Omnibus – OSINT Artifact Management Framework

An Omnibus is defined as a volume containing several novels or other items previously published separately and that is exactly what the InQuest Omnibus project intends to be for Open Source Intelligence collection, research, and artifact management.

By providing an easy to use interactive command line application, users are able to create sessions to investigate various artifacts such as IP addresses, domain names, email addresses, usernames, file hashes, Bitcoin addresses, and more.

Omnibus - The OSINT Omnibus
Omnibus – The OSINT Omnibus

Most cyber investigations begin with one or more technical indicators, such as an IP address, file hash or email address. After searching and analyzing, relationships begin to form and you can pivot through connected data points. These data points are called Artifacts within Omnibus and represent any item you wish to investigate.

Artifacts can be one of the following types:

  • IPv4 address
  • FQDN
  • Email Address
  • Bitcoin Address
  • File Hash (MD5, SHA1, SHA256, SHA512)
  • User Name

Currently the tool supports the following list of modules:

  • Blockchain.info
  • Censys
  • ClearBit
  • CSIRTG
  • Cymon
  • DNS resolution
  • DShield (SANS ISC)
  • Full Contact
  • Geolocation
  • GitHub username search
  • HackedEmails.com
  • HaveIBeenPwned.com
  • Hurricane Electric
  • IPInfo
  • IPVoid
  • Keybase username lookup
  • NMap scanner
  • OTX (AlienVault)
  • PassiveTotal
  • PGP Key Search
  • RSS reader 
  • Shodan
  • ThreatCrowd
  • ThreatExpert
  • Twitter
  • URLVoid
  • VirusTotal
  • WHOIS
  • WhoisMind

You can read more and download this tool over here: https://github.com/InQuest/omnibus

Share