sn0int v0.13 releases: OSINT framework and package manager


sn0int is an OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. It is enumerating attack surface by semi-automatically processing public information and mapping the results in a unified format for follow-up investigations.

Among other things, it is currently able to:

  • Harvest subdomains from certificate transparency logs and passive dns
  • Enrich ip addresses with asn and geoip info
  • Harvest emails from pgp keyservers and whois
  • Discover compromised logins in breaches
  • Find somebody’s profiles across the internet
  • Enumerate local networks with unique techniques like passive arp
  • Gather information about phonenumbers
  • Attempt to bypass Cloudflare with shodan
  • Harvest data and images from Instagram profiles
  • Scan images for nudity

It is heavily inspired by recon-ng and maltego, but remains more flexible and is fully opensource. None of the investigations listed above is hardcoded in the source, instead, those are provided by modules that are executed in a sandbox. You can easily extend sn0int by writing your own modules and share them with other users by publishing them to the sn0int registry. This allows you to ship updates for your modules on your own since you don’t need to send a pull request.

Changelog v0.13

  • There is now an autonoscope engine that can automatically apply rules to exclude structs from scope when added
  • quickstart and mod update are now much faster
  • http_fetch and http_fetch_json have been added as a shorthand for http_send with status code validation and optionally parsing the body as json, reducing the boilerplate in a few modules
  • tls support has been added to sock_connect
  • pgp_pubkey can now return the primary key fingerprint and signatures
  • netblocks have been added as a struct
  • Modules can be listed by input source
  • base64 and base32 functions have been added, with support for custom alphabets
  • Startup time has been improve significantly
  • noscope/scope are now exposed to the cli as sn0int noscope and sn0int scope
  • set_err has been added for certain control-flow cases
  • Some fields are now automatically lowercased
  • Installed modules are now tagged with [installed] in the search results
  • The module search got a --new flag to show only modules we haven’t installed yet

Install & Use

Copyright (C) 2018 kpcyrd

Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

SC ProDefence SRL - Cyber Security Services