osintkit 0.1.0

package/osintkit/output/md_writer.py

@@ -0,0 +1,115 @@
+"""Markdown report writer for osintkit scan results."""
+
+from datetime import datetime
+from pathlib import Path
+from typing import Any, Dict, Optional
+
+
+def _scrub_keys(content: str, api_keys: Optional[Dict[str, str]] = None) -> str:
+    """Replace any API key values in content with [REDACTED].
+
+    Args:
+        content: The string to scrub.
+        api_keys: Dict mapping key name -> key value. Values longer than
+                  6 characters are scrubbed; shorter ones are skipped to
+                  avoid over-scrubbing short common strings.
+
+    Returns:
+        Scrubbed string.
+    """
+    if not api_keys:
+        return content
+    for _name, value in api_keys.items():
+        if value and len(value) > 6:
+            content = content.replace(value, "[REDACTED]")
+    return content
+
+
+def write_md(
+    findings: Dict[str, Any],
+    output_dir: Path,
+    api_keys: Optional[Dict[str, str]] = None,
+) -> Path:
+    """Generate a Markdown report from scan findings.
+
+    Args:
+        findings: The findings dict produced by Scanner.run().
+        output_dir: Directory where findings.md will be written.
+        api_keys: Optional dict of API key values to scrub from output.
+
+    Returns:
+        Path to the written file.
+    """
+    inputs = findings.get("inputs", {})
+    scan_date = findings.get("scan_date", datetime.now().isoformat())
+    risk_score = findings.get("risk_score", 0)
+    modules_meta = findings.get("modules", {})
+    findings_by_module = findings.get("findings", {})
+
+    name = inputs.get("name") or inputs.get("username") or inputs.get("email") or "Unknown"
+
+    lines = [
+        f"# osintkit Report: {name}",
+        "",
+        f"**Generated:** {scan_date}",
+        f"**Date:** {scan_date[:10]}",
+        "",
+        "## Target Information",
+        "",
+    ]
+
+    for field in ("name", "email", "username", "phone"):
+        value = inputs.get(field) or "—"
+        lines.append(f"- **{field.capitalize()}:** {value}")
+
+    lines += [
+        "",
+        f"## Risk Score: {risk_score}/100",
+        "",
+    ]
+
+    if risk_score >= 70:
+        lines.append("> **HIGH RISK** — significant digital footprint detected.")
+    elif risk_score >= 40:
+        lines.append("> **MEDIUM RISK** — moderate digital footprint detected.")
+    else:
+        lines.append("> **LOW RISK** — limited digital footprint detected.")
+
+    lines += ["", "## Module Results", ""]
+
+    for module_name, meta in modules_meta.items():
+        status = meta.get("status", "unknown")
+        count = meta.get("count", 0)
+        error = meta.get("error", "")
+        status_str = f"done ({count} findings)" if status == "done" else f"failed: {error}"
+        lines.append(f"- **{module_name}**: {status_str}")
+
+    lines += ["", "## Findings", ""]
+
+    for module_name, module_findings in findings_by_module.items():
+        if not module_findings:
+            continue
+
+        lines.append(f"### {module_name}")
+        lines.append("")
+
+        for finding in module_findings:
+            ftype = finding.get("type", "unknown")
+            source = finding.get("source", "unknown")
+            url = finding.get("url")
+            data = finding.get("data", {})
+
+            lines.append(f"**{ftype}** (source: {source})")
+            if url:
+                lines.append(f"- URL: {url}")
+            if data:
+                for key, val in data.items():
+                    lines.append(f"- {key}: {val}")
+            lines.append("")
+
+    content = "\n".join(lines)
+    content = _scrub_keys(content, api_keys)
+
+    output_file = output_dir / "findings.md"
+    output_file.write_text(content, encoding="utf-8")
+    return output_file

