{"id":31801139,"url":"https://github.com/aenoshrajora/osintel-dashboard","last_synced_at":"2026-05-03T10:36:29.332Z","repository":{"id":315634634,"uuid":"1057024159","full_name":"aenoshrajora/OSINTel-Dashboard","owner":"aenoshrajora","description":"A dynamic, Flask-based web application providing a centralized interface for executing various open-source intelligence (OSINT) and cybersecurity command-line tools.","archived":false,"fork":false,"pushed_at":"2026-04-25T14:58:53.000Z","size":122,"stargazers_count":42,"open_issues_count":0,"forks_count":7,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-03T10:36:06.667Z","etag":null,"topics":["automation","bash","flask","html","osint","osint-automation","python","shell"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aenoshrajora.png","metadata":{"files":{"readme":"README.md","changelog":"history.json","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-15T07:13:23.000Z","updated_at":"2026-04-25T14:58:57.000Z","dependencies_parsed_at":"2025-09-19T19:58:53.420Z","dependency_job_id":"7229ff32-6060-462c-a3d7-d7521e9b1417","html_url":"https://github.com/aenoshrajora/OSINTel-Dashboard","commit_stats":null,"previous_names":["aenoshrajora/osintel-dashboard"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/aenoshrajora/OSINTel-Dashboard","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aenoshrajora%2FOSINTel-Dashboard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aenoshrajora%2FOSINTel-Dashboard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aenoshrajora%2FOSINTel-Dashboard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aenoshrajora%2FOSINTel-Dashboard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aenoshrajora","download_url":"https://codeload.github.com/aenoshrajora/OSINTel-Dashboard/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aenoshrajora%2FOSINTel-Dashboard/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32566444,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-03T06:36:36.687Z","status":"ssl_error","status_checked_at":"2026-05-03T06:36:09.306Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","bash","flask","html","osint","osint-automation","python","shell"],"created_at":"2025-10-10T23:46:54.797Z","updated_at":"2026-05-03T10:36:29.326Z","avatar_url":"https://github.com/aenoshrajora.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OSINTel Dashboard — v3.0\n\n\u003e A glassmorphic, dual-theme recon suite. Flask backend. 70+ tools. Built for operators.\n\n![Python](https://img.shields.io/badge/Python-3.8+-3ae0ff?style=flat-square\u0026logo=python\u0026logoColor=white)\n![Flask](https://img.shields.io/badge/Flask-2.x-00ffb2?style=flat-square\u0026logo=flask\u0026logoColor=white)\n![License](https://img.shields.io/badge/License-MIT-a050ff?style=flat-square)\n![Status](https://img.shields.io/badge/Status-Actively%20Developed-00ffb2?style=flat-square)\n\n---\n\n## ⚠️ Disclaimer\n\n**FOR EDUCATIONAL AND AUTHORIZED RESEARCH PURPOSES ONLY.**\n\nYou are solely responsible for your actions. Always obtain explicit written permission before scanning or testing any target you do not own. The creators and contributors assume **no liability** for misuse or damage caused by this software. Use responsibly and legally.\n\n---\n\n## What's New in v3.0\n\n- **Full UI rewrite** — glassmorphic dual-theme interface (dark/light) with JetBrains Mono + Syne typography, scanline overlays, ambient depth orbs, and macOS-style terminal output\n- **`ctfr.py` upgraded** — now a proper module with `--no-banner`, `--json`, `--timeout`, wildcard filtering, multi-name cert parsing, and full dashboard integration\n- **70+ tools pre-wired** in `data.json` across recon, web enum, exploitation, forensics, crypto, OSINT, wireless, and binary analysis\n- **Streaming execution** via Server-Sent Events on `/api/run_tool_stream/\u003cid\u003e`\n- **Hardened backend** — `shlex`-based command splitting (no `shell=True`), path traversal guards, atomic