I’ve been building PRISM - a self-hosted OSINT toolkit you run yourself instead of pasting investigation targets into someone else’s web service.

Give it a domain, IP, email, phone, or username and it runs 22+ modules in parallel into one dashboard: WHOIS, DNS, crt.sh subdomains, GeoIP, threat intel (Shodan/VirusTotal/AbuseIPDB/Censys), breach data, username search across 3000+ sites (Blackbird + Maigret), dark-web mirror checks, and more. Results come with an entity graph, a GeoIP map, an OPSEC exposure score (0–100), and HTML/PDF/CSV/Markdown exports.

Your targets never leave your PC, and 14 of the 22 modules work with zero API keys (missing keys degrade gracefully instead of erroring).

Stack: FastAPI + Next.js 14, runs with one docker compose up. MIT licensed.

Demo: https://getprism.su/ Github: https://github.com/NovaCode37/Prism-platform

Built it solo - feedback welcome, especially on which modules you’d want added.

  • trulysoulless@lemmy.worldOPEnglish
    114·
    7 hours ago

    Yep, I’m a solo dev and I use AI assistance while building this. So, I should’ve been upfront about it. The code’s all reviewed, tested, and MIT-licensed, so it’s fully auditable. I’ll add a disclosure to the README

    • 4am@lemmy.zipEnglish
      177·
      6 hours ago

      So you vibecoded a security product and named it after a famous government program known for spying unlawfully on American citizens

      To what, capitalize on the SEO?

      This is kinda gross dude, not gonna lie

      • Eager Eagle@lemmy.worldEnglish
        10·
        6 hours ago

        at this point “prism” must be one of the most overused project names, there’s no hope for any seo using that name