package/osintkit/output/templates/report.html

@@ -0,0 +1,74 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>osintkit Report</title>
+    <style>
+        body { font-family: system-ui, sans-serif; max-width: 800px; margin: 20px auto; padding: 20px; }
+        h1 { color: #333; border-bottom: 2px solid #ddd; padding-bottom: 10px; }
+        .risk-gauge { padding: 20px; border-radius: 8px; text-align: center; margin: 20px 0; }
+        .risk-high { background: #fee; color: #c00; }
+        .risk-medium { background: #ffe; color: #960; }
+        .risk-low { background: #efe; color: #060; }
+        .module-grid { display: grid; grid-template-columns: repeat(auto-fill, minmax(200px, 1fr)); gap: 10px; margin: 20px 0; }
+        .module-card { padding: 15px; border: 1px solid #ddd; border-radius: 4px; }
+        .module-done { background: #efe; }
+        .module-failed { background: #fee; }
+        .module-skipped { background: #eee; color: #888; }
+        .findings-section { margin: 20px 0; }
+        .finding-item { padding: 10px; border-bottom: 1px solid #eee; }
+    </style>
+</head>
+<body>
+    <h1>osintkit OSINT Report</h1>
+    <p><strong>Scan Date:</strong> {{ scan_date }}</p>
+    <p><strong>Target:</strong> {{ inputs.name or inputs.email or inputs.username or inputs.phone or 'Unknown' }}</p>
+    
+    {% set score = risk_score %}
+    {% if score >= 70 %}
+        <div class="risk-gauge risk-high">
+    {% elif score >= 40 %}
+        <div class="risk-gauge risk-medium">
+    {% else %}
+        <div class="risk-gauge risk-low">
+    {% endif %}
+        <h2>Risk Score: {{ score }}/100</h2>
+    </div>
+    
+    <h2>Module Status</h2>
+    <div class="module-grid">
+        {% for module_name, module_data in modules.items() %}
+            <div class="module-card module-{{ module_data.status }}">
+                <strong>{{ module_name }}</strong><br>
+                {% if module_data.status == 'done' %}
+                    ✓ {{ module_data.count }} findings
+                {% elif module_data.status == 'failed' %}
+                    ✗ {{ module_data.error }}
+                {% else %}
+                    — skipped
+                {% endif %}
+            </div>
+        {% endfor %}
+    </div>
+    
+    <h2>Findings</h2>
+    {% for module_name, module_findings in findings.items() %}
+        {% if module_findings %}
+            <div class="findings-section">
+                <h3>{{ module_name }} ({{ module_findings|length }})</h3>
+                {% for finding in module_findings %}
+                    <div class="finding-item">
+                        <strong>{{ finding.type }}</strong> 
+                        <span style="color:#888">via {{ finding.source }}</span>
+                        {% if finding.url %}
+                            <a href="{{ finding.url }}" target="_blank">[link]</a>
+                        {% endif %}
+                        <br><small>Confidence: {{ finding.confidence }}</small>
+                    </div>
+                {% endfor %}
+            </div>
+        {% endif %}
+    {% endfor %}
+</body>
+</html>

