Summary

OpenOSINT is an AI-powered agent for Open Source Intelligence (OSINT) tasks, targeting security researchers and developers. It automates investigations by chaining 16 specialized tools, offering interactive REPL, CLI, and MCP server interfaces. Supporting cloud (Claude) and local (Ollama) AI models, it provides flexible offline analysis and streamlines OSINT workflows.

How It Works

The system uses AI (Claude or Ollama) to dynamically select and execute 16 modular OSINT tools. The AI issues commands, Python executes them, and results return to the model, preventing hallucination. An MCP server enables AI assistants like Claude Code/Desktop to natively invoke tools, facilitating advanced AI-driven investigations.

Quick Start & Requirements

Install via pip install openosint. Requires Python 3.10+ and external binaries (holehe, sherlock, sublist3r, phoneinfoga) in PATH. Configuration involves API keys (Anthropic, Shodan, etc.) and Ollama for local inference, managed via .env. Links to PyPI and GitHub releases are available.

Highlighted Details

• Features 16 modular tools for email, username, breach data, WHOIS, IP, subdomains, dorks, paste sites, phone numbers, and threat intelligence platforms.
• Supports cloud AI (Anthropic Claude) and fully offline local AI (Ollama).
• Offers multiple interfaces: AI REPL, CLI, Web UI, and MCP server for AI assistant integration.
• Automates PDF/Markdown reports, supports parallel tool execution, and saves session history.

Maintenance & Community

Sponsored by IP2Location.io. Contributions via issues/PRs are welcome. Tommaso Bertocchi is the maintainer. Follow project updates on X and LinkedIn.

Licensing & Compatibility

Distributed under the MIT License. Free for personal, academic, and open-source use. A separate license is required for integration into closed-source commercial products. Explicitly "For authorized security research only."

Limitations & Caveats

Usage is strictly limited to "authorized security research," per its disclaimer. Commercial use in closed-source applications requires a distinct licensing agreement, potentially imposing restrictions beyond standard open-source terms.