OSRFramework
OSRFramework is a comprehensive open-source intelligence (OSINT) framework designed for performing reconnaissance operations. It enables security professionals to gather information about usernames, email addresses, domains, and digital identities across multiple online sources in a structured and automated manner.
Installation
Abschnitt betitelt „Installation“Linux Installation
Abschnitt betitelt „Linux Installation“# Clone the repository
git clone https://github.com/i3visio/osrframework.git
cd osrframework
# Install dependencies
pip3 install -r requirements.txt
# Install the package
pip3 install .
# Verify installation
osrframework --versionmacOS Installation
Abschnitt betitelt „macOS Installation“# Install using Homebrew (if available)
brew install osrframework
# Or via pip3
pip3 install osrframework
# Verify
osrframework --versionWindows Installation
Abschnitt betitelt „Windows Installation“# Install via pip
pip install osrframework
# Verify installation
osrframework --version
python -m osrframework --versionDocker Installation
Abschnitt betitelt „Docker Installation“# Build Docker image
docker build -t osrframework .
# Run in container
docker run -it osrframework bashCore Components
Abschnitt betitelt „Core Components“Main Tools
Abschnitt betitelt „Main Tools“| Tool | Purpose |
|---|---|
usufy.py | Username enumeration across platforms |
mailfy.py | Email account discovery and verification |
domainfy.py | Domain and subdomain reconnaissance |
phonefy.py | Phone number OSINT and reverse lookup |
searchfy.py | Search query automation across engines |
Supporting Tools
Abschnitt betitelt „Supporting Tools“| Tool | Purpose |
|---|---|
hash-osint | Hash identifier and lookup |
ip-osint | IP address reconnaissance |
uri-osint | URI pattern analysis |
Usufy - Username Enumeration
Abschnitt betitelt „Usufy - Username Enumeration“Basic Username Search
Abschnitt betitelt „Basic Username Search“# Search for username across all platforms
usufy.py -u john.doe
# Search multiple usernames
usufy.py -u john.doe -u jane.smith -u admin
# Search with specific output file
usufy.py -u john.doe -o username_results.txtPlatform-Specific Searches
Abschnitt betitelt „Platform-Specific Searches“# Search only on Twitter
usufy.py -u john.doe -p twitter
# Search on multiple platforms
usufy.py -u john.doe -p twitter,github,linkedin
# List available platforms
usufy.py --list-platformsCustom Platform Configuration
Abschnitt betitelt „Custom Platform Configuration“# Use custom platform list
usufy.py -u john.doe -p twitter,facebook,instagram,reddit
# Specify custom configuration file
usufy.py -u john.doe -c custom_platforms.cfgVerbose and Debug Output
Abschnitt betitelt „Verbose and Debug Output“# Verbose output
usufy.py -u john.doe -v
# Debug mode with detailed logging
usufy.py -u john.doe -d
# Quiet mode (minimal output)
usufy.py -u john.doe -qBatch Username Enumeration
Abschnitt betitelt „Batch Username Enumeration“# Read usernames from file
usufy.py -f usernames.txt
# Process with custom timeout
usufy.py -f usernames.txt -t 10
# Combine multiple input files
usufy.py -f file1.txt -f file2.txt -o batch_results.txtMailfy - Email Discovery
Abschnitt betitelt „Mailfy - Email Discovery“Basic Email Enumeration
Abschnitt betitelt „Basic Email Enumeration“# Search for email addresses
mailfy.py -m john.doe@example.com
# Search multiple emails
mailfy.py -m john@example.com -m jane@example.com
# Search by username pattern
mailfy.py -u john.doe -e @gmail.comDomain-Based Email Discovery
Abschnitt betitelt „Domain-Based Email Discovery“# Find emails for specific domain
mailfy.py -d example.com
# Find emails with multiple domains
mailfy.py -d example.com -d company.org
# Generate email patterns
mailfy.py -u john.doe -d example.com --generate-patternsEmail Validation
Abschnitt betitelt „Email Validation“# Verify email existence
mailfy.py -m john.doe@example.com --verify
# Check email deliverability
mailfy.py -m john.doe@example.com --check-deliverable
# Bulk email verification
mailfy.py -f emails.txt --verify-allEmail Breach Checking
Abschnitt betitelt „Email Breach Checking“# Check if email in breach database
mailfy.py -m john.doe@example.com --check-breaches
# Detailed breach information
mailfy.py -m john.doe@example.com --check-breaches -v
# Check multiple emails for breaches
mailfy.py -f emails.txt --check-breachesDomainfy - Domain Reconnaissance
Abschnitt betitelt „Domainfy - Domain Reconnaissance“Domain Information Gathering
Abschnitt betitelt „Domain Information Gathering“# Get domain information
domainfy.py -d example.com
# Get multiple domains
domainfy.py -d example.com -d company.org
