https://github.com/ruyynn/GhostIntel
GhostIntel is a Python-based OSINT framework for digital investigation using public data such as username, email, domain, IP address, and phone number.
https://github.com/ruyynn/GhostIntel
awesome-lists cybersecurity email-osint email-validation ethical-hacking indonesia-osint ip-osint nomor-telepon-indonesia osint osint-framework osint-indonesia osint-reconnaissance osint-tool phone-number-lookup phone-osint python reconnaissance ruyynn username-osint username-search
Last synced: about 1 month ago
JSON representation
GhostIntel is a Python-based OSINT framework for digital investigation using public data such as username, email, domain, IP address, and phone number.
- Host: GitHub
- URL: https://github.com/ruyynn/GhostIntel
- Owner: ruyynn
- License: mit
- Created: 2026-02-17T05:13:50.000Z (4 months ago)
- Default Branch: main
- Last Pushed: 2026-03-29T17:03:16.000Z (2 months ago)
- Last Synced: 2026-03-29T18:59:42.759Z (2 months ago)
- Topics: awesome-lists, cybersecurity, email-osint, email-validation, ethical-hacking, indonesia-osint, ip-osint, nomor-telepon-indonesia, osint, osint-framework, osint-indonesia, osint-reconnaissance, osint-tool, phone-number-lookup, phone-osint, python, reconnaissance, ruyynn, username-osint, username-search
- Language: HTML
- Homepage:
- Size: 3.59 MB
- Stars: 13
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: Contributing.md
- License: LICENSE
Awesome Lists containing this project
- awesome-indonesia-repo - GhostIntel - OSINT & Recon tool by Indonesian developer. Beginner-friendly, open-source, and actively maintained. (OSINT)
README
# ๐ป GhostIntel v2.5
### *The Ultimate API-Free OSINT Framework*
**Zero API Keys โข 100% Public Data โข Made in Indonesia**
[](https://python.org)
[]()
[](https://github.com/ruyynn/GhostIntel/stargazers)
[](https://github.com/ruyynn/GhostIntel/network/members)
[](https://github.com/ruyynn/GhostIntel/issues)
[](https://github.com/ruyynn/GhostIntel/releases)
[](LICENSE)
[]()
---
## ๐ **Table of Contents**
Click to expand ๐
| Section | Description |
|---------|-------------|
| [About GhostIntel](#-about-ghostintel) | What is this tool? |
| [Why v2.5?](#-why-ghostintel-v25) | Key advantages |
| [What's New](#-whats-new-in-v25) | v2.5 features |
| [Quick Start](#-quick-start) | Installation & first scan |
| [Web UI](#-web-ui--the-game-changer) | Localhost dashboard |
| [Phone OSINT](#-phone-osint--8-countries) | 8 countries supported |
| [Email Breach](#-email-breach-detection) | Leak alerts + risk score |
| [Username OSINT](#-username-osint--129-platforms) | 129+ platforms |
| [Domain OSINT](#-domain-osint--complete-recon) | DNS + HTTP + tech stack |
| [IP OSINT](#-ip-osint--geolocation--risk-scoring) | Location + threat score |
| [Reports](#-report-formats) | JSON, HTML, TXT, MD |
| [Batch Processing](#-batch-processing) | Multi-target scan |
| [Screenshots](#-screenshots) | See it in action |
| [Star History](#-star-history) | Project growth |
| [Disclaimer](#๏ธ-legal-disclaimer) | Read before using |
---
## ๐ป About GhostIntel
_**GhostIntel** is a **robust and versatile OSINT (Open Source Intelligence) framework** designed to empower cybersecurity enthusiasts, digital investigators, and ethical hackers. Built with **Python** and completely **API-free**, GhostIntel allows users to **explore, analyze, and gather publicly available information** about individuals, organizations, and digital assets quickly and efficiently._
_The framework provides tools to investigate a wide range of data sources, including **usernames, emails, phone numbers, domains, and IP addresses**, making it an all-in-one solution for understanding online footprints, detecting exposure, and performing digital reconnaissance._
_GhostIntel is designed with **ease of use and efficiency in mind**. Its **Web UI** makes navigation intuitive, while features like **batch scanning** and **attachments support** allow users to handle multiple targets and save results for further analysis. The framework is ideal for tasks such as:_
- _๐น **OSINT investigations** โ uncover public data about people, organizations, or digital assets_
- _๐น **Threat intelligence** โ identify potential risks and exposure points_
- _๐น **Digital footprint mapping** โ visualize the presence of an entity across multiple platforms_
- _๐น **Ethical hacking reconnaissance** โ gather information in a structured and safe way_
_By combining **automation, flexibility, and accessibility**, GhostIntel enables users to work **quickly and efficiently**, whether for personal research, professional cybersecurity projects, or educational purposes. It emphasizes **transparency, security, and the ethical use of publicly available information**, making it a reliable tool for anyone exploring the digital world._
_In short, **GhostIntel is more than just a toolkit** โ itโs a **complete framework for understanding and analyzing the online presence of individuals and_ _organizations**, empowering users to make informed decisions based on publicly accessible data._
> ๐ก **How it works:** Just type a target โ username, email, phone, domain, or IP โ and GhostIntel scans **hundreds of public sources** to find everything connected to it.
