It’s an OSINT reconnaissance poc powered by Local LLMs (Ollama). You can feed it an email, domain, or IP, and it automatically performs multiple types of reconnaissance, then generates a clean human-readable report using a local LLM.
Last updated Jun 24, 2026
82
Stars
11
Forks
0
Issues
0
Stars/day
Attention Score
22
Language breakdown
Python 100.0%
▸ Files
click to expand
README
POC : OSINT with LLM
This repository demonstrates domain, IP, and email reconnaissance with LLM-powered security reporting..
Overview
The project is divided into two main components:
- Recon Modules
- LLM Analysis and reporting
Recon Modules
Purpose
Gathering information about an ip, domain or emailApproach
- Domain OSINT:
* Shodan Info Gathering
* SSL Certificate Validation
* VirusTotal "malicious/clean" status
- IP Recon:
- Email Recon:
LLM Analysis and reporting
- Converts technical OSINT into human-readable summaries
- Extracts key findings & risk insights
- Generates reports
Required API keys for OSINT modules
- VTAPIKEY=yourvirustotalapi_key
- ABUSEIPDBKEY=yourabuseipdbapikey
- SHODANKEY=yourshodanapikey
Usage
Install dependencies
pip3 install -r requirements.txt
Demo
python3 main.py
When finished:
- OSINT recon runs
- LLM analyzes results
- A report is saved in /reports/
Demo with domain


Demo with ip


Demo with email


Notes
- The scripts are designed to be run locally, in a Python 3.13+ environment with the listed dependencies.
- Install Ollama on your machine and add the MISTRAL model.
- This poc is only for education purpose.
🔗 More in this category