Skip to content

TomOstt/Argus-OSINT

BranchesTags

Repository files navigation

πŸ‘οΈ ARGUS

The All-Seeing OSINT Platform

Python 3.12+ Platforms Intel Sources License

Identity resolution Β· Breach intelligence Β· Domain recon Β· Behavioral profiling

Give Argus a name, email, phone, or domain β€” it fans out across 64 platforms and 19 intelligence sources, cross-correlates everything, and hands you a confidence-scored dossier.

⚑ 30-Second Start

pip install argus-osint          # or: uv add argus-osint
argus resolve "Linus Torvalds"   # find accounts across 64 platforms
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Platform β”‚ Username     β”‚ URL                             β”‚ Confidence β”‚ Label     β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚ github   β”‚ torvalds     β”‚ https://github.com/torvalds     β”‚     92%    β”‚ confirmed β”‚
β”‚ gitlab   β”‚ torvalds     β”‚ https://gitlab.com/torvalds     β”‚     78%    β”‚ likely    β”‚
β”‚ keybase  β”‚ torvalds     β”‚ https://keybase.io/torvalds     β”‚     85%    β”‚ confirmed β”‚
β”‚ reddit   β”‚ torvalds     β”‚ https://reddit.com/u/torvalds   β”‚     45%    β”‚ possible  β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

πŸ”₯ What Can Argus Do?

# πŸ” Find someone across 64 platforms
argus resolve "Jane Doe" --location "NYC" --email [email protected]

# πŸ“§ Investigate an email β€” breaches, PGP keys, Gravatar, linked accounts
argus intel email "[email protected]"

# 🌐 Recon a domain β€” WHOIS, DNS, certs, subdomains, Wayback history
argus intel domain "example.com"

# πŸ“± Phone lookup β€” carrier, country, line type, validation
argus intel phone "+1-555-123-4567"

# πŸ’€ Breach check β€” Have I Been Pwned, LeakCheck, IntelX
argus intel breach "[email protected]"

# πŸ–ΌοΈ Image analysis β€” perceptual hash, EXIF extraction
argus intel image "https://example.com/photo.jpg"

# πŸ•ΈοΈ Full correlation β€” cross-reference everything
argus correlate "John Doe"

# 🧠 Behavioral profiling β€” interests, activity patterns, writing style
argus profile "John Doe"

# πŸ”— Topic linking β€” find connections to orgs, topics, interests
argus link "John Doe" --topic "machine learning"

# πŸ“„ Generate reports
argus report "John Doe" --format markdown --output report.md

🌍 64 Platforms

πŸ”§ Developer

  • GitHub
  • GitLab
  • Bitbucket
  • Codeberg
  • Stack Overflow
  • HackerNews
  • Keybase
  • npm
  • PyPI
  • crates.io
  • RubyGems
  • Docker Hub
  • Kaggle

πŸ“± Social

  • Twitter/X
  • Instagram
  • Facebook
  • LinkedIn
  • Reddit
  • Mastodon
  • Bluesky
  • Threads
  • TikTok
  • Snapchat
  • Pinterest
  • Tumblr
  • VK

🎬 Media

  • YouTube
  • Twitch
  • Spotify
  • SoundCloud
  • Odysee
  • Rumble
  • PeerTube
  • DeviantArt
  • Behance
  • Dribbble
  • 500px
  • Flickr

🌐 Other

  • Linktree
  • Substack
  • Medium
  • Patreon
  • BuyMeACoffee
  • About.me
  • Steam
  • Lichess
  • Chess.com
  • Goodreads
  • Wikipedia
  • Wikidata
  • Telegram
  • Discord
  • Trello
  • Strava
  • Quora
  • Nostr
  • Matrix
  • Pixelfed
  • Gab
  • Minds
  • HackTheBox
  • TryHackMe

πŸ•΅οΈ Intelligence Sources

Category Sources What You Get
πŸ’€ Breach Have I Been Pwned Β· LeakCheck Β· IntelX Breached credentials, exposed data types
🌐 Domain WHOIS · DNS · crt.sh · SecurityTrails Registration, records, certs, subdomains
πŸ”’ Network Shodan Β· VirusTotal Β· Wayback Machine Open ports, threat intel, historical snapshots
πŸͺͺ Identity PGP Keyservers Β· Hunter.io Β· Libravatar Β· Gravatar Keys, email verification, avatars
πŸ“‹ Records OpenCorporates Β· OCCRP Aleph Β· Google Dorking Corporate filings, investigations, targeted queries
πŸ“ž Comms Email Validation Β· Phone Lookup Β· Paste Search MX checks, carrier info, paste exposure

πŸ“¦ Install

pip install argus-osint                  # core
pip install argus-osint[intel]           # + WHOIS, DNS, phone parsing
pip install argus-osint[playwright]      # + browser automation
pip install argus-osint[api]             # + REST API server
pip install argus-osint[all]             # everything
πŸ› οΈ Development setup 
git clone https://github.com/TomOst-Sec/Argus-OSINT.git
cd Argus-OSINT
uv sync --group dev
uv run pytest tests/ -x     # run tests
uv run argus platforms       # verify 64 platforms

βš™οΈ Configuration

argus config init   # creates argus.toml
[general]
default_threshold = 0.45
max_concurrent_requests = 10

[stealth]
min_delay = 2.0
max_delay = 5.0

[intel]
hibp_api_key = ""           # haveibeenpwned.com ($3.50/mo)
shodan_api_key = ""         # shodan.io (free tier)
virustotal_api_key = ""     # virustotal.com (free tier)
hunter_api_key = ""         # hunter.io (free tier)
enable_breach_check = true
enable_domain_intel = true

Environment overrides: ARGUS_INTEL_HIBP_API_KEY=xxx

πŸ—οΈ Architecture

                    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
                    β”‚              ARGUS ENGINE                β”‚
                    β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
  Name / Email ───► β”‚  Resolver ──► Verification ──► Scoring  β”‚ ───► Dossier
  Phone / Domain    β”‚      β”‚            Engine          β”‚      β”‚
                    β”‚      β–Ό                            β–Ό      β”‚
                    β”‚  64 Platforms    19 Intel     Correlation β”‚
                    β”‚  (parallel)     Sources       Engine     β”‚
                    β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
                    β”‚  Stealth Layer: UA rotation, rate limits, β”‚
                    β”‚  proxy support, Camoufox browser          β”‚
                    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Verification signals: photo hash (35%) Β· bio similarity (20%) Β· timezone (15%) Β· username patterns (10%) Β· connections (10%) Β· writing style (10%)

πŸ”Œ Integrations

argus serve --api --port 8000   # REST API (FastAPI + OpenAPI docs)
argus serve --mcp               # MCP server for Claude Code

Also integrates with LangChain and CrewAI as tool providers.

MIT License Β· Built for authorized security research, CTF, and OSINT investigations only.

All sources are publicly accessible APIs and legally queryable services. No unauthorized access.

About

Multi-source OSINT platform for identity resolution, breach intelligence, and domain recon. Scans 64 platforms, cross-correlates 19 intel sources, and returns confidence-scored dossiers from a single query.

Topics

osint intel cybersecurity osint-resources osint-tool

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages