OOTT - OSINT Offensive Toolkit

OSINT Tools suits for pentesters and for security assessment

Usage Example

Local file scanning

# Secrets scanning
./oott -localscan
./oott -localscan -lp /tmp/

Sub-domain scanning

# Basic scanning
./oott -d example.com -subdomain-scan -fast-scan -http-status-scan

# Detailed scanning
./oott -d example.com -subdomain-scan

# Full subdomain scan with customize wordlist
./oott -d example.com -subdomain-scan -fast-scan -http-status-scan -wordlist /tmp/wordlist.txt

Web scanning

# Basic scanning
./oott -d example.com -web-scan

# Web scan combine with subdomain scan
./oott -d example.com -subdomain-scan -fast-scan -http-status-scan -web-scan

Secret scanning

./oott -d example.com -secret-scan -key-words test1,test2,test3,test4

Email scanning

./oott -d example.com -email-scan

Supported Plugins

Catagories	Plugines
Subdomain	Brute forcing, HackerTarget, LeakIX, AlienVault, Archive.org, RapidDNS, Urlscan.io, MassDNS*2, CertSpotter, DuckDuckGo
Web scanning	Web Crawler*4, Wappalyzer*3
Secret	Github*1
Email	Email Format, PGP Scan, DuckDuckGo, Github*1

^*1 An API key is necessary for access.
^*2 Software installation is required.
^*3 Does not support browser-like functionality.
^*4 Features including files difference check.

TODO

Note

Run golangci-lint run before commit