JSON saves, per-tool timeout override, and `MAX_HISTORY_ENTRIES` cap\n- **Live tool search** in sidebar, welcome dashboard with run stats, breadcrumb navigation, copy-to-clipboard on output\n- **History improvements** — status badges (success/error), per-entry timestamps, output file previews\n\n---\n\n## Features\n\n- **Glassmorphic UI** — layered `rgba` backgrounds, `backdrop-filter: blur()`, dual CSS variable theme system switchable at runtime\n- **Flask backend** — `shell=False` subprocess execution, SSE streaming, atomic JSON I/O, configurable timeouts\n- **Tool management** — add, edit, delete tools with full form UI; supports git clone + pip install on add\n- **Execution history** — per-tool and global history, saved output files, click-to-reload past results\n- **Template substitution** — `{{field_id}}` placeholders in command templates, shell-quoted per value\n- **Custom handlers** — extensible `CUSTOM_HANDLERS` dict in `app.py` for tools needing special logic (e.g. `ffuf-file-finder`)\n- **Output persistence** — all runs saved to `data/` with configurable filename patterns\n- **Clickable URLs** — auto-linked in terminal output\n\n---\n\n## Tool Categories\n\n### Passive Recon \u0026 Subdomain Enumeration\n`ctfr` · `subfinder` · `assetfinder` · `amass` · `sublist3r` · `fierce` · `dnstwist` · `dnsdumpster` · `crt.sh` · `waybackurls` · `theHarvester` · `recon-ng` · `spiderfoot`\n\n### DNS \u0026 Network\n`nslookup` · `dnsrecon` · `dnsenum` · `dnsx` · `whois/rdap` · `ping` · `fping` · `hping3` · `arp` · `netstat` · `ss` · `ip addr` · `tcpdump` · `snmpwalk` · `traceroute` · `mtr` · `nc` · `socat`\n\n### Web Enumeration \u0026 Content Discovery\n`gobuster` · `ffuf` · `feroxbuster` · `dirb` · `wfuzz` · `gau` · `gauplus` · `httpx` · `httprobe` · `robots.txt fetcher` · `curl headers` · `wafw00f` · `arjun` · `whatweb` · `WPScan` · `JoomScan` · `CMSeeK`\n\n### Vulnerability Scanning \u0026 Exploitation\n`nmap` (port scan + vuln scripts) · `masscan` · `nuclei` · `nikto` · `sqlmap` · `dalfox` · `XSStrike` · `commix` · `Medusa` · `Ncrack` · `hydra` · `Responder` · `CrackMapExec` · `Impacket secretsdump`\n\n### TLS / SSL Analysis\n`openssl cert inspector` · `sslyze` · `testssl.sh` · `sslscan`\n\n### OSINT \u0026 Enrichment\n`shodan` · `censys` · `VirusTotal` · `urlscan` · `ipinfo` · `abuseipdb` · `emailrep` · `socialscan` · `maigret` · `holehe` · `GHunt` · `photon` · `cloud-enum` · `AWS S3 check`\n\n### Secrets \u0026 Git\n`gitleaks` · `trufflehog` · `git-dumper`\n\n### Password \u0026 Hash\n`hashcat` · `john` · `hashid` · `openssl dgst` · `aircrack-ng` · `crunch` · `CeWL`\n\n### Steganography \u0026 Forensics\n`steghide` · `stegseek` · `binwalk` · `foremost` · `volatility3` · `exiftool` · `pdfinfo` · `strings`\n\n### Binary Analysis \u0026 Reverse Engineering\n`objdump` · `readelf` · `ltrace` · `strace` · `checksec` · `ghidra headless` · `file`\n\n### Utilities\n`base64` · `xxd` · `tr/ROT13` · `awk` · `sed` · `sort/uniq` · `grep` · `find` · `lsof` · `ps` · `URL parser` · `Python decode helper` · `public IP lookup` · `airodump-ng`\n\n---\n\n## Tech Stack\n\n| Layer | Tech |\n|---|---|\n| Backend | Python 3.8+, Flask |\n| Frontend | HTML5, CSS3 (custom properties), Vanilla JS |\n| Fonts | JetBrains Mono, Syne (Google Fonts) |\n| Icons | Font Awesome 6 |\n| Storage | `data.json` (tool configs), `history.json` (run logs), `data/` (output files) |\n| Execution | `subprocess.Popen` — `shell=False`, SSE streaming |\n\n---\n\n## Prerequisites\n\nDesigned and tested on **Debian-based Linux** (Ubuntu, Kali, Debian). Core requirements:\n\n| Requirement | Check | Install |\n|---|---|---|\n| Python 3.8+ | `python3 --version` | `sudo apt install python3` |\n| pip | `pip3 --version` | `sudo apt install python3-pip` |\n| venv | — | `sudo apt install python3-venv` |\n| git | `git --version` | `sudo apt install git` |\n| curl | `curl --version` | `sudo apt install curl` |\n\n---\n\n## Installation\n\n### Method 1 — Setup Script (Recommended)\n\n```bash\ngit clone https://github.com/aenoshrajora/OSINTel-Dashboard.git\ncd OSINTel-Dashboard\nchmod +x setup.sh\n./setup.sh\n```\n\nThe script handles: venv creation, pip packages, apt tool installs, and cloning optional tools. Follow the on-screen prompts. `sudo` is only requested for `apt` steps.