{"id":50240920,"url":"https://github.com/openosint/openosint","last_synced_at":"2026-05-26T21:01:08.378Z","repository":{"id":356531561,"uuid":"1230831838","full_name":"OpenOSINT/OpenOSINT","owner":"OpenOSINT","description":"AI-powered OSINT agent with interactive REPL, MCP server, and CLI. 9 tools. Works with Claude, GPT-4, or local models. For authorized security research only.","archived":false,"fork":false,"pushed_at":"2026-05-24T16:35:45.000Z","size":7729,"stargazers_count":165,"open_issues_count":0,"forks_count":40,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-05-24T18:27:36.360Z","etag":null,"topics":["ai-agent","anthropic","claude","cli","cybersecurity","holehe","llm","mcp","open-source","osint","python","security","sherlock","terminal"],"latest_commit_sha":null,"homepage":"https://openosint.tech","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpenOSINT.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-06T11:12:42.000Z","updated_at":"2026-05-24T16:35:39.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/OpenOSINT/OpenOSINT","commit_stats":null,"previous_names":["openosint/openosint"],"tags_count":16,"template":false,"template_full_name":null,"purl":"pkg:github/OpenOSINT/OpenOSINT","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenOSINT%2FOpenOSINT","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenOSINT%2FOpenOSINT/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenOSINT%2FOpenOSINT/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenOSINT%2FOpenOSINT/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpenOSINT","download_url":"https://codeload.github.com/OpenOSINT/OpenOSINT/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenOSINT%2FOpenOSINT/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33538660,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"ssl_error","status_checked_at":"2026-05-26T15:22:15.568Z","response_time":63,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agent","anthropic","claude","cli","cybersecurity","holehe","llm","mcp","open-source","osint","python","security","sherlock","terminal"],"created_at":"2026-05-26T21:00:43.472Z","updated_at":"2026-05-26T21:01:08.359Z","avatar_url":"https://github.com/OpenOSINT.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"mcp-name: io.github.OpenOSINT/openosint\n\n\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"docs/logo.svg\" alt=\"OpenOSINT\" width=\"200\" /\u003e\n  \u003ch1\u003eOpenOSINT\u003c/h1\u003e\n  \u003cp\u003e\u003cstrong\u003eAI-powered OSINT agent. Interactive REPL · CLI · MCP Server · Web UI\u003c/strong\u003e\u003c/p\u003e\n  \u003cp\u003e16 tools. Powered by Anthropic Claude or local Ollama. For authorized security research only.\u003c/p\u003e\n\u003c/div\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n[![Release](https://img.shields.io/github/v/release/OpenOSINT/OpenOSINT?style=flat-square)](https://github.com/OpenOSINT/OpenOSINT/releases)\n[![PyPI](https://img.shields.io/pypi/v/openosint?style=flat-square)](https://pypi.org/project/openosint/)\n[![PyPI downloads](https://img.shields.io/pypi/dm/openosint?style=flat-square\u0026label=PyPI%20downloads)](https://pypi.org/project/openosint/)\n[![Python](https://img.shields.io/badge/python-3.10%2B-blue?style=flat-square)](https://www.python.org/)\n[![License MIT](https://img.shields.io/badge/license-MIT-green?style=flat-square)](LICENSE)\n\u003e See [DISCLAIMER.md](./DISCLAIMER.md) for legal and ethical use information.