### ๐ฅ **Core Features**
| # | Feature | What It Means |
|---|---------|---------------|
| 1 | ๐ **Zero API Keys** | Use immediately โ no signup, no payment, no hidden costs |
| 2 | โก **Async & Fast** | Parallel scanning, 10x faster than similar tools |
| 3 | ๐ฏ **Auto Detect** | Paste anything, GhostIntel auto-detects the type |
| 4 | ๐ **Web UI** | Beautiful localhost dashboard (BRAND NEW in v2.5!) |
| 5 | ๐ฑ **8 Countries** | Phone OSINT: ID, US, GB, MY, IN, AU, SG, PH |
| 6 | ๐ฅ **129+ Platforms** | Username checking across 129+ sites simultaneously |
| 7 | ๐ **Data Correlation** | Links findings across all modules automatically |
| 8 | ๐ **Breach Detection** | Email leak alerts + risk score (0-100) |
| 9 | ๐ฆ **Batch Processing** | Scan multiple targets from a single file |
| 10 | ๐ **4 Report Formats** | JSON, HTML, TXT, Markdown |
> *Developed by **Ruyynn** โ Made in Indonesia, for the global cybersecurity community.*
---
## ๐ **Why GhostIntel v2.5?**
GhostIntel stands out because it's **built for real investigations** โ not just another wrapper around paid APIs.
```
โ ZERO API KEYS โ No registration, no payments, just pure OSINT
โ ASYNC & FAST โ 10x faster than other free tools
โ AUTO DETECT โ Input anything, GhostIntel figures it out
โ WEB UI โ Localhost dashboard with dark/light theme
โ 8 COUNTRIES โ Phone OSINT: ID/US/GB/MY/IN/AU/SG/PH
โ 129+ PLATFORMS โ Most comprehensive username checker
โ BREACH DETECTION โ Email alerts with risk scoring
โ BATCH PROCESSING โ Scan hundreds of targets at once
โ ROTATING USER-AGENT โ 14+ UAs to avoid being blocked
```
---
## โจ **What's New in v2.5?**
This is a **MAJOR upgrade** from v2.0. Here's what's new:
| Feature | v2.0 | v2.5 | Impact |
|---------|------|------|--------|
| ๐ **Web UI** | โ | โ
| **Game changer!** Full dashboard |
| ๐ฑ **Phone Countries** | 5 | **8** | Added AU, SG, PH |
| ๐ฅ **Breach Detection** | โ | โ
| Email leak alerts + risk score |
| ๐ฆ **Batch Processing** | โ | โ
| Multi-target scanning |
| ๐ **Markdown Reports** | โ | โ
| New report format |
| ๐๏ธ **JSON Compression** | โ | โ
| Gzip support |
| ๐ **Rotating User-Agent** | โ | โ
| 14+ UAs to avoid blocks |
| ๐ก๏ธ **SSL/TLS Info** | โ | โ
| Certificate details |
| ๐ **Risk Scoring** | โ | โ
| IP risk score (0-100) |
| ๐ฏ **Username Platforms** | 100+ | **129+** | +29 more platforms |
> **v2.5 is the most complete version yet โ with Web UI, breach detection, and 8 countries for phone OSINT!**
---
## ๐ฌ **Quick Start**
### Installation
```bash
# Clone the repository
git clone https://github.com/ruyynn/GhostIntel.git
cd GhostIntel
# Install dependencies
pip install -r requirements.txt
# Verify installation
python ghostintel.py -h
```
### First Scan Examples
```bash
# ๐ค Username investigation
python ghostintel.py -u ruyynn
# ๐ง Email with breach detection
python ghostintel.py -e user@gmail.com --report
# ๐ฑ Phone number (Indonesia)
python ghostintel.py -p 08123456789
# ๐ Domain recon with tech detection
python ghostintel.py -d example.com --deep
# ๐ IP geolocation + risk score
python ghostintel.py -i 8.8.8.8
# ๐ Launch Web UI (NEW!)
python ghostintel.py -web
```
---
## ๐ **Web UI โ The Game Changer**
> **The biggest feature in v2.5!** GhostIntel now has a beautiful web interface.
