j3ssie
metabigor
Go

OSINT tools and more but without API key

Last updated Jul 10, 2026
1.6k
Stars
188
Forks
7
Issues
+30
Stars/day
Attention Score
95
Language breakdown
Go 92.1%
Shell 5.5%
Makefile 2.4%
โ–ธ Files click to expand
README

Metabigor
Metabigor - OSINT power without API key hassle


What is Metabigor?

Metabigor is Intelligence tool, its goal is to do OSINT tasks and more but without any API key.

Features

  • Network Discovery - Find IP ranges (CIDRs) from ASN, organization, domain, or IP address
  • Certificate Transparency - Discover subdomains via crt.sh certificate logs
  • IP Enrichment - Get port, service, and vulnerability data via Shodan InternetDB (free, no API key)
  • GitHub Code Search - Find secrets, credentials, and subdomains in public repositories via grep.app
  • IP Clustering - Group IPs by ASN for infrastructure mapping
  • Related Domains - Discover related domains via certificate logs, reverse WHOIS, and analytics tracking
  • CDN/WAF Detection - Identify if IPs are behind CDN or WAF providers

Installation

Pre-built Binaries

You can download pre-built binaries for your platform from the releases page. Choose the appropriate binary for your operating system and architecture, download it, and place it in your PATH.

Build from repository

git clone https://github.com/j3ssie/metabigor.git
cd metabigor
make build

binary at ./bin/metabigor

Commands

net โ€” Network Discovery

Discover CIDRs and network ranges for an ASN, IP, domain, or organization. Auto-detects input type.

# Find CIDRs for an ASN
echo "AS13335" | metabigor net
metabigor net --input AS13335

Lookup which ASN owns an IP

echo "1.1.1.1" | metabigor net --ip

Find CIDRs associated with a domain

echo "cloudflare.com" | metabigor net --domain

Search by organization name

echo "Cloudflare" | metabigor net --org

Use live online sources instead of local DB

echo "AS13335" | metabigor net --dynamic

Batch input from file

metabigor net -I asn-list.txt -o results.txt

Force input type with override flags

echo "13335" | metabigor net --asn

cert โ€” Certificate Transparency Search

Query crt.sh for domains and certificates.

# Find domains in certificate transparency logs
echo "hackerone.com" | metabigor cert

Search by organization name

echo "HackerOne Inc" | metabigor cert

Strip wildcard prefixes (*.) from results

echo "example.com" | metabigor cert --clean

Show only wildcard entries

echo "example.com" | metabigor cert --wildcard

JSON output

echo "example.com" | metabigor cert --json

Save to file

echo "example.com" | metabigor cert --clean -o domains.txt

ip โ€” IP Enrichment (Shodan InternetDB)

Query Shodan's free InternetDB API for open ports, hostnames, vulnerabilities, and tags.

# Lookup a single IP
echo "1.1.1.1" | metabigor ip

Scan a CIDR range (auto-expands)

echo "1.1.1.0/28" | metabigor ip

Flat IP:PORT output (useful for piping to other tools)

echo "1.1.1.0/28" | metabigor ip --flat

CSV output

echo "1.1.1.0/28" | metabigor ip --csv

JSON output

echo "1.1.1.1" | metabigor ip --json

Bulk scan from file with higher concurrency

metabigor ip -I ips.txt -c 20 --flat -o open-ports.txt

github โ€” Code Search (grep.app)

Search public GitHub code via grep.app.

# Search for a domain in code
echo "hackerone.com" | metabigor github

Search for API keys or secrets patterns

echo "AKIA" | metabigor github

Paginate results

echo "example.com" | metabigor github --page 2

JSON output with repo, path, snippet

echo "example.com" | metabigor github --json

Save results

echo "target.com" | metabigor github -o github-results.txt

ipc โ€” IP Clustering

Group a list of IPs by ASN using the local database. Useful for understanding the infrastructure behind a set of IPs.

# Cluster IPs from stdin
cat ips.txt | metabigor ipc

JSON output with full details

cat ips.txt | metabigor ipc --json

From file

metabigor ipc -I ips.txt -o clusters.txt

related โ€” Related Domain Discovery

Find domains related to a target via multiple OSINT sources.

# Use all sources (crt.sh, WHOIS, analytics)
echo "hackerone.com" | metabigor related

Certificate transparency only

echo "hackerone.com" | metabigor related -s crt

Reverse WHOIS via viewdns.info

echo "hackerone.com" | metabigor related -s whois

Google Analytics / GTM correlation

echo "hackerone.com" | metabigor related -s ua

Save results

echo "target.com" | metabigor related -o related-domains.txt

cdn โ€” CDN/WAF Detection

Check if IPs belong to CDN or WAF providers. Shows vendor and type by default.

# Check if IP is behind CDN/WAF (shows vendor and type)
echo "1.1.1.1" | metabigor cdn

Check multiple IPs from file

cat ips.txt | metabigor cdn

Strip CDN/WAF IPs from output (show only non-CDN IPs)

cat ips.txt | metabigor cdn --strip-cdn

JSON output with full details

echo "1.1.1.1" | metabigor cdn --json

Find origin servers (non-CDN IPs only)

cat ips.txt | metabigor cdn --strip-cdn -o origin-ips.txt

Pipeline: Resolve domains then check for CDN

cat domains.txt | dnsx -silent -resp-only | metabigor cdn

update โ€” Update ASN Database

metabigor update

Painless integrate Metabigor into your recon workflow?

OsmedeusEngine

This project was part of Osmedeus Engine. Check out how it was integrated at @OsmedeusEngine

Credits

Logo from flaticon by freepik

๐Ÿ“Š Data Sources

  • Local Database - IP-to-ASN and IP-to-Country mappings (2M+ entries)
  • crt.sh - Certificate Transparency logs
  • Shodan InternetDB - Free IP enrichment API
  • grep.app - GitHub code search
  • bgp.he.net - Live BGP routing data
  • viewdns.info - Reverse WHOIS lookups
  • builtwith.com - Analytics tracking correlation
  • projectdiscovery/cdncheck - CDN/WAF detection library

Disclaimer

This tool is for educational purposes only. You are responsible for your own actions. If you mess something up or break any laws while using this software, it's your fault, and your fault only.

License

Metabigor is made with โ™ฅ by @j3ssie and it is released under the MIT license.

Donation

paypal

๐Ÿ”— More in this category

ยฉ 2026 GitRepoTrend ยท j3ssie/metabigor ยท Updated daily from GitHub