# Check domain availability
domainfy.py -d example.com --check-availabilitySubdomain Discovery
Abschnitt betitelt „Subdomain Discovery“# Find subdomains
domainfy.py -d example.com --find-subdomains
# Deep subdomain enumeration
domainfy.py -d example.com --recursive --depth 2
# Export subdomain list
domainfy.py -d example.com --find-subdomains -o subdomains.txtDNS Record Enumeration
Abschnitt betitelt „DNS Record Enumeration“# Get DNS records
domainfy.py -d example.com --dns-records
# Check specific record types
domainfy.py -d example.com --record-types MX,NS,A,CNAME
# Full DNS enumeration
domainfy.py -d example.com --dns-enumerationDomain Reputation Check
Abschnitt betitelt „Domain Reputation Check“# Check domain reputation
domainfy.py -d example.com --reputation
# Malware/phishing check
domainfy.py -d example.com --check-malware
# Detailed reputation report
domainfy.py -d example.com --reputation -vPhonefy - Phone Number OSINT
Abschnitt betitelt „Phonefy - Phone Number OSINT“Phone Number Lookup
Abschnitt betitelt „Phone Number Lookup“# Search phone number
phonefy.py -p "+1-555-123-4567"
# Multiple phone numbers
phonefy.py -p "+1-555-123-4567" -p "+44-20-7946-0958"
# Format variations
phonefy.py -p "5551234567" -p "+1 555 123 4567"Phone Number Validation
Abschnitt betitelt „Phone Number Validation“# Validate phone number format
phonefy.py -p "+1-555-123-4567" --validate
# Check carrier information
phonefy.py -p "+1-555-123-4567" --carrier-info
# Get location information
phonefy.py -p "+1-555-123-4567" --location-infoBulk Phone Number Processing
Abschnitt betitelt „Bulk Phone Number Processing“# Process phone numbers from file
phonefy.py -f phone_numbers.txt
# Combined with validation
phonefy.py -f phone_numbers.txt --validate -o results.txtSearchfy - Search Query Automation
Abschnitt betitelt „Searchfy - Search Query Automation“Multi-Engine Searches
Abschnitt betitelt „Multi-Engine Searches“# Search across engines
searchfy.py -q "john doe security researcher"
# Specific search engine
searchfy.py -q "admin credentials" --engine google
# Multiple search engines
searchfy.py -q "vulnerability disclosure" --engines google,bing,duckduckgoDork-Based Searching
Abschnitt betitelt „Dork-Based Searching“# Google dork search
searchfy.py -q 'filetype:pdf site:example.com'
# GitHub dork
searchfy.py -q 'path:config password' --engine github
# Custom dork patterns
searchfy.py --dork-file dorks.txtResult Filtering
Abschnitt betitelt „Result Filtering“# Filter results by keyword
searchfy.py -q "example.com" --filter "admin"
# Limit result count
searchfy.py -q "security conference" --max-results 50
# Export results
searchfy.py -q "vulnerability" --export results.jsonAdvanced Reconnaissance
Abschnitt betitelt „Advanced Reconnaissance“Combined Multi-Tool Workflow
Abschnitt betitelt „Combined Multi-Tool Workflow“# Username + Email discovery
usufy.py -u john.doe | mailfy.py --from-usufy
# Domain + Email enumeration
domainfy.py -d example.com | mailfy.py --from-domainfy
# Phone + Reverse lookup
phonefy.py -p "+1-555-123-4567" | searchfy.py --from-phonefyOutput Formats
Abschnitt betitelt „Output Formats“# JSON output
usufy.py -u john.doe -o results.json --format json
# CSV output
mailfy.py -m john@example.com -o results.csv --format csv
# HTML report
domainfy.py -d example.com -o report.html --format html
# XML output
phonefy.py -f numbers.txt -o results.xml --format xmlData Correlation
Abschnitt betitelt „Data Correlation“# Correlate findings across tools
osrframework correlate \
--usufy results_users.json \
--mailfy results_emails.json \
--domainfy results_domains.json \
--output correlated_results.json
# Detailed correlation report
osrframework correlate \
--input results/ \
--verbose \
--html-reportAuthentication and API Keys
Abschnitt betitelt „Authentication and API Keys“Configure API Keys
Abschnitt betitelt „Configure API Keys“# Set up API keys for enhanced functionality
osrframework configure
# Add specific API key
osrframework config --set SHODAN_API_KEY "your_key_here"
# Add Twitter API credentials
osrframework config --set TWITTER_API_KEY "key"
osrframework config --set TWITTER_API_SECRET "secret"Free vs. Premium Searches
Abschnitt betitelt „Free vs. Premium Searches“# Use only free sources
usufy.py -u john.doe --free-only
# Enable premium features with API keys
mailfy.py -m john@example.com --use-premium
# Check available API keys
osrframework config --list-keysPerformance Optimization
Abschnitt betitelt „Performance Optimization“Threading and Rate Limiting
Abschnitt betitelt „Threading and Rate Limiting“# Adjust thread count