\n[![MCP](https://img.shields.io/badge/protocol-MCP-blueviolet?style=flat-square)](https://modelcontextprotocol.io/)\n[![MCP Registry](https://img.shields.io/badge/MCP_Registry-published-blueviolet?style=flat-square)](https://registry.modelcontextprotocol.io/servers/io.github.OpenOSINT/openosint)\n[![GitHub Stars](https://img.shields.io/github/stars/OpenOSINT/OpenOSINT?style=flat-square)](https://github.com/OpenOSINT/OpenOSINT/stargazers)\n[![GitHub Forks](https://img.shields.io/github/forks/OpenOSINT/OpenOSINT?style=flat-square)](https://github.com/OpenOSINT/OpenOSINT/network/members)\n[![Sponsored by IP2Location](https://img.shields.io/badge/sponsored%20by-IP2Location.io-FF6B35?style=flat-square)](https://www.ip2location.io)\n\n\u003c/div\u003e\n\n\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"assets/demo.gif\" alt=\"OpenOSINT demo\" width=\"700\" /\u003e\n\u003c/div\u003e\n\n\u003e **Legal Disclaimer**: OpenOSINT is intended for **legal and authorized use only**.\n\u003e Users are solely responsible for ensuring their use complies with all applicable laws and regulations.\n\u003e The authors accept no liability for misuse. See [DISCLAIMER.md](DISCLAIMER.md).\n\n## What is OpenOSINT?\n\nOpenOSINT is an AI agent for Open Source Intelligence with three interfaces: an interactive terminal REPL, a direct CLI, and an MCP server exposable to Claude Code, Claude Desktop, or any MCP-compatible client — plus a browser-based Web UI added in v2.12.0. The AI layer uses Anthropic's native tool use API (or a local Ollama model): the model issues hard stops when it needs a tool, your code executes the real binary, the actual output goes back — hallucination in tool results is structurally impossible.\n\n## Features\n\n- **AI tool chaining** — the agent decides which of 16 tools to run, chains them based on findings, and compiles a structured report\n- **16 modular tools** covering email, username, breach, WHOIS, IP, subdomain, dorks, paste, phone, Shodan, VirusTotal, Censys, IP2Location, AbuseIPDB, GitHub, and DNS\n- **Anthropic + Ollama** — use Claude via API key or run fully offline with a local Ollama model\n- **MCP server** — expose all tools natively to Claude Code and Claude Desktop\n- **Parallel execution** — `--parallel` runs complementary tools concurrently via `asyncio.gather()`\n- **PDF + Markdown reports** — auto-saved after every investigation; PDF export via `reportlab`\n- **Session history** — all REPL sessions saved to `~/.openosint/history/`; browse with `openosint history`\n- **Web UI** — browser-based AI chat with streaming output, tool cards, and light/dark theme toggle\n\n## Installation\n\n```bash\n# Install from PyPI (recommended)\npip install openosint\n```\n\n```bash\n# Or install from source\ngit clone https://github.com/OpenOSINT/OpenOSINT.git\ncd OpenOSINT\npip install -e .\n```\n\n**External binaries** (must be in `PATH`):\n\n| Binary | Purpose | Install |\n|--------|---------|---------|\n| `holehe` | Email account enumeration | `pip install holehe` |\n| `sherlock` | Username enumeration (300+ platforms) | `pip install sherlock-project` |\n| `sublist3r` | Subdomain enumeration | `pip install sublist3r` |\n| `phoneinfoga` | Phone number intelligence | [Download binary](https://github.com/sundowndev/phoneinfoga/releases) |\n\nIf a binary is absent, the corresponding tool returns a descriptive error string. All other tools remain operational.\n\n## Quick Start\n\n```bash\n# Interactive AI REPL (default)\nopenosint\n\n# Web interface\nopenosint web\n\n# Direct tool (no AI)\nopenosint email target@example.com\n```\n\n## Configuration\n\nStore all keys in a `.env` file at the project root (copy `.env.example`). `python-dotenv` loads it automatically at startup.\n\n| Variable | Tool | Required | Purpose |\n|----------|------|----------|---------|\n| `ANTHROPIC_API_KEY` | AI agent | Yes (or use Ollama) | Anthropic API key |\n| `HIBP_API_KEY` | `search_breach` | Optional | HaveIBeenPwned v3 — [get one](https://haveibeenpwned.com/API/Key) |\n| `IPINFO_TOKEN` | `search_ip` | Optional | ipinfo.io higher rate limits |\n| `SHODAN_API_KEY` | `search_shodan` | Optional | Shodan API — [get one](https://account.shodan.io) |\n| `VIRUSTOTAL_API_KEY` | `search_virustotal` | Optional | VirusTotal API v3 — [get one](https://www.virustotal.com/gui/my-apikey) |\n| `IP2LOCATION_API_KEY` | `search_ip2location` | Optional | IP2Location.io enhanced IP intelligence — [get one](https://www.ip2location.io/pricing) *(sponsored)* |\n| `CENSYS_API_ID` + `CENSYS_SECRET` | `search_censys` | Optional | Censys Search API — [get one](https://censys.io/account) |\n| `ABUSEIPDB_API_KEY` | `search_abuseipdb` | Optional | AbuseIPDB v2 — [get one](https://www.abuseipdb.com/account/api) |\n| `GITHUB_TOKEN` | `search_github` | Optional | GitHub API — raises rate limit from 60 to 5000 req/h — [get one](https://github.com/settings/tokens) |\n\n**Optional Python packages:**\n\n| Package | Purpose | Install |\n|---------|---------|---------|\n| `ollama` | Local LLM backend (no API key) | `pip install ollama` *(Python client only — also install the [Ollama runtime](https://ollama.com))* |\n| `shodan` | Shodan API client | `pip install shodan` |\n| `reportlab` | PDF report export | `pip install reportlab` |\n| `censys` | Censys API client | `pip install censys` |\n\n## Tools\n\n| Tool | Powered by | What it investigates |\n|------|-----------|---------------------|\n| `search_email` | holehe | Social accounts linked to an email address |\n| `search_username` | sherlock | Username presence across 300+ platforms |\n| `search_breach` | HaveIBeenPwned v3 API | Data breach exposure |\n| `search_whois` | python-whois | Domain registrant and DNS info |\n| `search_ip` | ipinfo.io | Geolocation, ASN, hostname |\n| `search_domain` | sublist3r | Subdomain enumeration |\n| `generate_dorks` | built-in | 12 targeted Google dork URLs (no network calls) |\n| `search_paste` | psbdmp.ws | Pastebin dump mentions |\n| `search_phone` | phoneinfoga | Carrier, country, line type |\n| `search_shodan` | Shodan API | Open ports, banners, CVEs |\n| `search_virustotal` | VirusTotal API v3 | Verdict from 70+ antivirus engines |\n| `search_ip2location` | IP2Location.io API | Enhanced IP intel: VPN/Proxy/Tor/datacenter flags *(sponsored)* |\n| `search_censys` | Censys Search API | Internet-facing infrastructure, certificates |\n| `search_abuseipdb` | AbuseIPDB v2 API | IP abuse reputation: confidence score, reports, country, ISP |\n| `search_github` | GitHub REST API | Profile, repos, commit-discovered emails, username/keyword search |\n| `search_dns` | dnspython (built-in) | A/AAAA/MX/NS/TXT/CNAME/SOA records; SPF, DMARC, DKIM analysis |\n\n### search_email\n\nEnumerates online services linked to an email address using [holehe](https://github.com/megadose/holehe).\n\n```bash\nopenosint email target@example.com\nopenosint email target@example.com -t 60\n```\n\n```text\nOSINT results for 'target@example.com':\n[+] Spotify        https://open.spotify.com/user/target\n[+] WordPress      https://wordpress.com/target\n[+] Gravatar       https://gravatar.com/target\n[+] Office365      email used\n```\n\n### search_username\n\nSearches for a username across 300+ platforms using [sherlock](https://github.com/sherlock-project/sherlock).\n\n```bash\nopenosint username johndoe99\nopenosint username johndoe99 -t 120\n```\n\n```text\nOSINT results for username 'johndoe99':\n[+] GitHub         https://github.com/johndoe99\n[+] Twitter        https://twitter.com/johndoe99\n[+] Reddit         https://reddit.com/user/johndoe99\n```\n\n### search_breach\n\nChecks data breach exposure via [HaveIBeenPwned v3 API](https://haveibeenpwned.com/API/v3). Requires `HIBP_API_KEY`.\n\n```text\nFound in 2 breach(es) for 'target@example.com':\n[+] LinkedIn (2016-05-05) — leaked: Email addresses, Passwords\n[+] Adobe (2013-10-04) — leaked: Email addresses, Password hints\n```\n\n### search_whois\n\nRetrieves WHOIS data for a domain using [python-whois](https://github.com/richardpenman/whois).\n\n```text\nWHOIS results for 'example.com':\n[+] Registrar: ICANN\n[+] Created: 1995-08-14\n[+] Expires: 2024-08-13\n[+] Name Servers: A.IANA-SERVERS.NET\n```\n\n### search_ip\n\nRetrieves geolocation and ASN data via [ipinfo.io](https://ipinfo.io). Free tier: 50k/month.