```bash
python ghostintel.py -web
# Open http://localhost:7331 in your browser
```
### Web UI Features
| Feature | Description |
|---------|-------------|
| ๐จ **Dark/Light Theme** | Toggle themes, preference saved automatically |
| ๐ **Scan History** | Auto-saved, click to re-run any scan |
| ๐ **Live Detection** | Real-time entity type detection as you type |
| ๐ **Visual Results** | Card-based display with color-coded status |
| ๐ **Clickable Links** | Direct links to discovered profiles |
| ๐ค **Export Options** | JSON/Markdown export directly from browser |
| ๐ฑ **Mobile Friendly** | Responsive design, works on phone/tablet |
| โก **Quick/Deep Mode** | Toggle single or all-module scan |
---
## ๐ฑ **Phone OSINT โ 8 Countries**
> **The only Indonesian OSINT tool with multi-country phone lookup!**
| Country | Code | Example Command | Providers |
|---------|------|-----------------|-----------|
| ๐ฎ๐ฉ Indonesia | +62 | `-p 08123456789` | Telkomsel, Indosat, XL, Three, Smartfren |
| ๐บ๐ธ USA | +1 | `-p +12125551234` | AT&T, Verizon, T-Mobile |
| ๐ฌ๐ง UK | +44 | `-p +447700123456` | EE, O2, Vodafone, Three |
| ๐ฒ๐พ Malaysia | +60 | `-p +60123456789` | Maxis, Celcom, DiGi, U Mobile |
| ๐ฎ๐ณ India | +91 | `-p +919876543210` | Airtel, Vi, Jio, BSNL |
| ๐ฆ๐บ Australia | +61 | `-p +61412345678` | Telstra, Optus, Vodafone |
| ๐ธ๐ฌ Singapore | +65 | `-p +6581234567` | Singtel, StarHub, M1, SIMBA |
| ๐ต๐ญ Philippines | +63 | `-p +639171234567` | Globe, Smart, DITO |
**What you get from phone scan:**
- โ
E.164, international, and national formats
- โ
Carrier/provider detection
- โ
Location & timezone information
- โ
WhatsApp direct link (if mobile)
- โ
Possible social media handles from the number
---
## ๐ฅ **Email Breach Detection**
> **New in v2.5!** GhostIntel now checks email domains against known data breaches.
```bash
python ghostintel.py -e user@yahoo.com --report
```
**What you get:**
- ๐ **Risk score** (0-100) โ higher = more dangerous
- ๐ **Breach details** โ name, year, records exposed
- ๐ **Data types** โ what was leaked (emails, passwords, etc.)
- ๐ก๏ธ **Security recommendations** โ what to do next
**Known breaches in database:**
- ๐ด Yahoo (3B records), Adobe (152M), LinkedIn (117M)
- ๐ด Facebook (533M), Twitter (5.4M), Canva (139M)
- ๐ด Tokopedia (91M), Bhinneka (1.2M), JD.ID (14M)
---
## ๐ค **Username OSINT โ 129+ Platforms**
Check usernames across **129+ platforms** simultaneously:
| Category | Platforms |
|----------|-----------|
| ๐ **Social** | Facebook, Instagram, Twitter, TikTok, Threads, Bluesky, Snapchat, Pinterest |
| ๐ป **Developer** | GitHub, GitLab, Bitbucket, HackerOne, Bugcrowd, Keybase, SourceForge |
| ๐ฎ **Gaming** | Steam, Roblox, Xbox, PlayStation, Nintendo, Chess.com, Lichess |
| ๐ต **Music** | Spotify, SoundCloud, Bandcamp, Genius, Mixcloud, Last.fm |
| ๐น **Video** | YouTube, Twitch, Vimeo, Kick, Rumble, Dailymotion, Odysee |
| ๐ฎ๐ฉ **Indonesian** | Kaskus, Kompasiana, Detik Forum, Indowebster, Lintas.me |
| ๐ผ **Professional** | LinkedIn, Upwork, Fiverr, Freelancer, AngelList, Crunchbase |
| ๐ **Blog/Forum** | Medium, Reddit, Quora, Dev.to, HackerNews, ProductHunt |
---
## ๐ **Domain OSINT โ Complete Recon**
```bash
python ghostintel.py -d example.com --deep
```
**DNS Records:**
- A, AAAA, NS, MX, TXT, SOA, CNAME, PTR
**HTTP Analysis:**
- HTTP/HTTPS status codes
- Server headers, redirect chains
- Response time
**Technology Detection (70+ patterns):**
- **CMS:** WordPress, Joomla, Drupal, Shopify, Wix, Squarespace
- **Frameworks:** React, Vue, Angular, Next.js, Nuxt.js, Svelte
- **Servers:** nginx, Apache, IIS, Cloudflare, LiteSpeed, Caddy
- **E-commerce:** WooCommerce, Magento, BigCommerce, PrestaShop
**Security Headers:**
- HSTS, CSP, X-Frame-Options, X-Content-Type-Options
**SSL/TLS Info:**
- Certificate issuer, expiry date, days left
- DNSSEC status
---
## ๐ **IP OSINT โ Geolocation + Risk Scoring**
```bash
python ghostintel.py -i 8.8.8.8
