voidaccess  by KatrielMoses

Automated dark web OSINT and threat intelligence platform

Created 2 months ago
274 stars

Top 94.1% on SourcePulse

GitHubView on GitHub
Project Summary

A self-hosted, open-source platform for dark web Open Source Intelligence (OSINT), VoidAccess automates threat intelligence gathering from query to actionable graph in a 13-step pipeline. It serves as a free alternative to commercial platforms like Recorded Future, DarkOwl, and Flare, democratizing high-end dark web intelligence for security researchers and analysts.

How It Works

VoidAccess employs a 13-step autonomous pipeline to automate complex dark web investigations. It begins with LLM-powered query refinement and multilingual search across numerous Tor engines, paste sites, code repositories, and RSS feeds. The system filters relevant intelligence, enriches it with data from over 19 external threat intelligence sources, and recursively discovers .onion links. Content is scraped securely via Tor, with data merged and processed for advanced entity extraction (IOCs, wallets, CVEs, threat actors) using Regex, NER, and LLMs. Finally, it cross-references data historically, constructs a co-occurrence relationship graph, and generates an LLM-based technical briefing. This end-to-end automation streamlines the investigation workflow.

Quick Start & Requirements

  • Primary install / run command:
    • CLI: pip install voidaccess, voidaccess configure, voidaccess investigate "query". Requires local Tor installation.
    • Docker: git clone https://github.com/KatrielMoses/voidaccess, cd voidaccess, bash setup.sh.
  • Non-default prerequisites and dependencies: Local Tor (for CLI dark web access), Docker and Docker Compose (for Docker stack), Python 3 (recommended for setup script), an LLM API key (or Ollama for local execution). Optional API keys for enrichment sources (e.g., VirusTotal, Shodan) enhance functionality.
  • Estimated setup time or resource footprint: Docker setup takes approximately 5 minutes. Investigations typically complete within 3-5 minutes.
  • Links: API documentation is available at http://localhost:8000/docs when the Docker stack is running.

Highlighted Details

  • Automated 13-step OSINT pipeline covering query refinement, collection, enrichment, extraction, and graph generation.
  • Leverages LLMs for query optimization, content filtering, entity extraction, and final report summarization.
  • Integrates data from over 16 dark web search engines, paste sites, GitHub/GitLab, 20+ RSS feeds, and 19+ external threat intelligence sources.
  • Supports structured data export in STIX 2.1, MISP, Sigma, and CSV formats.
  • Offers a cost-effective solution, with investigations costing under $0.50 using paid LLMs and free with local or free-tier LLM providers.

Maintenance & Community

The project shows recent activity with updates to enrichment sources and collection methods. No specific community channels (e.g., Discord, Slack) or notable contributor information are detailed in the provided README.

Licensing & Compatibility

VoidAccess is released under the MIT License, permitting broad use, modification, and distribution, including for commercial purposes.

Limitations & Caveats

Dark web access via the CLI requires a separate local Tor installation. While many enrichment sources are free, some advanced features or higher rate limits necessitate API keys, with some requiring paid subscriptions (e.g., HaveIBeenPwned). The platform's Acceptable Use Policy restricts usage to authorized security research, threat intelligence gathering, and law enforcement. Mandatory content safety filters cannot be disabled.

Health Check
Last Commit

3 days ago

Responsiveness

Inactive

Pull Requests (30d)
0
Issues (30d)
0
Star History
40 stars in the last 30 days

Explore Similar Projects

Starred by Chip Huyen Chip Huyen(Author of "AI Engineering", "Designing Machine Learning Systems"), Nicolas Camara Nicolas Camara(Cofounder of Firecrawl), and
1 more.

fire-enrich by firecrawl

0.4%
1k
AI-powered data enrichment from email lists
Created 1 year ago
Updated 9 months ago
Feedback? Help us improve.