** - Fingerprint 20+ web technologies and frameworks - **Certificate Transparency** - Discover subdomains via CT logs (crt.sh) - **Zone Transfer Attempts** - Automated AXFR testing ### 📧 Email Intelligence - **Deep Validation** - Format checking, MX record verification, domain validation - **Breach Mega Search** - Check against Have I Been Pwned and 4 other breach databases - **Email Permutations** - Generate 26+ common email pattern variations - **Domain Email Harvesting** - Extract emails from websites - **Disposable Email Detection** - Identify temporary/throwaway email services ### 👤 Username Intelligence - **Mega Hunt** - Search across 66+ social media and professional platforms - **GitHub Deep Dive** - Profile analysis, repository enumeration, activity tracking, organization membership - **Gaming Profiles** - Search 11 gaming platforms (Steam, Xbox, PlayStation, etc.) - **Developer Platforms** - Check 13 development sites (GitHub, GitLab, Stack Overflow, etc.) - **Multi-threaded Checking** - Concurrent platform verification for speed ### 🔍 IP/Network Intelligence - **Multi-Source Geolocation** - Location data with Google Maps integration - **Reverse DNS Lookup** - PTR record resolution - **Aggressive Port Scanning** - Top 1000 ports with service/version detection - **Reputation & Threat Intel** - 9 different threat intelligence sources - **ASN Lookup** - Autonomous System information with network classification - **Device Search Engines** - Direct links to Shodan, Censys, FOFA, ZoomEye, etc. ### 📱 Phone Intelligence - **Deep Analysis** - Number breakdown, formatting, location intelligence - **Carrier Intelligence** - Free carrier lookup resources - **Social Media Links** - Facebook, WhatsApp, Telegram search methods - **Area Code Database** - Geographic location and timezone information ### ₿ Cryptocurrency Intelligence - **Bitcoin Lookup** - 4 blockchain explorer integrations - **Ethereum Lookup** - 3 Ethereum-specific explorers - **Multi-Chain Search** - Support for 11 different blockchains - **Wallet Analysis** - Transaction history and balance checking ### 🔓 Data Leaks & Breaches - **Pastebin Search** - Search across 8+ paste sites - **GitHub Dork Generator** - 16 sensitive data search patterns - **Code Leak Search** - 6 code repository platforms - **Paste Site Monitoring** - Access to paste monitoring tools ### ⚡ Advanced Tools - **Google Dork Mega Generator** - 60+ dorks across 7 categories - **Wayback Deep Scan** - 1000+ historical snapshots via Archive.org CDX API - **Web Archive Hunt** - 5 different web archive sources - **Company Intelligence** - Business, financial, employee, and tech stack data ### 📊 Export Capabilities - **JSON Export** - Machine-readable structured data - **TXT Export** - Human-readable text reports - **HTML Reports** - Beautiful styled HTML reports with hacker theme ## 🚀 Installation ### Prerequisites ```bash # Debian/Ubuntu sudo apt update sudo apt install -y python3 python3-pip nmap git # Arch Linux sudo pacman -S python python-pip nmap git # Fedora/RHEL sudo dnf install -y python3 python3-pip nmap git ``` ### Clone Repository ```bash git clone https://github.com/yourusername/darksint.git cd darksint ``` ### Install Python Dependencies ```bash pip3 install -r darksint_requirements.txt ``` ### Make Executable ```bash chmod +x darksint ``` ## 💻 Usage ### Launch DARKSINT ```bash ./darksint ``` ### Quick Examples **Domain Reconnaissance:** 1. Navigate to the "🌐 DOMAIN" tab 2. Enter target domain (e.g., `example.com`) 3. Click "FULL RECON" for comprehensive analysis **Email Investigation:** 1. Go to "📧 EMAIL" tab 2. Enter email address 3. Click "Breach Mega Search" to check for data breaches **Username Hunt:** 1. Select "👤 USERNAME" tab 2. Enter username 3. Click "Social Media Hunt (50+)" to search 66+ platforms **IP Analysis:** 1. Open "🔍 IP/NETWORK" tab 2. Enter IP address 3. Click "Reputation+Threat Intel" for complete analysis **Export Results:** 1. Complete any scan 2. Navigate to "⚡ ADVANCED" tab 3. Choose export format (JSON, TXT, or HTML) ## 📋 Requirements ### System Requirements - **OS:** Linux (Debian, Ubuntu, Arch, Fedora, Kali, etc.) - **Python:** 3.8 or higher - **RAM:** 2GB minimum, 4GB recommended - **Disk:** 100MB for installation ### Python Dependencies - `requests` - HTTP library - `python-whois` - WHOIS