OnionScan
๐ General OSINT ยท Go
OnionScan is a tool for investigating dark web hidden services (.onion sites) for operational security weaknesses. It identifies information leaks that could deanonymize hidden service operators, including exposed server status pages, analytics tracking codes, EXIF metadata in images, SSH fingerprints, email addresses, Bitcoin addresses, leaked IP addresses in headers, and linked clearnet infrastructure. OnionScan correlates findings across multiple hidden services to identify common operators. It is used by researchers and law enforcement to investigate dark web infrastructure and by operators to audit their own hidden services for OPSEC failures.
Installation
$ go install github.com/s-rah/onionscan@latestUse Cases
- Investigating dark web hidden services for OPSEC leaks
- Correlating multiple .onion sites to common operators
- Auditing hidden service configurations for information exposure
- Discovering clearnet infrastructure linked to onion services
Tags
Details
- Category
- ๐ General OSINT
- Language
- Go
- Repository
- s-rah/onionscan
- Platforms
- ๐งlinux๐macos๐ชwindows
Links
Community Reviews
Alternatives & Comparisons
More in General OSINT
theHarvester
PythonGathers emails, names, subdomains, IPs, and URLs from multiple public sources for passive recon.
SpiderFoot
PythonAutomated OSINT with 200+ modules. Web UI for scanning IPs, domains, emails, names, and more.
Maltego CE
JavaVisual link analysis tool for OSINT. Maps relationships between people, companies, domains, and infrastructure.
Holehe
PythonCheck if an email is registered on 120+ sites. Uses password recovery mechanisms to verify without logging in.
ExifTool
PerlRead, write, and edit metadata in files. Supports EXIF, GPS, IPTC, XMP, and more across dozens of formats.
PhoneInfoga
GoAdvanced phone number OSINT. Scans phone numbers using free resources to gather standard and disposable info.