Information Gathering

gOSINT – Open Source Threat Intelligence Gathering & Processing Framework

gOSINT is a small OSINT framework in golang, it’s actually in development and still not ready for production if you want, feel free to contribute!

What gOSINT can do

  • Find mails from git repository
  • Find Dumps for mail address
  • Search for mail address linked to domain/mail address in PGP keyring
  • Retrive Info from domain whois (waiting to be implemented)
  • Search for mail address in source code (waiting to be implemented)

You can use the building script, just clone the directory and execute it

git clone

The package will be installed in /usr/local/bin
You can then call gOSINT from command line

$ gOSINT --help

Manual Building

Before building gOSINT manually you need to solve the dependencies:

go get ""
go get ""
go get ""
go get ""
git clone && cd gOSINT && go build

Currently gOSINT is still an early version and few modules are supported

  • git support for mail retriving (using github API, bitbucket API or RAW clone and search)
  • Search for mails in PGP Server
  • search for mail in databreach
  • WHOIS support (the module is ready but has to be integrated)
  • Search for mail address in source (module ready, needs to be integrated)
  • search
  • Social Media search
  • Search Engine search



Application Options:
  -m, --module=[pgp|pwnd|git]     Specify module
      --url=                      Specify target URL
      --gitAPI=[github|bitbucket] Specify git website API to use (optional)
      --mail=                     Specify mail target
  -f, --full                      Make deep search using linked modules
  -v, --version                   Print version

Help Options:
  -h, --help                      Show this help message


Currently gOSINT supports the following actions

gOSINT -m git --url=[RepoURL] --gitAPI [github|bitbucket] (optional)

retrive mail from git commits

gOSINT -m git --url [RepoURL] --gitAPI [github|bitbucket] (optional) -f

pass the result to pgp search and pwnd module

gOSINT -m pwnd --mail [targetMail]

search for breaches where targetMail is preset

gOSINT -m pgp --mail [targetMail]

search for others mail in PGP Server

gOSINT -m pgp --mail [targetMail] -f

pass the result to haveibeenpwn module