lookups - `dnspython` - DNS operations - `python-nmap` - Port scanning - `beautifulsoup4` - HTML parsing - `pyOpenSSL` - SSL/TLS operations ## 🎯 Key Advantages ✅ **100% FREE** - No API keys, no subscriptions, no hidden costs ✅ **No Rate Limits** - Most features work without external APIs ✅ **Comprehensive** - 8 major intelligence categories in one tool ✅ **Fast** - Multi-threaded operations for maximum speed ✅ **Modern GUI** - Beautiful hacker-themed interface ✅ **Privacy-Focused** - All processing happens locally ✅ **Export Options** - JSON, TXT, and HTML report formats ✅ **Actively Maintained** - Regular updates and improvements ## 🔧 Technical Details ### Architecture - **Language:** Python 3 - **GUI Framework:** Tkinter (built-in) - **Threading:** Concurrent execution with ThreadPoolExecutor - **Network:** Socket programming, DNS resolution, HTTP requests - **Scanning:** Nmap integration for port scanning ### Performance - **Subdomain Scanning:** 50 concurrent threads, ~300 subdomains in 2-3 minutes - **Username Hunt:** 20 concurrent threads, 66+ platforms in 1-2 minutes - **Port Scanning:** Top 1000 ports with service detection in 3-5 minutes - **DNS Enumeration:** 14 record types checked simultaneously ### Wordlists - **Subdomains:** 300+ common entries including cloud, admin, dev, staging, production - **Email Patterns:** 26 common variations - **Google Dorks:** 60+ across file types, admin panels, config files, databases ## 🛡️ Legal & Ethical Use **IMPORTANT:** This tool is designed for authorized security testing, defensive security, penetration testing, CTF challenges, and educational purposes only. ### Acceptable Use ✅ Penetration testing with written authorization ✅ Bug bounty programs ✅ Personal infrastructure assessment ✅ Educational research ✅ CTF competitions ✅ Defensive security operations ### Prohibited Use ❌ Unauthorized network scanning ❌ Data theft or exfiltration ❌ Harassment or stalking ❌ Violation of privacy laws ❌ Any illegal activities **By using this tool, you agree to comply with all applicable laws and regulations. The developers assume no liability for misuse.** ## 🤝 Contributing Contributions are welcome! Here's how you can help: 1. **Fork the repository** 2. **Create a feature branch** (`git checkout -b feature/AmazingFeature`) 3. **Commit your changes** (`git commit -m 'Add AmazingFeature'`) 4. **Push to the branch** (`git push origin feature/AmazingFeature`) 5. **Open a Pull Request** ### Areas for Contribution - Additional subdomain wordlists - New platform integrations - Performance optimizations - Bug fixes - Documentation improvements - Translation to other languages ## 🐛 Bug Reports Found a bug? Please open an issue with: - Detailed description - Steps to reproduce - Expected vs actual behavior - Screenshots (if applicable) - System information (OS, Python version) ## 📜 License This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. ## 🙏 Acknowledgments - **Have I Been Pwned** - Breach data API - **crt.sh** - Certificate Transparency logs - **ip-api.com** - IP geolocation service - **GitHub API** - Profile and repository data - **Archive.org** - Wayback Machine CDX API - **Nmap** - Network scanning capabilities ## 📧 Contact - **Issues:** [GitHub Issues](https://github.com/yourusername/darksint/issues) - **Discussions:** [GitHub Discussions](https://github.com/yourusername/darksint/discussions) ## ⭐ Star History If you find DARKSINT useful, please consider giving it a star! ⭐ ## 🔗 Related Projects - [theHarvester](https://github.com/laramies/theHarvester) - Email, subdomain and people discovery - [Sherlock](https://github.com/sherlock-project/sherlock) - Hunt social media accounts - [Recon-ng](https://github.com/lanmaster53/recon-ng) - Full-featured reconnaissance framework - [SpiderFoot](https://github.com/smicallef/spiderfoot) - OSINT automation --- **Made with 💚 by security researchers, for security researchers** **⚡ DARKSINT - OVERPOWERED OSINT PLATFORM ⚡** |
||
|---|---|---|
| README.md | ||
| darksint | ||
README.md
⚡ DARKSINT ⚡
Advanced OSINT Reconnaissance Platform
A comprehensive, overpowered Open Source Intelligence (OSINT) gathering tool with a modern GUI. Perform deep reconnaissance on domains, emails, usernames, IP addresses, phone numbers, cryptocurrency wallets, and more - all without requiring API keys.
