Website OSINT untuk mencari informasi dari email dan nomor telepon. Dibuat dengan React dan Flask.

Related tags

Security related resourcesreactpythonflaskosintreactjsosint-tool
Overview

Inspektur

Cari informasi mengenai email dan nomor telepon dengan mudah.

GitHub issues GitHub release (latest by date including pre-releases) GitHub

Inspektur adalah aplikasi OSINT yang berguna untuk mencari informasi berdasarkan email dan nomor telepon.

Fitur

  • Mengecek akun yang terdaftar dari banyak situs berdasarkan email
  • Mengecek akun Instagram dan Snapchat berdasarkan nomor telepon
  • Mengecek informasi detail akun Telegram
  • Mengecek data yang bocor berdasarkan data HIBP

Demo

Demo

Daftar Isi

Cara Kerja

Inspektur akan memeriksa email dan nomor telepon yang diberikan dengan menggunakan teknik lupa password. Inspektur juga mengecek informasi mengenai data email yang bocor dan mengambil infromasi akun Telegram dari nomor telepon yang bersangkutan.

Data yang bocor didapatkan dari Periksa Data yang merujuk ke Have I Been Pwned.

Catatan

Karena website Inspektur saat ini tidak menggunakan proxy untuk mengambil data, rate limit mungkin akan terjadi yang menyebabkan kurang maksimalnya data yang dapat diambil, maka dari itu saya menyarankan untuk menjalankan aplikasi Inspektur sendiri jika ingin mendapatkan hasil yang lebih maksimal.

Cara Menjalankan Aplikasi

Inspektur menggunakan Telegram API agar dapat bekerja, sebelum menjalankan aplikasi kalian harus mendapatkan file session Telegram terlebih dahulu.

Cara mendapatkan file session Telegram

  • Clone repository ini
  • Copy .env.example ke .env
  • Ubah TELEGRAM_API_ID, TELEGRAM_API_HASH, dengan token akun Telegram
  • Install modul yang dibutuhkan: 
    $ python -m venv venv
$ source venv/bin/activate
$ pip install -r requirements.txt
  • Jalankan file telegram.py 
    $ python modules/telegram.py
  • Masukan nomor HP dan lakukan autentikasi sesuai instruksi
  • Jika sudah berhasil, maka akan terdapat file login.session, upload file ini object storage (Firebase, S3, dll) agar bisa diakses oleh aplikasi
  • Ubah TELEGRAM_SESSION_URL dengan URL file login.session tadi

Menjalankan aplikasi dengan Docker Compose

  • Pastikan file .env sudah terisi semua
  • Ubah variabel API_URL di client/src/config.js dengan 127.0.0.1:5000
  • Jalakan Docker Compose 
    $ docker-compose up
  • Aplikasi client bisa diakses di localhost:3000 dan API bisa diakses di localhost:5000

Menjakankan aplikasi secara manual

  • Clone repository ini
  • Ubah variabel API_URL di client/src/config.js dengan 127.0.0.1:5000
  • Jalankan server client: 
    $ cd client
$ npm install
$ npm start
  • Jalankan server API: 
    $ cd api
$ python -m venv venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ python app.py

Kontribusi

Kontribusi sangat dibutuhkan untuk aplikasi ini, pull request terbuka untuk umum, tetapi untuk pengubahan fitur silakan buat issue terlebih dahulu untuk mendiskusikan apa yang ingin diubah.

Lisensi & Atribusi

Gambar dan icon dari aplikasi didapatkan dari Flaticon

You might also like...
This tool was created in order to automate some basic OSINT tasks for penetration testing assingments.

This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where this function first perform basic google dorking to find the targets public documents. These documents will then be downloaded to the attackers computer and can be used further to identify metadata about the client.

Tobias 5 May 31, 2022
An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic lights, Refridgerators, Smart TVs etc.

An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic

Richard Mwewa 48 Nov 20, 2022
Mr.Holmes is a information gathering tool (OSINT)
Mr.Holmes is a information gathering tool (OSINT)

🔍 Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t

null 534 Jan 8, 2023
A OSINT tool coded in python

Argus Welcome to Argus, a OSINT tool coded in python. Disclaimer I Am not responsible what you do with the information that is given to you by my tool

Aidan 2 Mar 20, 2022
SSH Tool For OSINT and then Cracking.
SSH Tool For OSINT and then Cracking.

sshmap SSH Tool For OSINT and then Cracking. Linux Systems Only Usage: Scanner Syntax: scanner start/stop/status - Sarts/stops/sho

Miss Bliss 5 Apr 4, 2022
Sentinel-1 SAR time series analysis for OSINT use

SARveillance Sentinel-1 SAR time series analysis for OSINT use. Description Generates a time lapse GIF of the Sentinel-1 satellite images for the loca

null 21 Dec 9, 2022
Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone
Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone

