sn0int

Semi-automatic OSINT framework written in Rust. Uses a module registry (similar to npm) where community-written modules query APIs, scrape data, and correlate information about a target.

Install

# Arch
pacman -S sn0int
 
# Kali
apt install sn0int
 
# Cargo
cargo install sn0int

Concepts

Workspace: Isolated database per investigation
Entities: Domains, IPs, emails, URLs, persons, etc.
Modules: Scripts (Lua) that add entities and relationships
Registry: Community module repository at sn0int.com

Basic workflow

# Start interactive shell
sn0int
 
# Inside sn0int:
workspace myinvestigation
add domain example.com
 
# Install a module
pkg install kpcyrd/dns-resolve
 
# Run it against all domains in workspace
use kpcyrd/dns-resolve
run
 
# View results
select domains

Common modules

kpcyrd/dns-resolve       # DNS resolution for all domain entities
kpcyrd/cert-transparency # Find subdomains via CT logs
kpcyrd/url-scan          # HTTP probing
kpcyrd/pgp-keyserver     # Find emails via PGP key servers
kpcyrd/whois-domain      # WHOIS lookups

Scripting

Modules are written in Lua with a sandboxed API:

-- example module
function run(arg)
    local domain = arg["value"]
    local records = dns(domain, "A")
    for _, ip in ipairs(records) do
        db_add("ipaddr", {value=ip})
    end
end

Knowledge Base

Explorer

sn0int

sn0int

Install

Concepts

Basic workflow

Common modules

Scripting

Graph View

Table of Contents

Backlinks