OSINT tools

Clearfront runs 30 OSINT tools in a single sweep. Each one returns a real result the AI security analyst can verify, drawn from an open-source project, an API, or a public source. Every source below links to where it comes from. Tools marked API key need a free or paid key, binary need an external program installed, and keyless work out of the box.

Identity & accounts

  • search_usernameSherlockbinary

    Reused handles across 3,400+ sites, with confidence tiers.

  • search_maigretmaigretbinary

    Deep profile details from matched accounts across 3,000+ sites.

  • search_footprintDuckDuckGokeyless

    Public search-engine footprint for a target.

  • search_githubGitHubkeyless

    Public repos, commits, and leaked keys for a user or email.

  • search_gravatarGravatarkeyless

    Avatars and profiles from an email hash.

Email & breaches

  • search_emailholehebinary

    Which sites an email is registered on.

  • search_emailrepEmailRep.iokeyless

    Reputation, deliverability, and risk flags for an email.

  • search_breachHaveIBeenPwnedAPI key

    Appearances in known data breaches.

  • search_hudsonrockHudson Rockkeyless

    Exposure in infostealer-malware logs (defensive self-check).

  • search_pasteHaveIBeenPwnedAPI key

    Leaked data in public paste dumps.

  • search_cryptoBlockstreamkeyless

    On-chain balance and activity for a wallet address.

Domains & DNS

  • search_domainSublist3rbinary

    Subdomains of a target domain.

  • search_whoispython-whoiskeyless

    Registrant, registrar, and key dates.

  • search_dnsdnspythonkeyless

    DNS records and mail-security config.

  • search_crtcrt.shkeyless

    Subdomains from certificate transparency.

  • search_waybackWayback Machinekeyless

    Historical and deleted pages from the archive.

  • search_harvestertheHarvesterbinary

    Emails and hosts for a domain from passive sources.

Network & threat intel

  • search_ipipinfo.iokeyless

    Geolocation, ASN, and host details.

  • search_exposureipinfo.iokeyless

    Reverse DNS, blocklists, and VPN/proxy detection, ranked by risk.

  • search_shodanShodanAPI key

    Internet-exposed devices and services.

  • search_censysCensysAPI key

    Hosts, certificates, and exposed services.

  • search_ip2locationIP2Location.ioAPI key

    Precise geolocation and VPN/proxy detection.

  • search_abuseipdbAbuseIPDBAPI key

    Abuse reports and blocklist status.

  • search_greynoiseGreyNoiseAPI key

    Mass-scanner noise vs. targeted actor.

  • search_virustotalVirusTotalAPI key

    Malware and reputation verdicts.

Phone & media

Dorking & fetch

  • generate_dorksGooglekeyless

    Targeted Google dork queries, generated offline.

  • search_dorks_liveBright DataAPI key

    Runs the dorks and returns live hits.

  • scrape_urlBright DataAPI key

    Pulls and parses any page for the AI security analyst.