\n\n```text\nIP intelligence for '8.8.8.8':\n[+] Hostname: dns.google\n[+] Org: AS15169 Google LLC\n[+] City: Mountain View, CA, US\n```\n\n### search_domain\n\nEnumerates subdomains using [sublist3r](https://github.com/aboul3la/Sublist3r).\n\n```text\nSubdomains found for 'example.com':\n[+] mail.example.com\n[+] dev.example.com\n[+] api.example.com\n```\n\n### generate_dorks\n\nGenerates 12 targeted Google dork URLs for any target. No network calls.\n\n```text\nGoogle dork URLs for 'johndoe':\n[+] \"johndoe\" site:linkedin.com\n    https://www.google.com/search?q=%22johndoe%22+site%3Alinkedin.com\n[+] \"johndoe\" leaked OR breach OR dump\n    https://www.google.com/search?q=%22johndoe%22+leaked+OR+breach+OR+dump\n```\n\n### search_paste\n\nSearches Pastebin dumps via [psbdmp.ws](https://psbdmp.ws).\n\n```text\nFound in 3 paste(s) for 'target@example.com':\n[+] https://pastebin.com/aB1cD2eF (2023-04-12)\n[+] https://pastebin.com/xY3zA4bC (2022-11-08)\n```\n\n### search_phone\n\nGathers phone intelligence using [phoneinfoga](https://github.com/sundowndev/phoneinfoga). Use E.164 format.\n\n```text\nPhone intelligence for '+14155552671':\n[+] Country: United States\n[+] Carrier: AT\u0026T\n[+] Line type: Mobile\n```\n\n### search_shodan\n\nQueries the [Shodan](https://shodan.io) API. IPv4 input → host lookup (open ports, org, CVEs). Any other query → banner/keyword search. Requires `SHODAN_API_KEY`.\n\n```bash\nopenosint shodan 8.8.8.8\nopenosint shodan \"apache port:80 country:DE\"\nopenosint shodan 8.8.8.8 -t 30\n```\n\n```text\nShodan host intelligence for '8.8.8.8':\n[+] IP: 8.8.8.8\n[+] Org: Google LLC\n[+] Country: United States\n[+] Open ports: 53, 443\n```\n\n### search_virustotal\n\nChecks an IP address, domain, URL, or file hash against [VirusTotal](https://www.virustotal.com)'s 70+ antivirus engines using API v3. Auto-detects input type. Requires `VIRUSTOTAL_API_KEY`.\n\n```bash\nopenosint virustotal 8.8.8.8\nopenosint virustotal example.com\nopenosint virustotal https://example.com/path\nopenosint virustotal 44d88612fea8a8f36de82e1278abb02f\n```\n\n```text\n[VirusTotal] Type: ip\n[VirusTotal] ASN: AS15169 Google LLC\n[VirusTotal] Malicious: 0\n[VirusTotal] Harmless: 72\n```\n\nIf any engine flags the target:\n\n```text\n[VirusTotal] Malicious: 3\nFLAGGED AS MALICIOUS by 3 engines\n```\n\n### search_censys\n\nQueries the [Censys](https://censys.io) API. IPv4 input → host view (open ports, services, ASN); domain input → certificate search (SANs, issuer, first/last seen). Requires `CENSYS_API_ID` and `CENSYS_SECRET`.\n\n```bash\nopenosint censys 8.8.8.8\nopenosint censys example.com\n```\n\n```text\n[Censys] IP: 8.8.8.8\n[Censys] Open Ports: 53, 443, 853\n[Censys] Services: DNS, HTTPS, DNS-over-TLS\n[Censys] ASN: AS15169 Google LLC\n[Censys] Country: United States\n```\n\n```text\n[Censys] Domain: example.com\n[Censys] Certificates Found: 12\n[Censys] Issuer: Let's Encrypt\n[Censys] SANs: example.com, www.example.com, api.example.com\n```\n\n### search_ip2location\n\nQueries the [IP2Location.io](https://www.ip2location.io) API for enhanced IP intelligence: geolocation (country, region, city, coordinates, ZIP), ISP, domain, ASN, and — on the Security Plan — VPN, proxy, Tor exit node, and datacenter detection. Sponsored integration. Requires `IP2LOCATION_API_KEY`.\n\n```bash\nopenosint ip2location 8.8.8.8\nopenosint ip2location 2001:4860:4860::8888\n```\n\n```text\n[IP2Location] IP: 8.8.8.8\n[IP2Location] Country: United States (US)\n[IP2Location] Region: California\n[IP2Location] City: Mountain View\n[IP2Location] ISP: Google LLC\n[IP2Location] ASN: AS15169 Google LLC\n[IP2Location] VPN: No  |  Proxy: No  |  TOR: No  |  Datacenter: Yes\n[IP2Location] Threat: clean\n```\n\nIf a VPN, proxy, or Tor exit node is detected:\n\n```text\nFLAGGED: VPN/Proxy/Tor detected\n```\n\n### search_abuseipdb\n\nChecks an IP address against the [AbuseIPDB](https://www.abuseipdb.com) v2 API for abuse reputation. Returns abuse confidence score (0–100%), total reports, country, ISP, domain, and last reported timestamp. Requires `ABUSEIPDB_API_KEY`.