Semi-automatic OSINT framework and package manager
Among other things, sn0int is currently able to:
sn0int is heavily inspired by recon-ng and maltego, but remains more flexible and is fully opensource. None of the investigations listed above are hardcoded in the source, instead those are provided by modules that are executed in a sandbox. You can easily extend sn0int by writing your own modules and share them with other users by publishing them to the sn0int registry. This allows you to ship updates for your modules on your own since you don't need to send a pull request.
For questions and support join us on IRC: irc.hackint.org:6697/#sn0int
pacman -S sn0int
brew install sn0int
There are prebuilt packages signed by a debian maintainer. We can import the key for this repository out of the debian keyring.
apt install debian-keyring gpg -a --export --keyring /usr/share/keyrings/debian-maintainers.gpg [email protected] | apt-key add - apt-key adv --keyserver keyserver.ubuntu.com --refresh-keys [email protected] echo deb http://apt.vulns.sexy stable main > /etc/apt/sources.list.d/apt-vulns-sexy.list apt update apt install sn0int
docker run --rm --init -it -v "$PWD/.cache:/cache" -v "$PWD/.data:/data" kpcyrd/sn0int
apk add sn0int
layman -a pentoo emerge --ask net-analyzer/sn0int
nix-env -i sn0int
For everything else please have a look at the detailed list.
This tool was written for companies to help them understand their attack surface from a blackbox point of view. It's often difficult to understand that something is easier to discover than some people assume, putting them at risk of false security.
It's also designed to be useful for red team assessments and bug bounties, which also help companies to identify weaknesses that could result in a compromise.
Some functionality was written to do the same thing for individuals to raise awareness about personal attack surface, privacy and how much data is publicly available. These issues are often out of scope in bug bounties and sometimes by design. We believe that blaming the user is the wrong approach and these issues should be addressed at the root cause by the people designing those systems.