Website OSINT untuk mencari informasi dari email dan nomor telepon. Dibuat dengan React dan Flask.

Related tags

Security related resourcesreactpythonflaskosintreactjsosint-tool
Overview

Inspektur

Cari informasi mengenai email dan nomor telepon dengan mudah.

GitHub issues GitHub release (latest by date including pre-releases) GitHub

Inspektur adalah aplikasi OSINT yang berguna untuk mencari informasi berdasarkan email dan nomor telepon.

Fitur

  • Mengecek akun yang terdaftar dari banyak situs berdasarkan email
  • Mengecek akun Instagram dan Snapchat berdasarkan nomor telepon
  • Mengecek informasi detail akun Telegram
  • Mengecek data yang bocor berdasarkan data HIBP

Demo

Demo

Daftar Isi

Cara Kerja

Inspektur akan memeriksa email dan nomor telepon yang diberikan dengan menggunakan teknik lupa password. Inspektur juga mengecek informasi mengenai data email yang bocor dan mengambil infromasi akun Telegram dari nomor telepon yang bersangkutan.

Data yang bocor didapatkan dari Periksa Data yang merujuk ke Have I Been Pwned.

Catatan

Karena website Inspektur saat ini tidak menggunakan proxy untuk mengambil data, rate limit mungkin akan terjadi yang menyebabkan kurang maksimalnya data yang dapat diambil, maka dari itu saya menyarankan untuk menjalankan aplikasi Inspektur sendiri jika ingin mendapatkan hasil yang lebih maksimal.

Cara Menjalankan Aplikasi

Inspektur menggunakan Telegram API agar dapat bekerja, sebelum menjalankan aplikasi kalian harus mendapatkan file session Telegram terlebih dahulu.

Cara mendapatkan file session Telegram

  • Clone repository ini
  • Copy .env.example ke .env
  • Ubah TELEGRAM_API_ID, TELEGRAM_API_HASH, dengan token akun Telegram
  • Install modul yang dibutuhkan: 
    $ python -m venv venv
$ source venv/bin/activate
$ pip install -r requirements.txt
  • Jalankan file telegram.py 
    $ python modules/telegram.py
  • Masukan nomor HP dan lakukan autentikasi sesuai instruksi
  • Jika sudah berhasil, maka akan terdapat file login.session, upload file ini object storage (Firebase, S3, dll) agar bisa diakses oleh aplikasi
  • Ubah TELEGRAM_SESSION_URL dengan URL file login.session tadi

Menjalankan aplikasi dengan Docker Compose

  • Pastikan file .env sudah terisi semua
  • Ubah variabel API_URL di client/src/config.js dengan 127.0.0.1:5000
  • Jalakan Docker Compose 
    $ docker-compose up
  • Aplikasi client bisa diakses di localhost:3000 dan API bisa diakses di localhost:5000

Menjakankan aplikasi secara manual

  • Clone repository ini
  • Ubah variabel API_URL di client/src/config.js dengan 127.0.0.1:5000
  • Jalankan server client: 
    $ cd client
$ npm install
$ npm start
  • Jalankan server API: 
    $ cd api
$ python -m venv venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ python app.py

Kontribusi

Kontribusi sangat dibutuhkan untuk aplikasi ini, pull request terbuka untuk umum, tetapi untuk pengubahan fitur silakan buat issue terlebih dahulu untuk mendiskusikan apa yang ingin diubah.

Lisensi & Atribusi

Gambar dan icon dari aplikasi didapatkan dari Flaticon

You might also like...
This tool was created in order to automate some basic OSINT tasks for penetration testing assingments.

This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where this function first perform basic google dorking to find the targets public documents. These documents will then be downloaded to the attackers computer and can be used further to identify metadata about the client.

Tobias 5 May 31, 2022
An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic lights, Refridgerators, Smart TVs etc.

