Pockint: a portable OSINT Swiss Army Knife
POCKINT stands for "Pocket Intelligence".
It is an OSINT multi purposes GUI program designed to be a lightweight and portable.
POCKINT provides users with essential OSINT capabilities:
input box accepts typical indicators (URL, IP, MD5) and gives users the ability to perform basic OSINT data mining tasks in an iterable manner.
![](/assets/2019/12/immagine-96.png)
POCKINT is available for Windows and Linux platforms, is provided as a single executable that can be stored and run and the installation process is really fast&simple: just grab the latest version from the releases page.
Basic, but fast!
![](/assets/2019/12/POCKINT.gif)
Obviously, there are a lot of OSINT tools with a great feature catalog (such as Maltego or pOSINT), however
POCKINT focuses on simplicity: INPUT > RUN TRANSFORM > OUTPUT … rinse and repeat. It's the ideal tool to get results quickly and easily through a simple interface.
Data mining capabilities
POCKINT combines free OSINT sources (whois/DNS) with data retrieve using a set of specialised APIs.
So, adding a couple of API keys and you can unlock even more specialised data mining capabilities.
The tool is capable of running the following data mining tasks:
Domains
Source | Transform | API key needed? |
---|---|---|
DNS | IP lookup | ❌ |
DNS | MX lookup | ❌ |
DNS | NS lookup | ❌ |
DNS | TXT lookup | ❌ |
Virustotal | Downloaded samples | ✔️ |
Virustotal | Detected URLs | ✔️ |
Virustotal | Subdomains | ✔️ |
IP Addresses
Source | Transform | API key needed? |
---|---|---|
DNS | Reverse lookup | ❌ |
Shodan | Ports | ✔️ |
Shodan | Geolocate | ✔️ |
Shodan | Coordinates | ✔️ |
Shodan | CVEs | ✔️ |
Shodan | ISP | ✔️ |
Shodan | City | ✔️ |
Shodan | ASN | ✔️ |
Virustotal | Network report | ✔️ |
Virustotal | Communicating samples | ✔️ |
Virustotal | Downloaded samples | ✔️ |
Virustotal | Detected URLs | ✔️ |
URLs
Source | Transform | API key needed? |
---|---|---|
DNS | Extract hostname | ❌ |
Virustotal | Malicious check | ✔️ |
Virustotal | Reported detections | ✔️ |
Hashes
Source | Transform | API key needed? |
---|---|---|
Virustotal | Malicious check | ✔️ |
Virustotal | Malware type | ✔️ |
EMails
Source | Transform | API key needed? |
---|---|---|
N/A | Extract domain | ❌ |