from trulysoulless@lemmy.world to selfhosted@lemmy.world on 20 Jun 15:20
https://lemmy.world/post/48411926
I’ve been building PRISM - a self-hosted OSINT toolkit you run yourself instead of pasting investigation targets into someone else’s web service.
Give it a domain, IP, email, phone, or username and it runs 22+ modules in parallel into one dashboard: WHOIS, DNS, crt.sh subdomains, GeoIP, threat intel (Shodan/VirusTotal/AbuseIPDB/Censys), breach data, username search across 3000+ sites (Blackbird + Maigret), dark-web mirror checks, and more. Results come with an entity graph, a GeoIP map, an OPSEC exposure score (0–100), and HTML/PDF/CSV/Markdown exports.
Your targets never leave your PC, and 14 of the 22 modules work with zero API keys (missing keys degrade gracefully instead of erroring).
Stack: FastAPI + Next.js 14, runs with one docker compose up. MIT licensed.
Demo: getprism.su Github: github.com/NovaCode37/Prism-platform
Built it solo - feedback welcome, especially on which modules you’d want added.
threaded - newest
That’s pretty darn cool:
<img alt="" src="https://lemmy.world/pictrs/image/73673338-4f37-4b78-bb08-735ae68a993a.png">
Hiya, love that you actually tested it. That’s exactly the kind of 30-second recon it’s built for. The “missing security headers” check catches a surprising number of sites.
If there’s a module or source you’d want added, I’m genuinely taking requests that’s how the roadmap gets shaped. Thanks for trying it!
You bet. I’ve dropped it in my ‘Projects’ folder. Thank you for sharing.
This looks really cool. One minor bug: with the online demo, at least on mobile (chrome, iOS), the target text field never brings up the keyboard so it can’t be used.
Oh thanks, I’ll fix that
So I have an interest in self hosting things in the future (nextcloud, chatmail), but for now I’m scared of opening my network to attacks, and also I don’t have a network right now I just hotspot from my phone when needed and torrent things at my friend’s house.
That said how would I go about using this? I’m guessing something to do with docker or porteus (maybe? The other one that wasn’t vulnerable to that recent thing), then when I want to check out X website I just “spin up the docker container” (still not 100% what that means but I’ve heard the verbiage), hotspot the pc (for now), and run it through the program? Am I understanding that right?
Sorry I’m so green, gotta start somewhere! I feel like a grandma calling an Xbox a “Nintendo” haha.
We all started at green. No shame.
So, yes OP is using Docker. Once you install Docker on your server, you ‘spin up’ the docker container using the Docker compose file:
github.com/NovaCode37/…/docker-compose.yml
…and the associated .env file that houses all your environmental variables:
github.com/NovaCode37/…/.env.example
Awesome, thank you for the help/info! This seems like a good first step, I’ll try it out!
Give it a go man. What’s the worst that can happen? …you have to drop back and do some studyin’. That’s pretty much how I learn. Read, Do, Fuck it up ad nauseam until it clicks, then I write that shit down.
Same here lol, I will for sure!
Yeah, this project is built as a docker container. The repo has instructions on starting the container. You should watch a few introductory videos on Docker so you understand the concepts and basic usage.
Once it’s started, the machine that docker is running on will be serving a website that acts as the application. If you’re running docker on your desktop you can then open a web browser and go to localhost:8080 and you will see something that looks like the demo link above.
This doesn’t expose it to the Internet. If you’re running this on a home LAN with a router between you and the ISP’s modem (or the ISP’s modem is a router/AP) then only computers connected to your network will be able to access it. You would have to go to your router’s administration console and specifically forward a port for that service so that people on the Internet could get past your modem.
Awesome thanks for all the help and info, I’ll definitely check it out! I think this will be a nice step to help teach me these concepts and get me to the other projects!
Super cool, I’m gonna host it when I have some time !
Did the LLM choose the name? There’s an obvious existing semantic link between PRISM and intel, so congrats on choosing an un-searchable name.
Xd, prism is basically un-googleable that one’s on me cause there is not a great SEO foresight. The name was mine though
Some mailchecks would be useful. DNS and the server responses.
Edit: Oops, just found it, different section. Valid DKIM check would be handy. Also, I’m not sure what “Deliverable” is about, comes up as “No” for a domain I use for email with no issues.
Thanks, gotcha. I figured marking those cases as inconclusive makes a lot more sense than treating them as failures. It should cut down on false alarms from catch-all and greylisted servers while still keeping the results reliable. Since I’m already checking MX, SPF, and DMARC, I should have enough confidence without being overly aggressive
Soviet Union TLD is an interesting choice lol
Full of AI fingerprints yet no disclosure.
Yep, I’m a solo dev and I use AI assistance while building this. So, I should’ve been upfront about it. The code’s all reviewed, tested, and MIT-licensed, so it’s fully auditable. I’ll add a disclosure to the README
Registrar privacy is in fact used. It’s just the Namecheap abuse email address and an anonymized *@withheldforprivacy.com mail address. It shouldn’t list those as results.
Thanks, I’ll fix that. I’ll add a filter for known privacy-proxy and registrar abuse domains