Master OSINT stands out as a powerful yet approachable Python-based toolkit tailored for anyone dipping their toes into open-source intelligence gathering. It packs a wide array of features that make complex investigations feel straightforward, from pulling GPS data out of photos to scanning social media across dozens of platforms.

Whether you work in cybersecurity, journalism, or just love digging into public data, this tool simplifies the process without overwhelming you with technical hurdles.

Key Features Breakdown

Master OSINT covers everything from basic metadata pulls to advanced geospatial analysis. You get tools to extract GPS coordinates straight from image EXIF data, which is perfect for pinning down where a photo was snapped.

It also lets you probe social media footprints by entering a username and generating profile links for over 30 platforms, saving hours of manual searching.

Email handling shines too, with checks for data breaches via HaveIBeenPwned, paste site scans, and verification through services like Hunter.io, ReverseContact, and Epieos.

Domain sleuthing includes WHOIS lookups, DNS records, and subdomain enumeration from sources like crt.sh. Metadata extraction works on images and documents alike, revealing hidden details like creation dates and software used.

Google Dorking powers up your searches with advanced operators for precise results. The Wayback Machine integration pulls archived website snapshots, while IP tools deliver geolocation and AbuseIPDB blacklist reports.

Website scraping extracts metadata and named entities using spaCy NLP, phone number validation identifies carriers and types, reverse image searches hit multiple engines, and geospatial views leverage Google Satellite and OpenStreetMap for location intel.

Simple Step-by-Step Installation

Master OSINT can be deployed in minutes on most Linux distributions, especially Kali Linux. Follow the steps below for a clean and reliable installation.

Step 1: Clone the Master OSINT Gist

Start by cloning the official Gist repository:

git clone https://gist.github.com/5fb49b007d48cf2717bc3c12958e47b5.git

Once cloned, rename the directory for clarity and move into it:

mv 5fb49b007d48cf2717bc3c12958e47b5/ osintmaster/
cd osintmaster/

Step 2: (Recommended) Create a Python Virtual Environment

Using a virtual environment keeps dependencies isolated and avoids conflicts with system packages.

Create the virtual environment:

virtualenv my_temp_venv

Activate it:

source my_temp_venv/bin/activate

You should now see the virtual environment name in your terminal prompt.

Step 3: Install Core Dependency

Install the primary dependency required for historical data collection:

pip install waybackpy --break-system-packages

If you are using a virtual environment, the --break-system-packages flag may not be required, but it does not cause issues if included.

Step 4: Install Additional OSINT and Parsing Libraries

For a complete Master OSINT setup, install the following supporting libraries:

pip install requests beautifulsoup4 spacy phonenumbers exifread tldextract python-whois dnspython

These packages enable:

• Web scraping and HTTP requests
• HTML parsing
• NLP based entity extraction
• Phone number analysis
• Metadata extraction from files
• Domain and DNS intelligence
• WHOIS lookups

Step 5: Download spaCy Language Model

Master OSINT uses spaCy for NLP tasks such as entity recognition.

Download the required English language model:

python -m spacy download en_core_web_sm

Verify installation if needed:

python -c "import spacy; spacy.load('en_core_web_sm')"

Step 6: Verify Environment and Run Master OSINT

Ensure all dependencies are installed correctly:

pip list

You are now ready to run and extend Master OSINT for investigations, reconnaissance, and data enrichment workflows.

Launching and Navigating the Tool

Fire it up with python3 Master_osint.py, and a clean menu pops up listing 14 modules plus an exit option. Pick a number, follow the prompts, and results display in the console or save to files like metadata_output.json.

For website scraping in module 10, drop a urls.txt file in the same folder with one URL per line, and it processes them automatically. Input examples include usernames for social checks, emails for breach scans, domains for WHOIS, image paths for geolocation, or IPs for abuse lookups.

Setting Up API Keys for Full Power

Some modules need API keys to unlock premium features. Grab a HaveIBeenPwned key from their site for email breaches, Hunter.io for verification, and AbuseIPDB for IP reports, then plug them into the script's placeholders.

Store them securely with environment variables instead of hardcoding to keep things professional. This setup ensures compliance and avoids rate limits during heavy use

Real-World Use Cases and Tips

In a threat intel scenario, combine image geolocation with reverse searches to trace photo origins, or use phone validation alongside social profiling for subject verification.Journalists might chain domain investigations with Wayback snapshots to track site changes over time. Always prepare inputs like urls.txt for batch processing to handle larger investigations efficiently.

Pro tip: Run in a virtual environment to avoid conflicts, and test modules one by one to get comfortable before diving into combos.

Ethical Use and Best Practices

Master OSINT emphasizes responsible investigation, urging users to stick to legal, ethical research with consent where needed. Respect API terms, privacy laws, and avoid targeting without permission.

It is not for illegal activities but shines in education, security audits, and public data analysis. The developer welcomes contributions via issues or pull requests on GitHub.

Why Master OSINT Fits Your Toolkit

This tool bridges the gap between novice curiosity and pro-level OSINT with its menu-driven interface and broad coverage. Maintained actively on GitHub with over 125 stars, it evolves with community input, making it a solid, free addition to any investigator's arsenal.