sinX
/
DarkSint
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
DarkSint/README.md

268 lines
9.3 KiB
Markdown
Raw Permalink Blame History

# ⚡ DARKSINT ⚡
**Advanced OSINT Reconnaissance Platform**
A comprehensive, overpowered Open Source Intelligence (OSINT) gathering tool with a modern GUI. Perform deep reconnaissance on domains, emails, usernames, IP addresses, phone numbers, cryptocurrency wallets, and more - all without requiring API keys.
![License](https://img.shields.io/badge/license-MIT-green)
![Python](https://img.shields.io/badge/python-3.8%2B-blue)
![Platform](https://img.shields.io/badge/platform-linux-lightgrey)
![Status](https://img.shields.io/badge/status-active-success)
## 🔥 Features
### 🌐 Domain Intelligence
- **WHOIS Deep Lookup** - Complete domain registration information with age calculation
- **DNS Deep Scan** - 14 different DNS record types (A, AAAA, MX, NS, TXT, SOA, CNAME, PTR, SRV, CAA, DNSKEY, DS, NAPTR, TLSA)
- **Subdomain Mega Scan** - Aggressive enumeration of 300+ common subdomains with multi-threading
- **SSL/TLS Analysis** - Certificate inspection, cipher analysis, and security assessment
- **Tech Stack Detection** - Fingerprint 20+ web technologies and frameworks
- **Certificate Transparency** - Discover subdomains via CT logs (crt.sh)
- **Zone Transfer Attempts** - Automated AXFR testing
### 📧 Email Intelligence
- **Deep Validation** - Format checking, MX record verification, domain validation
- **Breach Mega Search** - Check against Have I Been Pwned and 4 other breach databases
- **Email Permutations** - Generate 26+ common email pattern variations
- **Domain Email Harvesting** - Extract emails from websites
- **Disposable Email Detection** - Identify temporary/throwaway email services
### 👤 Username Intelligence
- **Mega Hunt** - Search across 66+ social media and professional platforms
- **GitHub Deep Dive** - Profile analysis, repository enumeration, activity tracking, organization membership
- **Gaming Profiles** - Search 11 gaming platforms (Steam, Xbox, PlayStation, etc.)
- **Developer Platforms** - Check 13 development sites (GitHub, GitLab, Stack Overflow, etc.)
- **Multi-threaded Checking** - Concurrent platform verification for speed
### 🔍 IP/Network Intelligence
- **Multi-Source Geolocation** - Location data with Google Maps integration
- **Reverse DNS Lookup** - PTR record resolution
- **Aggressive Port Scanning** - Top 1000 ports with service/version detection
- **Reputation & Threat Intel** - 9 different threat intelligence sources
- **ASN Lookup** - Autonomous System information with network classification
- **Device Search Engines** - Direct links to Shodan, Censys, FOFA, ZoomEye, etc.
### 📱 Phone Intelligence
- **Deep Analysis** - Number breakdown, formatting, location intelligence
- **Carrier Intelligence** - Free carrier lookup resources
- **Social Media Links** - Facebook, WhatsApp, Telegram search methods
- **Area Code Database** - Geographic location and timezone information
### ₿ Cryptocurrency Intelligence
- **Bitcoin Lookup** - 4 blockchain explorer integrations
- **Ethereum Lookup** - 3 Ethereum-specific explorers
- **Multi-Chain Search** - Support for 11 different blockchains
- **Wallet Analysis** - Transaction history and balance checking
### 🔓 Data Leaks & Breaches
- **Pastebin Search** - Search across 8+ paste sites
- **GitHub Dork Generator** - 16 sensitive data search patterns
- **Code Leak Search** - 6 code repository platforms
- **Paste Site Monitoring** - Access to paste monitoring tools
### ⚡ Advanced Tools
- **Google Dork Mega Generator** - 60+ dorks across 7 categories
- **Wayback Deep Scan** - 1000+ historical snapshots via Archive.org CDX API
- **Web Archive Hunt** - 5 different web archive sources
- **Company Intelligence** - Business, financial, employee, and tech stack data
### 📊 Export Capabilities
- **JSON Export** - Machine-readable structured data
- **TXT Export** - Human-readable text reports
- **HTML Reports** - Beautiful styled HTML reports with hacker theme
## 🚀 Installation
### Prerequisites
```bash
# Debian/Ubuntu
sudo apt update
sudo apt install -y python3 python3-pip nmap git
# Arch Linux
sudo pacman -S python python-pip nmap git
# Fedora/RHEL
sudo dnf install -y python3 python3-pip nmap git
```
### Clone Repository
```bash
git clone https://github.com/yourusername/darksint.git
cd darksint
```
### Install Python Dependencies
```bash
pip3 install -r darksint_requirements.txt
```
### Make Executable
```bash
chmod +x darksint
```
## 💻 Usage
### Launch DARKSINT
```bash
./darksint
```
### Quick Examples
**Domain Reconnaissance:**
1. Navigate to the "🌐 DOMAIN" tab
2. Enter target domain (e.g., `example.com`)
3. Click "FULL RECON" for comprehensive analysis
**Email Investigation:**
1. Go to "📧 EMAIL" tab
2. Enter email address
3. Click "Breach Mega Search" to check for data breaches
**Username Hunt:**
1. Select "👤 USERNAME" tab
2. Enter username
3. Click "Social Media Hunt (50+)" to search 66+ platforms
**IP Analysis:**
1. Open "🔍 IP/NETWORK" tab
2. Enter IP address
3. Click "Reputation+Threat Intel" for complete analysis
**Export Results:**
1. Complete any scan
2. Navigate to "⚡ ADVANCED" tab
3. Choose export format (JSON, TXT, or HTML)
## 📋 Requirements
### System Requirements
- **OS:** Linux (Debian, Ubuntu, Arch, Fedora, Kali, etc.)