\n\n```bash\nopenosint abuseipdb 198.51.100.1\nopenosint abuseipdb 198.51.100.1 -t 30\n```\n\n```text\nAbuse intelligence for '198.51.100.1':\n\n[AbuseIPDB] IP: 198.51.100.1\n[AbuseIPDB] Abuse Confidence Score: 87%\n[AbuseIPDB] Total Reports: 143\n[AbuseIPDB] Country: US\n[AbuseIPDB] ISP: Example ISP LLC\n[AbuseIPDB] Domain: example-isp.net\n[AbuseIPDB] Last Reported: 2026-05-20T14:33:00+00:00\n⚠️  HIGH ABUSE CONFIDENCE — flagged by AbuseIPDB\n```\n\nThe warning line only appears when `abuseConfidenceScore` exceeds 50%.\n\n## Interfaces\n\n### Interactive REPL\n\nRun `openosint` with no arguments to start the AI-powered REPL:\n\n```text\nopenosint \u003e investigate target@example.com\n\n  -\u003e generate_dorks('target@example.com')\n  -\u003e search_email('target@example.com')\n  Found: Spotify, WordPress, Gravatar, Office365\n\n  -\u003e search_breach('target@example.com')\n  Found in 2 breaches: LinkedIn (2016), Adobe (2013)\n\n  Report saved -\u003e reports/2026-05-11_14-32-11_report.md\n```\n\n**REPL commands:**\n\n| Command | Description |\n|---------|-------------|\n| `\u003ctarget\u003e` | Investigate any target — email, username, domain, IP, name |\n| `clear` | Reset conversation memory |\n| `save` | Save last report to `reports/` |\n| `tools` | List available tools and their status |\n| `config` | Show current configuration |\n| `history` | Browse saved sessions |\n| `help` | Show all commands |\n| `exit` / Ctrl-D | Exit |\n\nAll sessions are auto-saved to `~/.openosint/history/`. Browse with `openosint history`.\n\n### Web UI\n\nIntroduced in v2.12.0:\n\n```bash\nopenosint web\n# Opens http://localhost:8080 automatically\n```\n\nBrowser-based AI chat interface with streaming tool output, inline result cards, light/dark theme toggle, and Ollama support for fully local inference. No API key required when using Ollama.\n\n```bash\n# Install web extras\npip install \"openosint[web]\"\nopenosint web\n\n# Use Ollama for fully local inference (no API key)\n# Step 1: install the Ollama runtime (separate from the Python library)\n#   macOS/Linux:  curl -fsSL https://ollama.com/install.sh | sh\n#   Windows:      https://ollama.com/download/windows\n# Step 2: start Ollama and pull a model\nollama serve          # start in a terminal (runs automatically as a service on some platforms)\nollama pull llama3.2  # download the model (~2 GB)\n# Step 3: launch OpenOSINT and switch to Ollama\nopenosint web\n# Settings -\u003e Ollama (local) -\u003e set model to llama3.2\n```\n\n\u003cdiv align=\"center\"\u003e\n  \u003cstrong\u003eWeb UI\u003c/strong\u003e — launch with \u003ccode\u003eopenosint web\u003c/code\u003e\u003cbr/\u003e\n  \u003cimg src=\"assets/web-demo.gif\" alt=\"OpenOSINT web UI demo\" width=\"700\" /\u003e\n\u003c/div\u003e\n\n### MCP Server\n\nExpose all 16 OpenOSINT tools to any MCP-compatible AI client. Once connected, Claude can natively invoke all 16 tools during conversations.\n\n**Claude Code:**\n\n```bash\nclaude mcp add openosint python /absolute/path/to/OpenOSINT/openosint/mcp_server.py\nclaude mcp list\n```\n\n**Claude Desktop** — add to `~/Library/Application Support/Claude/claude_desktop_config.json`:\n\n```json\n{\n  \"mcpServers\": {\n    \"openosint\": {\n      \"command\": \"python\",\n      \"args\": [\"/absolute/path/to/OpenOSINT/openosint/mcp_server.py\"]\n    }\n  }\n}\n```\n\n**Agentic use via Claude Code:**\n\n```text\n$ claude\n\u003e Investigate target@example.com. Trace any username found\n  across other platforms and compile a full report.