🔥 Features
🌐 Domain Intelligence
- WHOIS Deep Lookup - Complete domain registration information with age calculation
- DNS Deep Scan - 14 different DNS record types (A, AAAA, MX, NS, TXT, SOA, CNAME, PTR, SRV, CAA, DNSKEY, DS, NAPTR, TLSA)
- Subdomain Mega Scan - Aggressive enumeration of 300+ common subdomains with multi-threading
- SSL/TLS Analysis - Certificate inspection, cipher analysis, and security assessment
- Tech Stack Detection - Fingerprint 20+ web technologies and frameworks
- Certificate Transparency - Discover subdomains via CT logs (crt.sh)
- Zone Transfer Attempts - Automated AXFR testing
📧 Email Intelligence
- Deep Validation - Format checking, MX record verification, domain validation
- Breach Mega Search - Check against Have I Been Pwned and 4 other breach databases
- Email Permutations - Generate 26+ common email pattern variations
- Domain Email Harvesting - Extract emails from websites
- Disposable Email Detection - Identify temporary/throwaway email services
👤 Username Intelligence
- Mega Hunt - Search across 66+ social media and professional platforms
- GitHub Deep Dive - Profile analysis, repository enumeration, activity tracking, organization membership
- Gaming Profiles - Search 11 gaming platforms (Steam, Xbox, PlayStation, etc.)
- Developer Platforms - Check 13 development sites (GitHub, GitLab, Stack Overflow, etc.)
- Multi-threaded Checking - Concurrent platform verification for speed
🔍 IP/Network Intelligence
- Multi-Source Geolocation - Location data with Google Maps integration
- Reverse DNS Lookup - PTR record resolution
- Aggressive Port Scanning - Top 1000 ports with service/version detection
- Reputation & Threat Intel - 9 different threat intelligence sources
- ASN Lookup - Autonomous System information with network classification
- Device Search Engines - Direct links to Shodan, Censys, FOFA, ZoomEye, etc.
📱 Phone Intelligence
- Deep Analysis - Number breakdown, formatting, location intelligence
- Carrier Intelligence - Free carrier lookup resources
- Social Media Links - Facebook, WhatsApp, Telegram search methods
- Area Code Database - Geographic location and timezone information
₿ Cryptocurrency Intelligence
- Bitcoin Lookup - 4 blockchain explorer integrations
- Ethereum Lookup - 3 Ethereum-specific explorers
- Multi-Chain Search - Support for 11 different blockchains
- Wallet Analysis - Transaction history and balance checking
🔓 Data Leaks & Breaches
- Pastebin Search - Search across 8+ paste sites
- GitHub Dork Generator - 16 sensitive data search patterns
- Code Leak Search - 6 code repository platforms
- Paste Site Monitoring - Access to paste monitoring tools
⚡ Advanced Tools
- Google Dork Mega Generator - 60+ dorks across 7 categories
- Wayback Deep Scan - 1000+ historical snapshots via Archive.org CDX API
- Web Archive Hunt - 5 different web archive sources
- Company Intelligence - Business, financial, employee, and tech stack data
📊 Export Capabilities
- JSON Export - Machine-readable structured data
- TXT Export - Human-readable text reports
- HTML Reports - Beautiful styled HTML reports with hacker theme
🚀 Installation
Prerequisites
# Debian/Ubuntu
sudo apt update
sudo apt install -y python3 python3-pip nmap git
# Arch Linux
sudo pacman -S python python-pip nmap git
# Fedora/RHEL
sudo dnf install -y python3 python3-pip nmap git
Clone Repository
git clone https://github.com/yourusername/darksint.git
cd darksint
Install Python Dependencies
pip3 install -r darksint_requirements.txt
Make Executable
chmod +x darksint
💻 Usage
Launch DARKSINT
./darksint
Quick Examples
Domain Reconnaissance:
- Navigate to the "🌐 DOMAIN" tab
- Enter target domain (e.g.,
example.com) - Click "FULL RECON" for comprehensive analysis
Email Investigation:
- Go to "📧 EMAIL" tab
- Enter email address
- Click "Breach Mega Search" to check for data breaches
Username Hunt:
- Select "👤 USERNAME" tab
- Enter username
- Click "Social Media Hunt (50+)" to search 66+ platforms
IP Analysis:
- Open "🔍 IP/NETWORK" tab
- Enter IP address
- Click "Reputation+Threat Intel" for complete analysis
Export Results:
- Complete any scan
- Navigate to "⚡ ADVANCED" tab
- Choose export format (JSON, TXT, or HTML)
📋 Requirements
System Requirements
- OS: Linux (Debian, Ubuntu, Arch, Fedora, Kali, etc.)
