sn0int v0.8.1 releases: OSINT framework and package manager
sn0int is an OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. It is enumerating attack surface by semi-automatically processing public information and mapping the results in a unified format for follow-up investigations.
Among other things, it is currently able to:
- Harvest subdomains from certificate transparency logs
- Harvest subdomains from various passive dns logs
- Sift through subdomain results for publicly accessible websites
- Harvest emails from pgp keyservers
- Enrich ip addresses with ASN and geoip info
- Harvest subdomains from the wayback machine
- Gather information about phonenumbers
- Bruteforce interesting urls
It is heavily inspired by recon-ng and maltego, but remains more flexible and is fully opensource. None of the investigations listed above is hardcoded in the source, instead, those are provided by modules that are executed in a sandbox. You can easily extend sn0int by writing your own modules and share them with other users by publishing them to the sn0int registry. This allows you to ship updates for your modules on your own since you don’t need to send a pull request.
- Fix a bug in the certificate parser for san extensions longer than 127 bytes
- Introduce a dns cache to reduce dns traffic and avoid a bug in chrootable-https that leaks udp sockets
- Bump dependencies to support OpenBSD
Copyright (C) 2018 kpcyrd