mouna23
OSINT-with-LLM
Python

It’s an OSINT reconnaissance poc powered by Local LLMs (Ollama). You can feed it an email, domain, or IP, and it automatically performs multiple types of reconnaissance, then generates a clean human-readable report using a local LLM.

Last updated Jun 24, 2026
82
Stars
11
Forks
0
Issues
0
Stars/day
Attention Score
22
Language breakdown
Python 100.0%
Files click to expand
README

POC : OSINT with LLM

This repository demonstrates domain, IP, and email reconnaissance with LLM-powered security reporting..


Overview

The project is divided into two main components:

  • Recon Modules
  • LLM Analysis and reporting

Recon Modules

Purpose

Gathering information about an ip, domain or email

Approach

  • Domain OSINT:
* WHOIS Lookup

* Shodan Info Gathering

* SSL Certificate Validation

* VirusTotal "malicious/clean" status

  • IP Recon:
* AbuseIPDB score & classification

  • Email Recon:
* Breach/exposure lookup

LLM Analysis and reporting

  • Converts technical OSINT into human-readable summaries
  • Extracts key findings & risk insights
  • Generates reports

Required API keys for OSINT modules

  • VTAPIKEY=yourvirustotalapi_key
  • ABUSEIPDBKEY=yourabuseipdbapikey
  • SHODANKEY=yourshodanapikey

Usage

Install dependencies

pip3 install -r requirements.txt

Demo

python3 main.py
When finished:
  • OSINT recon runs
  • LLM analyzes results
  • A report is saved in /reports/

Demo with domain

Project Logo

Project Logo

Demo with ip

Project Logo

Project Logo

Demo with email

Project Logo

Project Logo

Notes

  • The scripts are designed to be run locally, in a Python 3.13+ environment with the listed dependencies.
  • Install Ollama on your machine and add the MISTRAL model.
  • This poc is only for education purpose.

© 2026 GitRepoTrend · mouna23/OSINT-with-LLM · Updated daily from GitHub