- Python: 3.8 or higher
- RAM: 2GB minimum, 4GB recommended
- Disk: 100MB for installation
Python Dependencies
requests- HTTP librarypython-whois- WHOIS lookupsdnspython- DNS operationspython-nmap- Port scanningbeautifulsoup4- HTML parsingpyOpenSSL- SSL/TLS operations
🎯 Key Advantages
✅ 100% FREE - No API keys, no subscriptions, no hidden costs ✅ No Rate Limits - Most features work without external APIs ✅ Comprehensive - 8 major intelligence categories in one tool ✅ Fast - Multi-threaded operations for maximum speed ✅ Modern GUI - Beautiful hacker-themed interface ✅ Privacy-Focused - All processing happens locally ✅ Export Options - JSON, TXT, and HTML report formats ✅ Actively Maintained - Regular updates and improvements
🔧 Technical Details
Architecture
- Language: Python 3
- GUI Framework: Tkinter (built-in)
- Threading: Concurrent execution with ThreadPoolExecutor
- Network: Socket programming, DNS resolution, HTTP requests
- Scanning: Nmap integration for port scanning
Performance
- Subdomain Scanning: 50 concurrent threads, ~300 subdomains in 2-3 minutes
- Username Hunt: 20 concurrent threads, 66+ platforms in 1-2 minutes
- Port Scanning: Top 1000 ports with service detection in 3-5 minutes
- DNS Enumeration: 14 record types checked simultaneously
Wordlists
- Subdomains: 300+ common entries including cloud, admin, dev, staging, production
- Email Patterns: 26 common variations
- Google Dorks: 60+ across file types, admin panels, config files, databases
🛡️ Legal & Ethical Use
IMPORTANT: This tool is designed for authorized security testing, defensive security, penetration testing, CTF challenges, and educational purposes only.
Acceptable Use
✅ Penetration testing with written authorization ✅ Bug bounty programs ✅ Personal infrastructure assessment ✅ Educational research ✅ CTF competitions ✅ Defensive security operations
Prohibited Use
❌ Unauthorized network scanning ❌ Data theft or exfiltration ❌ Harassment or stalking ❌ Violation of privacy laws ❌ Any illegal activities
By using this tool, you agree to comply with all applicable laws and regulations. The developers assume no liability for misuse.
🤝 Contributing
Contributions are welcome! Here's how you can help:
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Areas for Contribution
- Additional subdomain wordlists
- New platform integrations
- Performance optimizations
- Bug fixes
- Documentation improvements
- Translation to other languages
🐛 Bug Reports
Found a bug? Please open an issue with:
- Detailed description
- Steps to reproduce
- Expected vs actual behavior
- Screenshots (if applicable)
- System information (OS, Python version)
📜 License
This project is licensed under the MIT License - see the LICENSE file for details.
🙏 Acknowledgments
- Have I Been Pwned - Breach data API
- crt.sh - Certificate Transparency logs
- ip-api.com - IP geolocation service
- GitHub API - Profile and repository data
- Archive.org - Wayback Machine CDX API
- Nmap - Network scanning capabilities
📧 Contact
- Issues: GitHub Issues
- Discussions: GitHub Discussions
⭐ Star History
If you find DARKSINT useful, please consider giving it a star! ⭐
🔗 Related Projects
- theHarvester - Email, subdomain and people discovery
- Sherlock - Hunt social media accounts
- Recon-ng - Full-featured reconnaissance framework
- SpiderFoot - OSINT automation
Made with 💚 by security researchers, for security researchers
⚡ DARKSINT - OVERPOWERED OSINT PLATFORM ⚡