```
**Geolocation:**
- Country, region, city, coordinates
- Timezone, ISP, organization
- ASN with name
**Threat Intelligence:**
- ๐ **Risk score** (0-100) โ based on proxy/VPN/hosting status
- ๐ซ **Proxy/VPN detection** โ identifies anonymizers
- ๐ข **Hosting/datacenter detection**
- ๐ฑ **Mobile network detection**
**RDAP Lookup:**
- RIR assignment (ARIN, RIPE, APNIC, LACNIC, AFRINIC)
- Organization registration
- Abuse contact email
---
## ๐ **Report Formats**
Generate professional reports in **4 formats**:
| Format | Command | Best For |
|--------|---------|----------|
| ๐ JSON | `--format json` | Machine parsing, integration with other tools |
| ๐ HTML | `--format html` | Interactive visual report with dark/light theme |
| ๐ TXT | `--format txt` | Simple, lightweight, readable anywhere |
| ๐ Markdown | `--format md` | Documentation, GitHub READMEs |
```bash
# Generate HTML report
python ghostintel.py -u ruyynn --format html -o report.html
# Generate all formats at once
python ghostintel.py -d example.com --format all -o domain_report
# Compressed JSON (saves space)
python ghostintel.py -e user@gmail.com --format json --compress
```
---
## ๐ฆ **Batch Processing**
Scan multiple targets from a single file:
```bash
# Create targets.txt
cat > targets.txt << EOF
ruyynn
user@gmail.com
08123456789
example.com
8.8.8.8
EOF
# Run batch scan
python ghostintel.py --batch targets.txt --deep --format all
```
**Batch Options:**
- `--batch-delay 2` โ Delay between scans (seconds, avoids rate limiting)
- `--output-dir ./reports` โ Custom output directory
- `--quiet` โ Suppress console output (only save reports)
---
## ๐ธ **Screenshots**
### ๐ Web UI Dashboard
Dark theme dashboard with scan history and live detection
### ๐ค Username OSINT Result
67 platforms found for username "Ryan"
### ๐ง Email Breach Detection
Breach alert with risk score and security recommendations
### ๐ Domain OSINT
DNS records, technology stack, and SSL certificate info
### ๐ IP OSINT
Geolocation, risk score, proxy detection, and RDAP data
### ๐ HTML Report
Interactive HTML report with collapsible modules
---
## โญ **Star History**
[](https://star-history.com/#ruyynn/GhostIntel&Date)
*Every star helps this project grow!* โญ
---
## โ ๏ธ **Legal Disclaimer**
**GhostIntel is designed for:**
- โ
Education and cybersecurity learning
- โ
Legitimate security research
- โ
Testing on systems you own or have permission to test
- โ
Developing OSINT skills professionally
**GhostIntel only uses public sources:**
- Public DNS lookup, RDAP/WHOIS records
- Public websites and legal APIs
- Data already openly available
**Prohibited use (STRICTLY FORBIDDEN):**
- โ Doxing or exposing personal data without consent
- โ Stalking, harassment, or intimidation
- โ Illegal or criminal activities
- โ Accessing systems or data without authorization
> **By using GhostIntel, you take full responsibility for how you use this tool. The author is not responsible for any misuse.**
---
## ๐ค **Contributing**
Contributions are welcome!
```bash
1. ๐ด Fork the repository
2. ๐ฟ Create a branch: git checkout -b feature/amazing-feature
3. ๐ป Commit changes: git commit -m 'Add amazing feature'
4. ๐ค Push: git push origin feature/amazing-feature
5. ๐ Open a Pull Request
```
See [CONTRIBUTING.md](CONTRIBUTING.md) for full guide.
---
## ๐ **Contact**
[](https://github.com/ruyynn)
[](https://web.facebook.com/profile.php?id=61587795784907)
[](https://www.instagram.com/ellreynn)
[](mailto:ruyynn25@gmail.com)
- ๐ **Bug reports** โ [GitHub Issues](https://github.com/ruyynn/GhostIntel/issues)
- ๐ก **Feature ideas** โ [GitHub Discussions](https://github.com/ruyynn/GhostIntel/discussions)
- โ **Quick questions** โ DM on social media
---
## ๐ **License**
MIT License โ Feel free to use, modify, and distribute with credit to **Ruyynn**.
---
**GhostIntel v2.5**
*OSINT Framework Indonesia โข 100% Public Data โข For Cybersecurity Education*
**ยฉ 2026 Ruyynn.**