Simple OSINT script to find Instagram profiles by name and e-mail/phone

null 108 Jan 7, 2023
OSINT Cybersecurity Tools
OSINT Cybersecurity Tools

OSINT Cybersecurity Tools Welcome to the World of OSINT: An ongoing collection of awesome tools and frameworks, best security software practices, libr

Paul Veillard, P. Eng 7 Jul 1, 2022
Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

null 3 Apr 9, 2022
Releases(v.0.1.0-alpha)
Owner
Bagas Wastu
Bagas Wastu
GitHub Repository https://inspektur.app.wastu.dev
A local Socks5 server written in python, used for integrating Multi-hop

proxy-Zata proxy-Zata v1.0 This is a local Socks5 server written in python, used for integrating Multi-hop (Socks4/Socks5/HTTP) forward proxy then pro

4 Feb 24, 2022
Hack computer in the form of RAR files from all types of clients, even Linux

Program Features 📌 Hide malware 📌 Vulnerability software vulnerabilities RAR 📌 Creating malware 📌 Access client files 📌 Client Hacking 📌 Link Do

hack4lx 5 Nov 25, 2022
一款Web在线自动免杀工具

一款利用加载器以及Python反序列化绕过AV的在线免杀工具 因为打包方式的局限性,不能跨平台,若要生成exe格式的只能在Windows下运行本项目 打包速度有点慢,提交后稍等一会 开发环境及运行 前端使用Bootstrap框架,后端使用Django框架 。

yhy 172 Nov 28, 2022
Tool to scan for RouterOS (Mikrotik) forensic artifacts and vulnerabilities.

RouterOS Scanner Forensics tool for Mikrotik devices. Search for suspicious properties and weak security points that need to be fixed on the router. T

Microsoft 823 Dec 21, 2022
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co

Podalirius 396 Jan 08, 2023
NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains

NexScanner NexScanner is a tool which helps you scan a website for sub-domains and also to find login pages in the website like the admin login panel

8 Sep 03, 2022
宝塔面板Windows版提权方法

宝塔面板Windows提权方法 本项目整理一些宝塔特性,可以在无漏洞的情况下利用这些特性来增加提权的机会。

298 Dec 14, 2022
Used to build an XSS platform on the command line.

pyXSSPlatform Used to build an XSS platform on the command line. Usage: 1.generate the cert file You can use openssl like this: openssl req -new -x509

70 Jun 21, 2022
A burp-suite plugin that extract all parameter names from in-scope requests

ParamsExtractor A burp-suite plugin that extract all parameters name from in-scope requests. You can run the plugin while you are working on the targe

29 Nov 09, 2022
C++ fully undetected shellcode launcher

charlotte c++ fully undetected shellcode launcher ;) releasing this to celebrate the birth of my newborn description 13/05/2021: c++ shellcode launche

894 Dec 25, 2022
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address.

Automator-Terminator A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers (PLCs) w

25 Oct 10, 2022
Mass scan for .git repository and .env file exposure

Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response

8 Jun 23, 2022
Provides script to download and format public IP lists related to the Log4j exploit.

Provides script to download and format public IP lists related to the Log4j exploit. Current format includes: plain list, Cisco ASA Network Group.

Gianluca Ulivi 1 Jan 02, 2022
DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)

dnspooq DNSpooq PoC - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685) For educational purposes only Requirements Docker compo

Teppei Fukuda 80 Nov 28, 2022
CVE 2020-14871 Solaris exploit

CVE 2020-14871 Solaris exploit This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems. The act

Robin Massink 2 Oct 25, 2022
Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers

Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers New Update : adding 'on-review' tag on an issue

A N U S H 13 Sep 19, 2021
Having a weak password is not good for a system that demands high confidentiality and security of user credentials

Having a weak password is not good for a system that demands high confidentiality and security of user credentials. It turns out that people find it difficult to make up a strong password that is str

PyLaboratory 0 Feb 07, 2022
D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode.

Introduction fork from https://gitlab.com/eshard/d810 What is D-810 D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation

Banny 30 Dec 06, 2022
A small Minecraft server to help players detect vulnerability to the Log4Shell exploit 🐚

log4check A small Minecraft server to help players detect vulnerability to the Log4Shell exploit 🐚 Tested to work between Minecraft versions 1.12.2 a

Evan J. Markowitz 4 Dec 23, 2021
KeyLogger

By-Emirhan KeyLogger Hangi Sistemlerde Çalışır? | On Which Systems Does It Work? KALİ LİNUX UBUNTU PARDUS MİNT TERMUX ARCH YÜKLEME & ÇALIŞTIRMA KOMUTL

2 Feb 24, 2022