Hack Tools

sn0int v0.14 releases: OSINT framework and package manager


sn0int is an OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. It is an enumerating attack surface by semi-automatically processing public information and mapping the results in a unified format for follow-up investigations.

Among other things, it is currently able to:

  • Harvest subdomains from certificate transparency logs and passive dns
  • Enrich ip addresses with asn and geoip info
  • Harvest emails from pgp keyservers and whois
  • Discover compromised logins in breaches
  • Find somebody’s profiles across the internet
  • Enumerate local networks with unique techniques like passive arp
  • Gather information about phonenumbers
  • Attempt to bypass Cloudflare with shodan
  • Harvest data and images from Instagram profiles
  • Scan images for nudity

It is heavily inspired by recon-ng and maltego, but remains more flexible and is fully opensource. None of the investigations listed above is hardcoded in the source, instead, those are provided by modules that are executed in a sandbox. You can easily extend sn0int by writing your own modules and share them with other users by publishing them to the sn0int registry. This allows you to ship updates for your modules on your own since you don’t need to send a pull request.

Changelog v0.14

  • Added a very basic sn0int repl to make script development easier
  • Added improved support for apis hosted on .onions
  • Added crypto currency addresses as new struct
  • Added sn0int export as a command to export a workspace to json
  • The target option is now exposed on the cli to run an investigation on a subset of the structs in scope, this can be used with sn0int run -t 'where id=1' foo
  • Improved normalization when adding structs
  • Improved date functions (there are going to be deprecation warnings on the next release)
  • Added stdin_read_to_end to read all of stdin into a string
  • last_seen automatically selects the most recent date so scripts don’t need to check this manually
  • Fixed pgp uid decoding issue
  • Minor bugfixes and improvements

Install & Use

Copyright (C) 2018 kpcyrd

The post sn0int v0.14 releases: OSINT framework and package manager appeared first on Penetration Testing.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

To Top

Pin It on Pinterest

Share This