HiddenOSINT
HiddenOSINT is a powerful darkweb intelligence gathering tool developed for digital forensics professionals to collect and analyze information about .onion domains.
- Secure access to .onion domains through the Tor network
- Domain reachability checks and status monitoring
- HTTP header collection and security header analysis
- Server identification and technology detection
- Extraction of meta information (title, description, keywords)
- Collection and analysis of links, images, and forms
- Email address extraction from page content
- Framework and technology detection
- Subpage scanning capabilities
- Security header analysis and recommendations
- Page content fingerprinting (MD5, SHA256)
- Results saved in both JSON and HTML formats
- User-friendly command-line interface with extensive options
- Python 3.6+
- Tor service running on the local machine (typically on port 9050)
- Python dependencies (listed in the requirements.txt file)
- Clone or download the repository:
git clone https://github.com/root0emir/HiddenOSINT.git
cd HiddenOSINT- Install dependencies:
pip install -r requirements.txt- Start the Tor service (example commands):
Windows:
# If Tor Browser is installed, start the Tor Browser
# Alternatively, a separate Tor service can be installed
Linux:
sudo service tor start
# or
sudo systemctl start torBasic usage:
python hidden_osint.py example123abc.onionWith additional parameters:
python hidden_osint.py example123abc.onion --output results --timeout 60 --subpages --max-subpages 10domain: The .onion domain to scan (required)-o, --output: Directory to save results (default: "results")-t, --timeout: Request timeout in seconds (default: 30)-s, --subpages: Enable scanning of subpages (internal links)-m, --max-subpages: Maximum number of subpages to scan (default: 5)--no-html: Disable HTML report generation--new-identity: Request a new Tor identity before scanning
Results are saved to the specified output directory in both JSON and HTML formats:
results/
├── example123abc_info.json
└── example123abc_info.html
The JSON output includes the following information:
- Domain information and scan date
- Reachability status and response time
- HTTP status code and headers
- Security headers analysis
- Server information and technologies detected
- Page title, description, and keywords
- Framework and technology detection
- Links, images, and forms on the page
- Email addresses found in the content
- Page content fingerprints (hashes)
- Subpage information (if scanning enabled)
The HTML report provides a user-friendly presentation of all collected data with formatting and visual indicators for security issues.
- Use this tool only for legal research and digital forensics purposes
- Ensure that your activities on the Darkweb remain within legal boundaries
- Accessing illegal content, even for research purposes, may have legal consequences
- The tool is designed for intelligence gathering only and should not be used for any malicious purposes
The tool can detect common web frameworks and technologies used by the site, including:
- JavaScript frameworks (React, Angular, Vue.js, jQuery)
- Server-side frameworks (Django, Laravel, WordPress, etc.)
- Security technologies (Cloudflare, etc.)
HiddenOSINT analyzes security headers and provides recommendations, checking for:
- Content-Security-Policy
- Strict-Transport-Security
- X-Content-Type-Options
- X-Frame-Options
- X-XSS-Protection
- Referrer-Policy
With the --subpages option, the tool can explore internal links to gather more comprehensive information about the target site.
The HTML report provides a well-formatted, easy-to-read presentation of all collected data, with color-coded indicators for security issues and important findings.