r/osinttools

Tired of paying $99/month for email OSINT. Built my own.

Checks 800+ platforms, breach exposure, infostealer logs, DNS/WHOIS, the works. But the part I'm actually proud of: instead of dumping a raw hit list, it builds an identity graph and tells you *why* something is high confidence, shared username, same avatar, matching display name across platforms. No other free tool does this.

Exports to STIX 2.1, Maltego, JSON, PDF. Pipeline-ready too.

pip install mailaccess

mailaccess investigate email@example.com

https://github.com/KatrielMoses/MailAccess

fully open source, happy to answer questions.

Open Source Palantir

We're building OSIRIS - The Open-Source Palantir Alternative

Feel free to Pull Request the team will review and merge if applicable 🙏

Just launched at osirisai.live - a free, open-source global intelligence platform:

-Real-Time Tracking:

-10,000+ commercial, military and private aircraft live on a 3D globe

- 2,000+ satellites including ISS

- 1,400+ worldwide CCTV camera feeds

- Earthquakes, wildfires, nuclear facilities and severe weather

Built-In OSINT Tools (no installs needed):

Nmap port scanning from the browser

- DNS record lookup and enumeration

- WHOIS domain intelligence

- SSL/TLS certificate transparency

- BGP routing and ASN lookup

- Threat intelligence and IP reputation

All running on a 3D interactive globe with day/night cycle, 20+ live API feeds, and a SIGINT news aggregator.

Live: https://osirisai.live

GitHub: https://github.com/simplifaisoul/osiris

Free. Open Source. No sign-up required.

I made an open source OSINT mapping tool. It includes a node based system for linking and keeping track of information as well. There is a free OpenStreetMaps option for the map. Or if you want you can use the Google Map option which requires a Google Maps API key.

Go check it out:

https://github.com/anonymousRAID/OSINT-Mapping-Tool/

Edit: I forgot to mention that it's all local and web based. Nothing is stored on a cloud and all you need is a web browser and internet connection to get it working. Meaning it's accessible on every OS that supports a desktop.

In a time when everyone claims to be an expert at something to sell people on 'hopeium', I created an open-source tool that allows OSINT analysts, journalists, and researchers, and anyone who might be curious, to trace public claims back to preserved source evidence.

It's called ClaimTrace, and I hope it's the beginning of the end of exaggerated claims going unchecked without public evidence and proper due diligence.

Feel free to build on top of it and make your own protocol engine or contribute to this one to make it better.

https://github.com/machinesoul11/ClaimTrace

v1.0 extracted entities from Tor. v1.3 adds IP reputation

(Feodo/C2IntelFeeds/AbuseIPDB), GreyNoise scanner suppression,

domain pipeline (crt.sh cert transparency, URLScan, Wayback),

hash behavioral analysis via Hybrid Analysis, email breach history

via HIBP, paste sites, GitHub/GitLab scraping, 20 security RSS

feeds, CIRCL passive DNS, infrastructure cluster detection.

the STIX/MISP/Sigma exports were broken in v1.0 (empty bundles).

fixed in v1.1.

https://github.com/KatrielMoses/voidaccess

SeekYou – unified host intelligence across 15 sources, runs free on Cloudflare.
- Built a tool that takes any IP, domain, or ASN and queries 15 sources in parallel: open ports, CVEs, BGP, RDAP, cert history, passive DNS, 5 threat feeds, exposed buckets, Wayback snapshots — all in one report.
- 4-layer parallel execution (total time ≈ slowest source, not sum of all).
- KV caching per source, circuit breakers, per-IP rate limiting.
- Typed diff engine — get alerted when ports open, CVEs appear, or certs expire on monitored hosts.
- Runs entirely on Cloudflare free tier (~5k lookups/day).
Source: https://github.com/Teycir/SeekYou (https://github.com/Teycir/SeekYou)

https://panopsik.com/

Eight days ago, I posted this project Panopsik here and got some of the most useful feedback I've received since starting it. Thank you genuinely. The kind of criticism this sub gave would cost serious money from a consultant and you gave it for free.

I want to address the main points directly rather than just saying "we listened."

Basically...  you were right on almost everything. The event points were showing too little to be actionable, the intelligence assessments were AI-generated noise that wouldn't survive five seconds with a real analyst, and the related articles were embarrassingly off-topic. These have been the priority this week.

What's changed:

• Added a landing page.
• Broke down the main dashboard into multiple lighter dashboards.
• Fixed a mountain of imperfections.
• Added the infrastructure layer.
• Currently in the process of allowing users to create their own dashboards depending on what information they want.

What's new:

You can now create an account. This lets you save searches, set alert thresholds for specific regions, and track how situations develop over time rather than getting a snapshot. It also means we can start understanding how people actually use this, which will drive what we fix next.

Still rough: clustering confidence on lower-tier sources, multilingual support, Southeast Asia coverage. We know.

If you tested it last week and wrote it off... fair. Come back and tell us if it's any better. If you haven't looked yet, now's a better time than eight days ago.

GitHub: https://github.com/kaifcodec/user-scanner Hi everyone,

I’m one of the maintainers of user-scanner.

We started building this project around 7 months ago because many classic OSINT tools like became outdated or unmaintained, and there weren’t many solid free options left for email OSINT.

Since then, we’ve been adding sites one by one, continuously improving detection accuracy and maintaining support for platforms that frequently change their APIs and flows.

Today, user-scanner has grown into one of the most actively maintained free Email OSINT tools in 2026. While many web-based alternatives lock basic scans behind paywalls, our goal is to keep powerful email enumeration accessible to the open-source community.

Contributors are always welcome. Adding new sites is relatively straightforward, and even small contributions help a lot.

If you’re interested in OSINT, Python, scraping, automation, or just open-source projects in general, feel free to contribute and help improve the tool.

Tool is Called GeoAxis AI, seems to be on the level of GeoSpy's, but its actually available to the public to use

https://spiderdox.com/

Hey there - I’m a backend engineer for the NetSec sector, and this is my pet project I’ve been on&off with for a couple years. I have a dozen or so custom sensors deployed globally, collecting data from “spiders”, scanners, botnets, script kiddies, and AI actors.

It all started because I was looking at GreyNoise.. and I realized I was detecting things were *obviously* malicious on my (at the time) singular sensor, that GN wasn’t reporting!

I realized I could stream live events from a distributed network, and do real-time interpretation myself.
To this day, I still capture novel IPs weeks before GreyNoise associates them with anything.

While the sensors are basic (they only collect HTTP and HTTPS), through time I’ve played with a bunch of different ways to extract useful context from them.

Most recently I’ve added the “groups” view, which aggregates and analyzes all the events at-scale, placing IPs into groups of semantically similar events.. allowing the view of groups, inter-connected patterns, and the occasional association with CVEs.

The project isn’t perfect, but someone mentioned I should share it here. The point is to make this data publicly available, so I guess it makes sense.

You can check out the main portal at
https://spiderdox.com

And if you want the API docs, its at
https://api.spiderdox.com/docs

(Auth is broken, so sorry about that, but you shouldnt need it)

The dataset is limited in various ways in what you can pull from it historically, but you’ll always be able to pull todays data - either the raw events, the unique IPs, or the groups.

Anyways, enjoy! Let me know if you find something interesting :)