Graphical OSINT interface for KittySploit — visualize and chain reconnaissance modules on an interactive graph.
KittyOSINT automatically loads auxiliary modules from the OSINT group (auxiliary/osint/), runs transforms against your target, and aggregates results as nodes and edges (vis.js).
- Interactive graph — map entities (domains, IPs, emails, secrets, exposures, etc.) with category grouping, pivots, and view modes
- Module catalog — list filtered by the entered target, with compatibility hints (domain, IP, URL, email, file, keyword)
- REST API — discover modules and run transforms from the UI or external integrations
- CLI mode — run all compatible modules sequentially on a target, without a web UI
- KittySploit integration — shared charter, encryption, and database with the framework
- KittySploit ≥ 1.0.0 (≤ 3.0.0)
- OSINT modules installed under
modules/auxiliary/osint/ - Python dependencies allowed by the extension:
flask,flask_cors,requests
From the KittySploit console:
kittysploit> market install kittyosintLocal install (development):
kittysploit> market install /path/to/KittyOsintThe extension type is UI; the entry point is src/main.py (defined in extension.toml).
After installation, launch the extension from the marketplace or directly:
python src/main.pyThe UI is served at http://127.0.0.1:8001 by default.
Available options:
| Option | Description | Default |
|---|---|---|
--host / --api-host |
Bind address | 127.0.0.1 |
--port / --api-port |
HTTP port | 8001 |
Examples:
python src/main.py --port 8003
python src/main.py --host 0.0.0.0 --port 8003On first startup, KittySploit may prompt for charter acceptance and encryption setup (sensitive data in the database).
Run all compatible OSINT modules on a target without opening a browser:
python src/main.py example.com
python src/main.py user@domain.tld
python src/main.py https://target.example/| Method | Route | Description |
|---|---|---|
GET |
/ |
Graphical interface |
GET |
/api/modules?target=… |
Module list (optional compatibility for the given target) |
POST |
/api/transform |
Run a module — JSON body: { "module": "<id>", "target": "<target>" } |
Typical transform response: raw, graph (nodes, edges), meta (timestamp, supported target types, etc.).
KittyOSINT auto-detects the target type and adjusts the module list:
| Type | Examples |
|---|---|
domain |
example.com |
ip |
203.0.113.10 |
url |
https://example.com/page |
email |
contact@example.com |
file |
path to an existing local file |
keyword |
other free-text input |
Incompatible modules are flagged in the UI and skipped in CLI mode (skipped + reason).
KittyOsint/
├── extension.toml # KittySploit marketplace metadata
├── src/
│ ├── main.py # Extension entry point (paths + delegation)
│ └── kittyosint/
│ ├── __init__.py # Flask app, CLI, framework init
│ ├── core.py # Module loading, compatibility, execution
│ ├── _paths.py # Shared static paths
│ ├── templates/ # HTML UI
│ └── static/ # Graph logic (vis.js)
└── LICENSE
- Clone the repo and install locally with
market install ./KittyOsint - Ensure the KittySploit framework and
auxiliary/osint/modules are available - Run
python src/main.pyand open the URL printed in the terminal
Network and database permissions are declared in extension.toml (network_access, database_access).
MIT — see LICENSE.
Copyright © 2026 IOTechnology.