\n\n**Post-setup checklist:**\n- **GHunt:** run `python3 check_and_gen_cookies.py` inside `tools/GHunt/GHunt/` to generate `cookies.json`\n- **`data.json` paths:** verify `clone_dir` and `run_in_directory` match your actual clone locations\n- **`data/` directory:** created by setup script; if missing run `mkdir data`\n\n### Method 2 — Manual\n\n```bash\n# 1. Clone project\ngit clone https://github.com/aenoshrajora/OSINTel-Dashboard.git\ncd OSINTel-Dashboard\n\n# 2. System dependencies\nsudo apt update\nsudo apt install -y python3 python3-pip python3-venv git curl \\\n  whois nmap dnsrecon whatweb libimage-exiftool-perl ffuf\n\n# 3. Virtual environment\npython3 -m venv venv\nsource venv/bin/activate\n\n# 4. Python packages\npip install Flask requests\n\n# 5. Directories\nmkdir -p data tools\n\n# 6. Clone optional tools (examples)\ncd tools\ngit clone https://github.com/sherlock-project/sherlock.git sherlock\ngit clone https://github.com/aboul3la/Sublist3r.git Sublist3r\ngit clone https://github.com/mxrch/GHunt.git GHunt\ngit clone https://github.com/laramies/metagoofil.git metagoofil\ncd ..\n\n# Install requirements for cloned tools\npip install -r tools/sherlock/sherlock/requirements.txt\npip install -r tools/Sublist3r/requirements.txt\n```\n## Uninstall\n\n```bash\nchmod +x uninstall.sh\n./uninstall.sh          # removes project files + Go binaries\n./uninstall.sh --full   # also removes apt packages\n./uninstall.sh --purge  # apt purge + autoremove\n```\n---\n\n## ctfr.py — Certificate Transparency Recon (v1.3)\n\n`ctfr.py` is a first-class module in v3.0, not just a bundled script.\n\n```bash\n# Basic usage\npython3 ctfr.py -d example.com\n\n# Dashboard-friendly (no banner, clean output)\npython3 ctfr.py -d example.com --no-banner\n\n# JSON output\npython3 ctfr.py -d example.com --no-banner --json\n\n# Save to file\npython3 ctfr.py -d example.com --no-banner -o /tmp/subs.txt\n\n# Custom timeout\npython3 ctfr.py -d example.com --timeout 30\n```\n\n**Changes from v1.2:**\n- `--no-banner` flag for clean programmatic invocation from the dashboard\n- `--json` output with `{domain, subdomains, count}` structure\n- `--timeout` flag passed through to requests\n- Wildcard entries (`*.example.com`) stripped automatically\n- Multi-name `name_value` fields parsed (newline-separated certs)\n- Protocol, query string, and fragment stripped from input URL\n- File output uses `\"w\"` (overwrite) not `\"a\"` (append)\n- Proper `RuntimeError` handling for timeouts, connection errors, bad JSON\n\nUpdate the `crt-sh-builtin` entry in `data.json` to use it:\n```\npython3 ctfr.py -d {{domain}} --no-banner\n```\n\n---\n\n## Running the Application\n\n```bash\n# Activate venv\nsource venv/bin/activate\n\n# Start server\npython3 app.py\n```\n\nAccess at `http://localhost:5001` (or `http://YOUR_LAN_IP:5001` from another machine on the network).\n\nEnvironment overrides:\n\n```bash\nPORT=8080 HOST=127.0.0.1 FLASK_DEBUG=1 python3 app.py\n```\n\n---\n\n## API Reference\n\n| Method | Endpoint | Description |\n|---|---|---|\n| `GET` | `/api/tools` | List all tool configs |\n| `POST` | `/api/tools` | Add a new tool (clones repo if needed) |\n| `PUT` | `/api/tools/\u003cid\u003e` | Update tool config |\n| `DELETE` | `/api/tools/\u003cid\u003e` | Delete tool + cloned directory |\n| `POST` | `/api/run_tool/\u003cid\u003e` | Execute tool, return full output |\n| `POST` | `/api/run_tool_stream/\u003cid\u003e` | Execute tool, stream output via SSE |\n| `GET` | `/api/history/\u003ctool_id\u003e` | Tool-specific history |\n| `GET` | `/api/history?limit=N` | Global history (latest N entries) |\n| `DELETE` | `/api/history` | Clear all history (`?purge_files=true` to delete output files too) |\n| `GET` | `/api/history_file_content?filepath=` | Read saved output file |\n| `GET` | `/data/\u003cfilename\u003e` | Download output file |\n\n### Command Template Syntax\n\n```\nnmap -sV {{flags}} {{target}}\npython3 ctfr.py -d {{domain}} --no-banner -o {{output}}\n```\n\nTokens in command templates are replaced with shell-quoted user input values. Filename pattern tokens:\n\n| Token | Resolves to |\n|---|---|\n| `{{TOOL_ID}}` | Tool's UUID |\n| `{{TOOL_NAME_SANITIZED}}` | Lowercased, special-chars-stripped name |\n| `{{INPUT__field_id}}` | Value of that input field |\n| `{{TIMESTAMP}}` | `YYYYMMDD_HHMMSS` |\n| `{{UUID}}` | Random 8-char hex |\n\n---\n\n## Adding Custom Tools\n\n1. Click **+ new tool** in the sidebar\n2. Fill in name, description, and command template using `{{field_id}}` placeholders\n3. Add input field definitions (text, select, URL, password, email types supported)\n4. Optionally enable git clone — the backend will clone the repo and pip-install requirements on save\n5. Set an output filename pattern\n\nFor tools needing special execution logic, add a handler to `CUSTOM_HANDLERS` in `app.py`:\n\n```python\ndef _handle_my_tool(tool_config, user_inputs):\n    # ... custom logic ...\n    return output_string, success_bool\n\nCUSTOM_HANDLERS['my-tool-id'] = _handle_my_tool\n```\n\n---\n\n## Project Structure\n\n```\nOSINTel-Dashboard/\n├── app.py              # Flask backend — routing, execution, history\n├── ctfr.py             # Certificate transparency recon module (v1.3)\n├── data.json           # Tool configurations (70+ pre-wired)\n├── history.json        # Execution log (auto-managed)\n├── setup.sh            # Interactive install script\n├── data/               # Saved tool output files (auto-created)\n├── tools/              # Cloned tool repositories (auto-created)\n│   ├── sherlock/\n│   ├── Sublist3r/\n│   ├── GHunt/\n│   └── ...\n└── templates/\n    └── index.html      # Frontend — glassmorphic dual-theme UI\n```\n\n---\n\n## Troubleshooting\n\n**\"Command not found\"** — tool not installed globally. Check `sudo apt install \u003ctool\u003e` or the tool's own install docs.\n\n**Python errors on startup** — activate your venv first: `source venv/bin/activate`. Check Flask is installed.\n\n**Tool clone fails on save** — verify the git URL is reachable and you have internet access. Check `install_log` in the modal response.\n\n**ctfr returns no results** — crt.sh can be slow or temporarily down. Try increasing `--timeout`. Check connectivity with `curl -s 'https://crt.sh/?q=%.example.com\u0026output=json'`.\n\n**GHunt not working** — missing or expired `cookies.json`. Navigate to `tools/GHunt/GHunt/` and re-run `python3 check_and_gen_cookies.py`.\n\n**Output file not found in history** — ensure `data/` directory exists and Flask process has write permission.\n\n**Streaming endpoint not updating** — verify the client supports SSE (`EventSource` or `fetch` + `ReadableStream`). Custom-handled tools fall back to the standard (non-streaming) endpoint automatically.\n\n---\n\n## Contributing\n\nIssues and pull requests are welcome. If you want to add a tool to `data.json`, follow the existing schema — include `id`, `name`, `description`, `command_template`, `input_fields`, and `output_filename_pattern` at minimum.\n\nFor backend changes, keep the `shell=False` constraint and run new command strings through `build_command_list()` before passing to `run_command()`.\n\n---\n\n## License\n\nMIT — see `LICENSE` for details.\n\n---\n\n*OSINTel Dashboard is built for security researchers, CTF players, and red teamers. Use it on infrastructure you own or have explicit authorization to test.*","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faenoshrajora%2Fosintel-dashboard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faenoshrajora%2Fosintel-dashboard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faenoshrajora%2Fosintel-dashboard/lists"}