- **Python:** 3.8 or higher
- **RAM:** 2GB minimum, 4GB recommended
- **Disk:** 100MB for installation
### Python Dependencies
- `requests` - HTTP library
- `python-whois` - WHOIS lookups
- `dnspython` - DNS operations
- `python-nmap` - Port scanning
- `beautifulsoup4` - HTML parsing
- `pyOpenSSL` - SSL/TLS operations
## 🎯 Key Advantages
**100% FREE** - No API keys, no subscriptions, no hidden costs
**No Rate Limits** - Most features work without external APIs
**Comprehensive** - 8 major intelligence categories in one tool
**Fast** - Multi-threaded operations for maximum speed
**Modern GUI** - Beautiful hacker-themed interface
**Privacy-Focused** - All processing happens locally
**Export Options** - JSON, TXT, and HTML report formats
**Actively Maintained** - Regular updates and improvements
## 🔧 Technical Details
### Architecture
- **Language:** Python 3
- **GUI Framework:** Tkinter (built-in)
- **Threading:** Concurrent execution with ThreadPoolExecutor
- **Network:** Socket programming, DNS resolution, HTTP requests
- **Scanning:** Nmap integration for port scanning
### Performance
- **Subdomain Scanning:** 50 concurrent threads, ~300 subdomains in 2-3 minutes
- **Username Hunt:** 20 concurrent threads, 66+ platforms in 1-2 minutes
- **Port Scanning:** Top 1000 ports with service detection in 3-5 minutes
- **DNS Enumeration:** 14 record types checked simultaneously
### Wordlists
- **Subdomains:** 300+ common entries including cloud, admin, dev, staging, production
- **Email Patterns:** 26 common variations
- **Google Dorks:** 60+ across file types, admin panels, config files, databases
## 🛡️ Legal & Ethical Use
**IMPORTANT:** This tool is designed for authorized security testing, defensive security, penetration testing, CTF challenges, and educational purposes only.
### Acceptable Use
✅ Penetration testing with written authorization
✅ Bug bounty programs
✅ Personal infrastructure assessment
✅ Educational research
✅ CTF competitions
✅ Defensive security operations
### Prohibited Use
❌ Unauthorized network scanning
❌ Data theft or exfiltration
❌ Harassment or stalking
❌ Violation of privacy laws
❌ Any illegal activities
**By using this tool, you agree to comply with all applicable laws and regulations. The developers assume no liability for misuse.**
## 🤝 Contributing
Contributions are welcome! Here's how you can help:
1. **Fork the repository**
2. **Create a feature branch** (`git checkout -b feature/AmazingFeature`)
3. **Commit your changes** (`git commit -m 'Add AmazingFeature'`)
4. **Push to the branch** (`git push origin feature/AmazingFeature`)
5. **Open a Pull Request**
### Areas for Contribution
- Additional subdomain wordlists
- New platform integrations
- Performance optimizations
- Bug fixes
- Documentation improvements
- Translation to other languages
## 🐛 Bug Reports
Found a bug? Please open an issue with:
- Detailed description
- Steps to reproduce
- Expected vs actual behavior
- Screenshots (if applicable)
- System information (OS, Python version)
## 📜 License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
## 🙏 Acknowledgments
- **Have I Been Pwned** - Breach data API
- **crt.sh** - Certificate Transparency logs
- **ip-api.com** - IP geolocation service
- **GitHub API** - Profile and repository data
- **Archive.org** - Wayback Machine CDX API
- **Nmap** - Network scanning capabilities
## 📧 Contact
- **Issues:** [GitHub Issues](https://github.com/yourusername/darksint/issues)
- **Discussions:** [GitHub Discussions](https://github.com/yourusername/darksint/discussions)
## ⭐ Star History
If you find DARKSINT useful, please consider giving it a star! ⭐
## 🔗 Related Projects
- [theHarvester](https://github.com/laramies/theHarvester) - Email, subdomain and people discovery
- [Sherlock](https://github.com/sherlock-project/sherlock) - Hunt social media accounts
- [Recon-ng](https://github.com/lanmaster53/recon-ng) - Full-featured reconnaissance framework
- [SpiderFoot](https://github.com/smicallef/spiderfoot) - OSINT automation
---
**Made with 💚 by security researchers, for security researchers**
**⚡ DARKSINT - OVERPOWERED OSINT PLATFORM ⚡**
Reference in New Issue View Git Blame Copy Permalink