\n```\n\n## Docker\n\n```bash\n# Build and run\ndocker compose up --build\n\n# One-off command\ndocker compose run --rm openosint email target@example.com --json\n```\n\nSet `ANTHROPIC_API_KEY` (and optionally `HIBP_API_KEY`, `IPINFO_TOKEN`) in a `.env` file or export them before running `docker compose`. Reports are persisted to `./reports/` via a volume mount.\n\n**DigitalOcean App Platform:** see [`.do/app.yaml`](.do/app.yaml) for App Platform configuration.\n\n## CLI Reference\n\n| Flag / Subcommand | Description |\n|---|---|\n| `openosint` | Interactive AI REPL (default) |\n| `openosint web [--port N] [--no-browser]` | Launch browser UI |\n| `openosint email ADDRESS [-t N]` | Direct email scan |\n| `openosint username HANDLE [-t N]` | Direct username scan |\n| `openosint shodan QUERY [-t N]` | Shodan lookup |\n| `openosint virustotal TARGET [-t N]` | VirusTotal lookup |\n| `openosint censys TARGET [-t N]` | Censys lookup |\n| `openosint ip2location IP [-t N]` | IP2Location lookup |\n| `openosint abuseipdb IP [-t N]` | AbuseIPDB reputation check |\n| `openosint github QUERY [-t N]` | GitHub profile/repo/email discovery |\n| `openosint dns DOMAIN [-t N]` | DNS records + email security analysis |\n| `openosint multi TARGETS` | Parallel multi-target investigation (max 10) |\n| `openosint history [--all] [open N] [clear]` | View/manage REPL session history |\n| `-v, --verbose` | Enable debug logging to stderr |\n| `-t, --timeout N` | Override subprocess timeout (seconds) |\n| `--api-key KEY` | Anthropic API key (overrides env var) |\n| `--parallel` | Run complementary tools concurrently |\n| `--json` | Output results as structured JSON |\n| `--provider {anthropic,ollama}` | AI provider (default: `anthropic`) |\n| `--ollama-model MODEL` | Ollama model name (default: `llama3.2`) |\n| `--ollama-host URL` | Ollama server URL (default: `http://localhost:11434`) |\n| `--no-pdf` | Disable automatic PDF generation |\n\n## Integrations\n\n| Service | URL | Tool |\n|---------|-----|------|\n| HaveIBeenPwned | https://haveibeenpwned.com | `search_breach` |\n| ipinfo.io | https://ipinfo.io | `search_ip` |\n| Shodan | https://shodan.io | `search_shodan` |\n| VirusTotal | https://www.virustotal.com | `search_virustotal` |\n| Censys | https://censys.io | `search_censys` |\n| IP2Location.io | https://www.ip2location.io | `search_ip2location` *(sponsored)* |\n| AbuseIPDB | https://www.abuseipdb.com | `search_abuseipdb` |\n\n## Sponsors\n\nOpenOSINT is free and open source. Development is supported by:\n\n[![Sponsored by IP2Location](https://img.shields.io/badge/sponsored%20by-IP2Location.io-FF6B35?style=flat-square)](https://www.ip2location.io)\n\n**[IP2Location.io](https://www.ip2location.io)** — Enhanced IP geolocation and threat intelligence API.\nPowers the `search_ip2location` tool with VPN, proxy, Tor, and datacenter detection.\n\n---\n\n*Interested in sponsoring OpenOSINT? Open an issue or reach out.*\n\n## Contributing\n\nIssues and pull requests are welcome. Please read [DISCLAIMER.md](DISCLAIMER.md) before contributing.\n\n## Maintainer\n\n**Tommaso Bertocchi**  \n- X (personal): https://x.com/SonoTommy_  \n- X (OpenOSINT): https://x.com/openosint_oss  \n- LinkedIn: https://www.linkedin.com/company/openosintoss  \n- Email: openosint@yahoo.com\n\n## License\n\nOpenOSINT is open source under the [MIT License](./LICENSE) — free for personal, academic, and open source use.\n\nFor commercial use in closed-source products, a separate license is required. → [Full details](./COMMERCIAL-LICENSE.md)\n\n---\n\n*For authorized security research only. See [DISCLAIMER.md](DISCLAIMER.md).*\n\n*OpenOSINT v2.15.0 — May 25, 2026*\n\n## Star History\n\n[![Star History Chart](https://api.star-history.com/svg?repos=OpenOSINT/OpenOSINT\u0026type=Date)](https://star-history.com/#OpenOSINT/OpenOSINT\u0026Date)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenosint%2Fopenosint","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenosint%2Fopenosint","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenosint%2Fopenosint/lists"}