usufy.py -u john.doe --threads 10
# Set request delay
mailfy.py -m john@example.com --delay 2
# Rate limiting
domainfy.py -d example.com --rps 5Timeout Configuration
Abschnitt betitelt „Timeout Configuration“# Set connection timeout
usufy.py -u john.doe --timeout 30
# Set socket timeout
mailfy.py -m john@example.com --socket-timeout 15
# Retry logic
phonefy.py -p "+1-555-123-4567" --retries 3Large-Scale Operations
Abschnitt betitelt „Large-Scale Operations“# Process large datasets efficiently
usufy.py -f large_usernames.txt \
--threads 20 \
--delay 0.5 \
--timeout 45 \
-o results.json
# Distributed processing
osrframework distributed \
--input-file huge_list.txt \
--workers 4 \
--tool usufyFiltering and Refinement
Abschnitt betitelt „Filtering and Refinement“Result Filtering
Abschnitt betitelt „Result Filtering“# Filter for active accounts only
usufy.py -u john.doe --filter active
# Show only verified results
mailfy.py -m john@example.com --verified-only
# Confidence-based filtering
domainfy.py -d example.com --min-confidence 80Custom Filters
Abschnitt betitelt „Custom Filters“# Filter by response code
usufy.py -u john.doe --response-codes 200,301
# Filter by keyword in results
mailfy.py -m john@example.com --contains "verified"
# Exclude results
phonefy.py -p "+1-555-123-4567" --exclude-spamReporting and Export
Abschnitt betitelt „Reporting and Export“Generate Reports
Abschnitt betitelt „Generate Reports“# HTML report
usufy.py -u john.doe -o john_doe_report.html --report-format html
# JSON report
mailfy.py -m john@example.com --json-report email_report.json
# CSV export
domainfy.py -d example.com --csv-export domain_data.csv
# Excel report (if supported)
phonefy.py -f phones.txt --excel-report phone_report.xlsxMulti-Format Output
Abschnitt betitelt „Multi-Format Output“# Export to multiple formats simultaneously
usufy.py -u john.doe \
--json results.json \
--csv results.csv \
--html results.html
# Detailed markdown report
osrframework report \
--input findings/ \
--format markdown \
--output findings.mdTroubleshooting
Abschnitt betitelt „Troubleshooting“Connection Issues
Abschnitt betitelt „Connection Issues“# Test connectivity
osrframework test-connection
# Verbose network debugging
usufy.py -u john.doe -v --debug-network
# Proxy configuration
usufy.py -u john.doe --proxy http://proxy.example.com:8080API Issues
Abschnitt betitelt „API Issues“# Test API key validity
osrframework test-api-keys
# Check rate limits
osrframework check-rate-limits
# Reset API configuration
osrframework config --resetPerformance Issues
Abschnitt betitelt „Performance Issues“# Monitor resource usage
osrframework monitor
# Reduce load
usufy.py -u john.doe --threads 2 --delay 5
# Memory optimization
mailfy.py -m john@example.com --memory-efficientBest Practices
Abschnitt betitelt „Best Practices“Pre-Assessment Planning
Abschnitt betitelt „Pre-Assessment Planning“- Define clear intelligence objectives
- Identify target entities (usernames, domains, emails)
- Document all findings and sources
- Maintain ethical standards throughout
- Verify information accuracy through multiple sources
Efficient Reconnaissance
Abschnitt betitelt „Efficient Reconnaissance“# Structured multi-stage approach
# 1. Initial username search
usufy.py -u target_user -o stage1_users.json
# 2. Email discovery from results
mailfy.py -d discovered_domain.com -o stage2_emails.json
# 3. Domain reconnaissance
domainfy.py -d discovered_domain.com -o stage3_domains.json
# 4. Correlate findings
osrframework correlate --input stage*.json --output final_report.jsonData Management
Abschnitt betitelt „Data Management“# Organize results by timestamp
mkdir -p osint_results/$(date +%Y%m%d)
# Store comprehensive logs
osrframework verbose --all \
--logfile osint_results/$(date +%Y%m%d)/osrfw.log
# Archive results
tar -czf osint_$(date +%Y%m%d).tar.gz osint_results/Legal and Ethical Considerations
Abschnitt betitelt „Legal and Ethical Considerations“OSRFramework should only be used:
- For authorized security assessments
- During legitimate reconnaissance phases
- With proper scope documentation
- In compliance with applicable laws
- Respecting platform terms of service
Always maintain:
- Written authorization before testing
- Detailed logs of all activities
- Clear documentation of methodology
- Professional ethical standards
- Confidentiality of sensitive findings
Resources
Abschnitt betitelt „Resources“- Official GitHub: https://github.com/i3visio/osrframework
- Documentation: https://osrframework.readthedocs.io/
- OSINT methodology guides
- Platform-specific research resources
- Legal/ethical OSINT guidelines