package/osintkit/profiles.py

@@ -0,0 +1,116 @@
+"""Profile management for saving and rerunning scans."""
+
+import json
+from pathlib import Path
+from datetime import datetime
+from typing import Any, Dict, List, Optional
+from pydantic import BaseModel, Field
+import uuid
+
+
+class ScanHistory(BaseModel):
+    """Record of a single scan run."""
+    scan_id: str
+    timestamp: str
+    inputs: Dict[str, Optional[str]]
+    risk_score: int
+    findings_count: int
+    findings_file: Optional[str] = None
+    html_file: Optional[str] = None
+
+
+class Profile(BaseModel):
+    """A saved target profile with scan history."""
+    id: str = Field(default_factory=lambda: str(uuid.uuid4())[:8])
+    name: Optional[str] = None
+    email: Optional[str] = None
+    username: Optional[str] = None
+    phone: Optional[str] = None
+    notes: str = ""
+    tags: List[str] = Field(default_factory=list)
+    created_at: str = Field(default_factory=lambda: datetime.now().isoformat())
+    updated_at: str = Field(default_factory=lambda: datetime.now().isoformat())
+    scan_history: List[ScanHistory] = Field(default_factory=list)
+
+
+class ProfileStore:
+    """Manages profile storage in JSON file."""
+    
+    def __init__(self, store_path: Path = None):
+        if store_path is None:
+            store_path = Path.home() / ".osintkit" / "profiles.json"
+        self.store_path = store_path
+        self.store_path.parent.mkdir(parents=True, exist_ok=True)
+    
+    def _load(self) -> Dict[str, Dict]:
+        """Load all profiles from store."""
+        if not self.store_path.exists():
+            return {}
+        with open(self.store_path) as f:
+            return json.load(f)
+    
+    def _save(self, profiles: Dict[str, Dict]):
+        """Save all profiles to store."""
+        with open(self.store_path, "w") as f:
+            json.dump(profiles, f, indent=2, default=str)
+    
+    def create(self, profile: Profile) -> Profile:
+        """Create a new profile."""
+        profiles = self._load()
+        profiles[profile.id] = profile.model_dump()
+        self._save(profiles)
+        return profile
+    
+    def get(self, profile_id: str) -> Optional[Profile]:
+        """Get a profile by ID."""
+        profiles = self._load()
+        if profile_id in profiles:
+            return Profile(**profiles[profile_id])
+        return None
+    
+    def list(self, tag: str = None) -> List[Profile]:
+        """List all profiles, optionally filtered by tag."""
+        profiles = self._load()
+        result = [Profile(**p) for p in profiles.values()]
+        if tag:
+            result = [p for p in result if tag in p.tags]
+        return sorted(result, key=lambda p: p.updated_at, reverse=True)
+    
+    def update(self, profile: Profile) -> Profile:
+        """Update an existing profile."""
+        profile.updated_at = datetime.now().isoformat()
+        profiles = self._load()
+        profiles[profile.id] = profile.model_dump()
+        self._save(profiles)
+        return profile
+    
+    def delete(self, profile_id: str) -> bool:
+        """Delete a profile."""
+        profiles = self._load()
+        if profile_id in profiles:
+            del profiles[profile_id]
+            self._save(profiles)
+            return True
+        return False
+    
+    def add_scan_result(self, profile_id: str, scan: ScanHistory) -> bool:
+        """Add a scan result to a profile's history."""
+        profile = self.get(profile_id)
+        if not profile:
+            return False
+        profile.scan_history.append(scan)
+        self.update(profile)
+        return True
+    
+    def search(self, query: str) -> List[Profile]:
+        """Search profiles by name, email, username, or notes."""
+        profiles = self._load()
+        query_lower = query.lower()
+        result = []
+        for p in profiles.values():
+            if (query_lower in (p.get("name") or "").lower() or
+                query_lower in (p.get("email") or "").lower() or
+                query_lower in (p.get("username") or "").lower() or
+                query_lower in (p.get("notes") or "").lower()):
+                result.append(Profile(**p))
+        return result

package/osintkit/risk.py

@@ -0,0 +1,42 @@
+"""Risk score calculation for osintkit."""
+
+from typing import Dict, List
+
+
+def calculate_risk_score(findings: Dict[str, List]) -> int:
+    """Calculate risk score 0-100 based on findings.
+    
+    Formula:
+    - Breach findings: 3 pts each, max 30 (cap at 10)
+    - Social profiles: 2 pts each, max 20 (cap at 10)
+    - Data brokers: 4 pts each, max 20 (cap at 5)
+    - Dark web/paste: 5 pts each, max 15 (cap at 3)
+    
+    Returns: int 0-100
+    """
+    score = 0
+    
+    # Breach exposure (30 points max)
+    breach_count = len(findings.get("breach_exposure", []))
+    score += min(30, breach_count * 3)
+    
+    # Social profiles (20 points max)
+    social_count = len(findings.get("social_profiles", []))
+    score += min(20, social_count * 2)
+    
+    # Data brokers (20 points max)
+    broker_count = len(findings.get("data_brokers", []))
+    score += min(20, broker_count * 4)
+    
+    # Dark web + paste sites (15 points max)
+    dark_count = len(findings.get("dark_web", [])) + len(findings.get("paste_sites", []))
+    score += min(15, dark_count * 5)
+    
+    # Password exposure - typically 0 since we don't have passwords
+    # If data contains count, scale it
+    password_data = findings.get("password_exposure", [])
+    if password_data and isinstance(password_data[0], dict) and password_data[0].get("data", {}).get("count"):
+        pw_count = password_data[0]["data"]["count"]
+        score += min(15, pw_count // 1000)
+    
+    return min(100, score)

