IntelTrace is a Linux-first OSINT automation toolkit with a hacker-themed Flask dashboard. It collects public intelligence for IPs, emails, phone numbers and usernames, correlates results, stores them in MongoDB and generates PDF/JSON reports.
LEGAL.md file.
- IP Intelligence: WHOIS, geolocation, ISP/ASN detection, VPN/proxy detection, blacklist checks
- Email Intelligence: Breach detection, domain reputation analysis
- Phone Intelligence: Carrier detection, country code lookup
- Username Intelligence: Cross-platform discovery (GitHub, Twitter/X, Reddit, Instagram, Facebook, Medium)
- Dark Web Scanner: Tor-based username search simulation (requires Tor service)
- Reputation Scoring Engine: Risk profiling based on collected intelligence
- Timeline Builder: Chronological event tracking
- MongoDB Persistence: Store all investigation cases
- PDF Report Generator: Professional investigation reports with ReportLab
- JSON Export: Machine-readable output format
- Hacker-Themed Flask Web Dashboard with:
- Black background with neon green font
- Matrix digital rain animation
- Animated scan progress
- Scrolling recon results
- Blinking cursor effects
- Left cyber menu panel
- ASCII art banners
- Status color indicators
- CLI Interface: Command-line execution for automation
- Linux OS (tested on Ubuntu/Debian)
- Python 3.8+
- MongoDB (optional, for persistence)
- Tor (optional, for dark web features)
- Clone and setup:
cd /home/darkseid/Tools/IntelTrace
chmod +x setup.sh run.sh
./setup.sh- Start required services (optional):
# MongoDB
sudo systemctl start mongod
# Tor (for dark web features)
sudo apt install tor
sudo systemctl start tor- Configure environment:
cp .env.example .env
# Edit .env with your settings if needed./run.shThen open your browser to: http://127.0.0.1:5000
source venv/bin/activate
python main.py ip 8.8.8.8
python main.py email test@example.com
python main.py phone +1234567890
python main.py username johndoe --investigator "Agent Smith"The hacker-style interface features:
- Matrix Effect: Scrolling green code animation on load
- Left Panel: Navigation menu with cyber aesthetics
- Scanner Console: Target input with type selection (IP/Email/Phone/Username)
- Live Log: Real-time scan progress with animated output
- Monospace Font: Authentic terminal feel
Reports are saved to ./reports/ directory:
{
"case_id": "IT-abcdef01",
"investigator": "Analyst",
"target_type": "username",
"target": "exampleuser",
"results": [...],
"reputation": {"score": 35, "factors": ["social_hits_1"]},
"timeline": [...]
}- Case ID and investigator name
- Intelligence summary
- OSINT sources used
- Breach results
- Dark web findings
- Social media discovery
- Digital footprint mapping
- Reputation risk score
- Timeline analysis
- Timestamp
- Backend: Python 3, Flask
- Database: MongoDB
- APIs: Public OSINT endpoints (ipinfo.io, haveibeenpwned, etc.)
- Anonymity: Tor integration via SOCKS5 proxy
- Reports: ReportLab (PDF), JSON
- Frontend: HTML5, CSS3, Vanilla JavaScript
IntelTrace/
βββ main.py # CLI orchestration entrypoint
βββ ui_engine.py # Flask web application
βββ database.py # MongoDB integration
βββ ip_intel.py # IP intelligence module
βββ email_intel.py # Email intelligence module
βββ phone_intel.py # Phone intelligence module
βββ username_intel.py # Username discovery module
βββ darkweb_scanner.py # Tor-based dark web scanner
βββ reputation_engine.py # Risk scoring engine
βββ timeline_builder.py # Event timeline generator
βββ report_generator.py # PDF/JSON report creator
βββ templates/ # Flask HTML templates
β βββ layout.html
β βββ index.html
βββ static/ # CSS and JavaScript assets
β βββ css/style.css
β βββ js/ui.js
βββ reports/ # Generated reports (auto-created)
βββ requirements.txt # Python dependencies
βββ setup.sh # Installation script
βββ run.sh # Launch script
βββ .env.example # Configuration template
βββ README.md # This file
βββ LEGAL.md # Legal disclaimer
βββ sample_output.json # Example output
READ THIS CAREFULLY:
IntelTrace is designed for:
- β Legal OSINT investigations
- β Security research on systems you own
- β Educational purposes
- β Public data collection only
IntelTrace is NOT for:
- β Unauthorized access to systems
- β Stalking or harassment
- β Illegal data scraping
- β Privacy violations
You are responsible for:
- Complying with all applicable laws in your jurisdiction
- Obtaining proper authorization before investigating targets
- Using the tool ethically and responsibly
- Understanding that some APIs require keys and terms acceptance
See LEGAL.md for detailed terms.
Edit .env to customize:
MONGO_URI=mongodb://localhost:27017
MONGO_DB=inteltrace
TOR_PROXY=socks5h://127.0.0.1:9050
REPORTS_DIR=./reports
INVESTIGATOR_NAME=AnalystFor production use, obtain API keys for:
- HaveIBeenPwned: Email breach lookups
- ipinfo.io: Enhanced IP geolocation
- Shodan: Advanced IP intelligence
- VirusTotal: Reputation checks
Add keys to .env and update respective modules.
# Check if MongoDB is running
sudo systemctl status mongod
# Start MongoDB
sudo systemctl start mongod# Install and start Tor
sudo apt install tor
sudo systemctl start tor
# Verify Tor is listening on port 9050
netstat -tlnp | grep 9050# Reinstall dependencies
source venv/bin/activate
pip install -r requirements.txtIntelTrace was created as a final year project demonstrating:
- OSINT automation techniques
- Cyber security investigation workflows
- Full-stack development (Python, Flask, MongoDB)
- UI/UX design for security tools
- Legal and ethical frameworks for intelligence gathering
This is an educational project. Feel free to fork and extend for your own learning purposes.
Educational Use Only β Use responsibly and ethically.
Built by a cyber intelligence engineer specializing in OSINT, SOC operations, and cybercrime investigation tools.
Disclaimer: The author is not responsible for misuse of this tool. Always operate within legal boundaries.
When scanning, the UI displays:
- π’ Green: Active scanning
- π‘ Yellow: Processing
- π΄ Red: Error/Warning
- βͺ White: Complete
Remember: With great power comes great responsibility. Use IntelTrace wisely! π΅οΈββοΈ