9.3 KiB

Raw Permalink Blame History

⚡ DARKSINT ⚡

Advanced OSINT Reconnaissance Platform

A comprehensive, overpowered Open Source Intelligence (OSINT) gathering tool with a modern GUI. Perform deep reconnaissance on domains, emails, usernames, IP addresses, phone numbers, cryptocurrency wallets, and more - all without requiring API keys.

🔥 Features

🌐 Domain Intelligence

WHOIS Deep Lookup - Complete domain registration information with age calculation
DNS Deep Scan - 14 different DNS record types (A, AAAA, MX, NS, TXT, SOA, CNAME, PTR, SRV, CAA, DNSKEY, DS, NAPTR, TLSA)
Subdomain Mega Scan - Aggressive enumeration of 300+ common subdomains with multi-threading
SSL/TLS Analysis - Certificate inspection, cipher analysis, and security assessment
Tech Stack Detection - Fingerprint 20+ web technologies and frameworks
Certificate Transparency - Discover subdomains via CT logs (crt.sh)
Zone Transfer Attempts - Automated AXFR testing

📧 Email Intelligence

Deep Validation - Format checking, MX record verification, domain validation
Breach Mega Search - Check against Have I Been Pwned and 4 other breach databases
Email Permutations - Generate 26+ common email pattern variations
Domain Email Harvesting - Extract emails from websites
Disposable Email Detection - Identify temporary/throwaway email services

👤 Username Intelligence

Mega Hunt - Search across 66+ social media and professional platforms
GitHub Deep Dive - Profile analysis, repository enumeration, activity tracking, organization membership
Gaming Profiles - Search 11 gaming platforms (Steam, Xbox, PlayStation, etc.)
Developer Platforms - Check 13 development sites (GitHub, GitLab, Stack Overflow, etc.)
Multi-threaded Checking - Concurrent platform verification for speed

🔍 IP/Network Intelligence

Multi-Source Geolocation - Location data with Google Maps integration
Reverse DNS Lookup - PTR record resolution
Aggressive Port Scanning - Top 1000 ports with service/version detection
Reputation & Threat Intel - 9 different threat intelligence sources
ASN Lookup - Autonomous System information with network classification
Device Search Engines - Direct links to Shodan, Censys, FOFA, ZoomEye, etc.

📱 Phone Intelligence

Deep Analysis - Number breakdown, formatting, location intelligence
Carrier Intelligence - Free carrier lookup resources
Social Media Links - Facebook, WhatsApp, Telegram search methods
Area Code Database - Geographic location and timezone information

₿ Cryptocurrency Intelligence

Bitcoin Lookup - 4 blockchain explorer integrations
Ethereum Lookup - 3 Ethereum-specific explorers
Multi-Chain Search - Support for 11 different blockchains
Wallet Analysis - Transaction history and balance checking

🔓 Data Leaks & Breaches

Pastebin Search - Search across 8+ paste sites
GitHub Dork Generator - 16 sensitive data search patterns
Code Leak Search - 6 code repository platforms
Paste Site Monitoring - Access to paste monitoring tools

⚡ Advanced Tools

Google Dork Mega Generator - 60+ dorks across 7 categories
Wayback Deep Scan - 1000+ historical snapshots via Archive.org CDX API
Web Archive Hunt - 5 different web archive sources
Company Intelligence - Business, financial, employee, and tech stack data

📊 Export Capabilities

JSON Export - Machine-readable structured data
TXT Export - Human-readable text reports
HTML Reports - Beautiful styled HTML reports with hacker theme

🚀 Installation

Prerequisites

# Debian/Ubuntu
sudo apt update
sudo apt install -y python3 python3-pip nmap git

# Arch Linux
sudo pacman -S python python-pip nmap git

# Fedora/RHEL
sudo dnf install -y python3 python3-pip nmap git

Clone Repository

git clone https://github.com/yourusername/darksint.git
cd darksint

Install Python Dependencies

pip3 install -r darksint_requirements.txt

Make Executable

chmod +x darksint

💻 Usage

Launch DARKSINT

./darksint

Quick Examples

Domain Reconnaissance:

Navigate to the "🌐 DOMAIN" tab
Enter target domain (e.g., example.com)
Click "FULL RECON" for comprehensive analysis

Email Investigation:

Go to "📧 EMAIL" tab
Enter email address
Click "Breach Mega Search" to check for data breaches

Username Hunt:

Select "👤 USERNAME" tab
Enter username
Click "Social Media Hunt (50+)" to search 66+ platforms

IP Analysis:

Open "🔍 IP/NETWORK" tab
Enter IP address
Click "Reputation+Threat Intel" for complete analysis

Export Results:

Complete any scan
Navigate to "⚡ ADVANCED" tab
Choose export format (JSON, TXT, or HTML)

📋 Requirements

System Requirements

OS: Linux (Debian, Ubuntu, Arch, Fedora, Kali, etc.)
Python: 3.8 or higher
RAM: 2GB minimum, 4GB recommended
Disk: 100MB for installation

Python Dependencies

requests - HTTP library
python-whois - WHOIS lookups
dnspython - DNS operations
python-nmap - Port scanning
beautifulsoup4 - HTML parsing
pyOpenSSL - SSL/TLS operations

🎯 Key Advantages

✅ 100% FREE - No API keys, no subscriptions, no hidden costs ✅ No Rate Limits - Most features work without external APIs ✅ Comprehensive - 8 major intelligence categories in one tool ✅ Fast - Multi-threaded operations for maximum speed ✅ Modern GUI - Beautiful hacker-themed interface ✅ Privacy-Focused - All processing happens locally ✅ Export Options - JSON, TXT, and HTML report formats ✅ Actively Maintained - Regular updates and improvements

🔧 Technical Details

Architecture

Language: Python 3
GUI Framework: Tkinter (built-in)
Threading: Concurrent execution with ThreadPoolExecutor
Network: Socket programming, DNS resolution, HTTP requests
Scanning: Nmap integration for port scanning

Performance

Subdomain Scanning: 50 concurrent threads, ~300 subdomains in 2-3 minutes
Username Hunt: 20 concurrent threads, 66+ platforms in 1-2 minutes
Port Scanning: Top 1000 ports with service detection in 3-5 minutes
DNS Enumeration: 14 record types checked simultaneously

Wordlists

Subdomains: 300+ common entries including cloud, admin, dev, staging, production
Email Patterns: 26 common variations
Google Dorks: 60+ across file types, admin panels, config files, databases

🛡️ Legal & Ethical Use

IMPORTANT: This tool is designed for authorized security testing, defensive security, penetration testing, CTF challenges, and educational purposes only.

Acceptable Use

✅ Penetration testing with written authorization ✅ Bug bounty programs ✅ Personal infrastructure assessment ✅ Educational research ✅ CTF competitions ✅ Defensive security operations

Prohibited Use

❌ Unauthorized network scanning ❌ Data theft or exfiltration ❌ Harassment or stalking ❌ Violation of privacy laws ❌ Any illegal activities

By using this tool, you agree to comply with all applicable laws and regulations. The developers assume no liability for misuse.

🤝 Contributing

Contributions are welcome! Here's how you can help:

Fork the repository
Create a feature branch (git checkout -b feature/AmazingFeature)
Commit your changes (git commit -m 'Add AmazingFeature')
Push to the branch (git push origin feature/AmazingFeature)
Open a Pull Request

Areas for Contribution

Additional subdomain wordlists
New platform integrations
Performance optimizations
Bug fixes
Documentation improvements
Translation to other languages

🐛 Bug Reports

Found a bug? Please open an issue with:

Detailed description
Steps to reproduce
Expected vs actual behavior
Screenshots (if applicable)
System information (OS, Python version)

📜 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

Have I Been Pwned - Breach data API
crt.sh - Certificate Transparency logs
ip-api.com - IP geolocation service
GitHub API - Profile and repository data
Archive.org - Wayback Machine CDX API
Nmap - Network scanning capabilities

📧 Contact

Issues: GitHub Issues
Discussions: GitHub Discussions

⭐ Star History

If you find DARKSINT useful, please consider giving it a star! ⭐

theHarvester - Email, subdomain and people discovery
Sherlock - Hunt social media accounts
Recon-ng - Full-featured reconnaissance framework
SpiderFoot - OSINT automation

Made with 💚 by security researchers, for security researchers

⚡ DARKSINT - OVERPOWERED OSINT PLATFORM ⚡

9.3 KiB Raw Permalink Blame History