package/osintkit/scanner.py

@@ -0,0 +1,240 @@
+"""Scanner orchestrator - runs all OSINT modules in parallel with progress."""
+
+import asyncio
+from pathlib import Path
+from datetime import datetime
+from typing import Any, Callable, Dict, List
+from rich.console import Console
+from rich.progress import Progress
+
+from osintkit.config import Config
+from osintkit.output.json_writer import write_json
+from osintkit.output.html_writer import write_html
+from osintkit.output.md_writer import write_md
+from osintkit.risk import calculate_risk_score
+
+
+class Scanner:
+    """Orchestrates OSINT module execution with progress display."""
+
+    def __init__(self, config: Config, output_dir: Path, console: Console):
+        self.config = config
+        self.output_dir = output_dir
+        self.console = console
+        self.modules = self._load_modules()
+
+    def _load_modules(self) -> List[tuple]:
+        """Load all available OSINT modules (Stage 1 + Stage 2 if keys present)."""
+        modules = [
+            ("social_profiles", self._run_social_profiles, "Social media profiles"),
+            ("email_accounts", self._run_email_accounts, "Email accounts"),
+            ("password_exposure", self._run_password_exposure, "Password breaches"),
+            ("web_presence", self._run_web_presence, "Web presence"),
+            ("cert_transparency", self._run_cert_transparency, "SSL certificates"),
+            ("breach_exposure", self._run_breach_exposure, "Data breaches"),
+            ("dark_web", self._run_dark_web, "Dark web"),
+            ("paste_sites", self._run_paste_sites, "Paste sites"),
+            ("data_brokers", self._run_data_brokers, "Data brokers"),
+            ("phone", self._run_phone, "Phone info"),
+            # New Stage 1 modules
+            ("sherlock", self._run_sherlock, "Social profiles (Sherlock)"),
+            ("gravatar", self._run_gravatar, "Gravatar profile"),
+            ("wayback", self._run_wayback, "Wayback Machine"),
+            ("phone_info", self._run_phone_info, "Phone analysis"),
+            ("hibp_kanon", self._run_hibp_kanon, "Password k-anonymity check"),
+        ]
+
+        # Stage 2 modules — only included when corresponding API key is set
+        api_keys = self.config.api_keys
+        stage2_map = [
+            ("leakcheck", api_keys.leakcheck, self._run_stage2_leakcheck, "LeakCheck breach lookup"),
+            ("hunter", api_keys.hunter, self._run_stage2_hunter, "Hunter email verify"),
+            ("numverify", api_keys.numverify, self._run_stage2_numverify, "NumVerify phone"),
+            ("github_api", api_keys.github, self._run_stage2_github, "GitHub profile"),
+            (
+                "securitytrails",
+                api_keys.securitytrails,
+                self._run_stage2_securitytrails,
+                "SecurityTrails subdomains",
+            ),
+        ]
+
+        for name, key, func, desc in stage2_map:
+            if key and key.strip():
+                modules.append((name, func, desc))
+
+        return modules
+
+    # ---- Stage 1 module runners ----
+
+    async def _run_social_profiles(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.social import run_social_profiles
+        return await run_social_profiles(inputs, self.config.timeout_seconds)
+
+    async def _run_email_accounts(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.holehe import run_email_accounts
+        return await run_email_accounts(inputs, self.config.timeout_seconds)
+
+    async def _run_password_exposure(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.hibp import run_password_exposure
+        return await run_password_exposure(inputs)
+
+    async def _run_web_presence(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.harvester import run_web_presence
+        return await run_web_presence(inputs, self.config.timeout_seconds)
+
+    async def _run_cert_transparency(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.certs import run_cert_transparency
+        return await run_cert_transparency(inputs)
+
+    async def _run_breach_exposure(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.breach import run_breach_exposure
+        return await run_breach_exposure(inputs, self.config.api_keys)
+
+    async def _run_dark_web(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.dark_web import run_dark_web
+        return await run_dark_web(inputs, self.config.api_keys)
+
+    async def _run_paste_sites(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.paste import run_paste_sites
+        return await run_paste_sites(inputs, self.config.api_keys)
+
+    async def _run_data_brokers(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.brokers import run_data_brokers
+        return await run_data_brokers(inputs, self.config.api_keys)
+
+    async def _run_phone(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.phone import run_phone
+        return await run_phone(inputs, self.config.api_keys)
+
+    async def _run_sherlock(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.sherlock import run_sherlock
+        return await run_sherlock(inputs, self.config.timeout_seconds)
+
