trulysoulless

joined 4 days ago
sorted by: new top controversial old
PRISM - a self-hosted OSINT platform with a real-time dashboard in c/selfhosted@lemmy.world
[–] trulysoulless@lemmy.world 2 points 4 days ago

Thanks, I'll fix that. I'll add a filter for known privacy-proxy and registrar abuse domains

PRISM - a self-hosted OSINT platform with a real-time dashboard in c/selfhosted@lemmy.world
[–] trulysoulless@lemmy.world -4 points 4 days ago (2 children)

Yep, I'm a solo dev and I use AI assistance while building this. So, I should've been upfront about it. The code's all reviewed, tested, and MIT-licensed, so it's fully auditable. I'll add a disclosure to the README

PRISM - a self-hosted OSINT platform with a real-time dashboard in c/selfhosted@lemmy.world
[–] trulysoulless@lemmy.world 1 points 4 days ago

Thanks, gotcha. I figured marking those cases as inconclusive makes a lot more sense than treating them as failures. It should cut down on false alarms from catch-all and greylisted servers while still keeping the results reliable. Since I'm already checking MX, SPF, and DMARC, I should have enough confidence without being overly aggressive

PRISM - a self-hosted OSINT platform with a real-time dashboard in c/selfhosted@lemmy.world
[–] trulysoulless@lemmy.world 4 points 4 days ago

Xd, prism is basically un-googleable that one's on me cause there is not a great SEO foresight. The name was mine though

PRISM - a self-hosted OSINT platform with a real-time dashboard in c/selfhosted@lemmy.world
[–] trulysoulless@lemmy.world 2 points 4 days ago

Oh thanks, I'll fix that

PRISM - a self-hosted OSINT platform with a real-time dashboard in c/selfhosted@lemmy.world
[–] trulysoulless@lemmy.world 10 points 4 days ago (1 children)

Hiya, love that you actually tested it. That's exactly the kind of 30-second recon it's built for. The "missing security headers" check catches a surprising number of sites.

If there's a module or source you'd want added, I'm genuinely taking requests that's how the roadmap gets shaped. Thanks for trying it!

155
PRISM - a self-hosted OSINT platform with a real-time dashboard (lemmy.world)
submitted 4 days ago* (last edited 4 days ago) by trulysoulless@lemmy.world to c/selfhosted@lemmy.world
45 comments fedilink
 

I've been building PRISM - a self-hosted OSINT toolkit you run yourself instead of pasting investigation targets into someone else's web service.

Give it a domain, IP, email, phone, or username and it runs 22+ modules in parallel into one dashboard: WHOIS, DNS, crt.sh subdomains, GeoIP, threat intel (Shodan/VirusTotal/AbuseIPDB/Censys), breach data, username search across 3000+ sites (Blackbird + Maigret), dark-web mirror checks, and more. Results come with an entity graph, a GeoIP map, an OPSEC exposure score (0–100), and HTML/PDF/CSV/Markdown exports.

14 of the 22 modules work with zero API keys (missing keys degrade gracefully instead of erroring).

Stack: FastAPI + Next.js 14, runs with one docker compose up. MIT licensed.

Demo: https://getprism.su/ Github: https://github.com/NovaCode37/Prism-platform

Built it solo - feedback welcome, especially on which modules you'd want added.