An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic

Richard Mwewa 48 Nov 20, 2022
Mr.Holmes is a information gathering tool (OSINT)
Mr.Holmes is a information gathering tool (OSINT)

🔍 Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t

null 534 Jan 8, 2023
A OSINT tool coded in python

Argus Welcome to Argus, a OSINT tool coded in python. Disclaimer I Am not responsible what you do with the information that is given to you by my tool

Aidan 2 Mar 20, 2022
SSH Tool For OSINT and then Cracking.
SSH Tool For OSINT and then Cracking.

sshmap SSH Tool For OSINT and then Cracking. Linux Systems Only Usage: Scanner Syntax: scanner start/stop/status - Sarts/stops/sho

Miss Bliss 5 Apr 4, 2022
Sentinel-1 SAR time series analysis for OSINT use

SARveillance Sentinel-1 SAR time series analysis for OSINT use. Description Generates a time lapse GIF of the Sentinel-1 satellite images for the loca

null 21 Dec 9, 2022
Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone
Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone

Simple OSINT script to find Instagram profiles by name and e-mail/phone

null 108 Jan 7, 2023
OSINT Cybersecurity Tools
OSINT Cybersecurity Tools

OSINT Cybersecurity Tools Welcome to the World of OSINT: An ongoing collection of awesome tools and frameworks, best security software practices, libr

Paul Veillard, P. Eng 7 Jul 1, 2022
Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

null 3 Apr 9, 2022
Releases(v.0.1.0-alpha)
Owner
Bagas Wastu
Bagas Wastu
GitHub Repository https://inspektur.app.wastu.dev
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works

Krypt0mux 162 Nov 25, 2022
Tool for finding PHP source code vulnerabilities.

vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu

Mateo Hanžek 1 Jan 14, 2022
Fast Fb Cracking Tool

fb-brute Fast Fb Cracking Tool 🏆

Aryan 8 Jun 29, 2022
Brute-forcing (or not!) deck builder for Pokemon Trading Card Game.

PokeBot Deck Builder Brute-forcing (or not!) deck builder for Pokemon Trading Card Game. Warning: intensely not optimized and spaghetti coded Credits

Hocky Harijanto 0 Jan 10, 2022
Add a Web Server based on Rogue Mysql Server to allow remote user get

介绍 对于需要使用 Rogue Mysql Server 的漏洞来说,若想批量检测这种漏洞的话需要自备一个服务器。并且我常用的Rogue Mysql Server 脚本 不支持动态更改读取文件名、不支持远程用户访问读取结果、不支持批量化检测网站。于是乎萌生了这个小脚本的想法 Rogue-MySql-

6 May 17, 2022
How to exploit a double free vulnerability in 2021. 'Use-After-Free for Dummies'

This bug doesn’t exist on x86: Exploiting an ARM-only race condition How to exploit a double free and get a shell. "Use-After-Free for dummies" In thi

Stephen Tong 1.2k Dec 25, 2022
A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.

MacPer A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms. Not all of the exploits directly sp

20 Nov 30, 2022
Fetch Chrome, Firefox, WiFi password and system info

DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO

Genos 59 Nov 17, 2022
GitGuardian Shield: protect your secrets with GitGuardian

Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.

GitGuardian 1.2k Dec 27, 2022
Argument Injection in Dragonfly Ruby Gem

CVE-2021-33564 PoC Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem). Usage Arbitrary File Read python3 poc.py -u https://

Michael Tsai 12 Nov 09, 2022
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

😭 WSOB (CVE-2022-29464) 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:

0p 25 Oct 14, 2022
Shell hunter for AF

AF-ShellHunter AF-ShellHunter: Auto shell lookup AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team How to pip3 ins

Eduardo 34 May 13, 2022
The backend part of the simple password manager project made for the creative challenge.

SimplePasswordManagerBackend The backend part of the simple password manager project. Your task will be to showcase your creativity on our channel by

The Coding Jungle 5 Dec 28, 2021
Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077

CVE-2021-44077 Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus 11306 Based on: https://xz.aliyun.com/t/106

Horizon 3 AI Inc 25 Nov 09, 2022
The Devils Eye is an OSINT tool that searches the Darkweb for onion links and descriptions that match with the users query without requiring the use for Tor.

The Devil's Eye searches the darkweb for information relating to the user's query and returns the results including .onion links and their description

Richard Mwewa 135 Dec 31, 2022
Guess the password for Tik Tok accounts

Guess the password for Tik Tok accounts Tool features : You don't need proxies There is no captcha Running on a private api Combo T

32 Dec 25, 2022
A tool that detects the expensive Carbon Black watchlists.

A tool that detects the "expensive" Carbon Black watchlists.

Oğuzcan Pamuk 8 Aug 04, 2022
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

VSSTrigger Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VS

Filip Dragovic 6 Jul 24, 2022
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

MurMurHash This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform. What is MurMurHash? Murm

Viral Maniar 87 Dec 31, 2022
将hw时信息收集以及简单的漏洞操作步骤简单化

Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏

19 Nov 15, 2022