+    async def _run_gravatar(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.gravatar import run_gravatar
+        return await run_gravatar(inputs)
+
+    async def _run_wayback(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.wayback import run_wayback
+        return await run_wayback(inputs)
+
+    async def _run_phone_info(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.libphonenumber_info import run_libphonenumber
+        return await run_libphonenumber(inputs)
+
+    async def _run_hibp_kanon(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.hibp_kanon import run_hibp_kanon
+        return await run_hibp_kanon(inputs)
+
+    # ---- Stage 2 module runners ----
+
+    async def _run_stage2_leakcheck(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.stage2.leakcheck import run
+        return await run(inputs, self.config.api_keys.leakcheck)
+
+    async def _run_stage2_hunter(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.stage2.hunter import run
+        return await run(inputs, self.config.api_keys.hunter)
+
+    async def _run_stage2_numverify(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.stage2.numverify import run
+        return await run(inputs, self.config.api_keys.numverify)
+
+    async def _run_stage2_github(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.stage2.github_api import run
+        return await run(inputs, self.config.api_keys.github)
+
+    async def _run_stage2_securitytrails(self, inputs: Dict) -> List[Dict]:
+        from osintkit.modules.stage2.securitytrails import run
+        return await run(inputs, self.config.api_keys.securitytrails)
+
+    # ---- Execution ----
+
+    def run(self, inputs: Dict) -> Dict[str, Any]:
+        """Run all modules without progress display."""
+        findings = {
+            "scan_date": datetime.now().isoformat(),
+            "inputs": inputs,
+            "modules": {},
+            "findings": {},
+            "risk_score": 0,
+        }
+
+        async def run_one(name: str, func: Callable):
+            try:
+                result = await func(inputs)
+                findings["modules"][name] = {"status": "done", "count": len(result)}
+                findings["findings"][name] = result
+            except Exception as e:
+                findings["modules"][name] = {"status": "failed", "error": str(e)}
+                findings["findings"][name] = []
+
+        async def main():
+            await asyncio.gather(*[run_one(n, f) for n, f, _ in self.modules])
+
+        asyncio.run(main())
+        findings["risk_score"] = calculate_risk_score(findings["findings"])
+        return findings
+
+    def run_with_progress(self, inputs: Dict, progress: Progress) -> Dict[str, Any]:
+        """Run all modules with progress display."""
+        findings = {
+            "scan_date": datetime.now().isoformat(),
+            "inputs": inputs,
+            "modules": {},
+            "findings": {},
+            "risk_score": 0,
+        }
+
+        tasks = {}
+        for name, func, desc in self.modules:
+            task_id = progress.add_task(f"[cyan]{desc}...", total=None)
+            tasks[name] = {"func": func, "task_id": task_id, "desc": desc}
+
+        async def run_one(name: str):
+            task_info = tasks[name]
+            try:
+                result = await task_info["func"](inputs)
+                findings["modules"][name] = {"status": "done", "count": len(result)}
+                findings["findings"][name] = result
+                progress.update(
+                    task_info["task_id"],
+                    completed=True,
+                    description=f"[green]done {task_info['desc']} ({len(result)})[/green]",
+                )
+            except Exception as e:
+                findings["modules"][name] = {"status": "failed", "error": str(e)}
+                findings["findings"][name] = []
+                progress.update(
+                    task_info["task_id"],
+                    completed=True,
+                    description=f"[yellow]failed {task_info['desc']}[/yellow]",
+                )
+
+        async def main():
+            await asyncio.gather(*[run_one(name) for name in tasks])
+
+        asyncio.run(main())
+        findings["risk_score"] = calculate_risk_score(findings["findings"])
+        return findings
+
+    def write_json(self, findings: Dict) -> Path:
+        api_keys = self._get_api_key_values()
+        return write_json(findings, self.output_dir, api_keys=api_keys)
+
+    def write_html(self, findings: Dict) -> Path:
+        api_keys = self._get_api_key_values()
+        return write_html(findings, self.output_dir, api_keys=api_keys)
+
+    def write_md(self, findings: Dict) -> Path:
+        api_keys = self._get_api_key_values()
+        return write_md(findings, self.output_dir, api_keys=api_keys)
+
+    def _get_api_key_values(self) -> Dict[str, str]:
+        """Return dict of all non-empty API key values for scrubbing."""
+        keys = {}
+        for field, value in self.config.api_keys.model_dump().items():
+            if value and isinstance(value, str):
+                keys[field] = value
+        return keys