Search everything...

Stats

Actions

Available In

Help us improve

Share bugs, ideas, or general feedback.

osint - Claude Code Plugin | ClaudePluginHub

Plugin

osint

Name: osint
Author: lawriec

By lawriec

Open source intelligence (OSINT) research skill — investigate people, locations, domains, images, infrastructure, and digital artifacts using publicly available information

npx claudepluginhub lawriec/claude-osint-plugin --plugin osint

Popularity

Stars

Med: 0·Avg: 285

Installs

Top 5%

Med: 0·Avg: 1

Forks

Above avg

Med: 0·Avg: 37

Health & Quality

Maintenance

Above avg

Excellent9.0/10

Med: 7/10·Avg: 7.4/10

Community

14%

Med: 42%·Avg: 42.1%

What's Inside

Skills1

osint

/osint

Use when the user wants to conduct open source intelligence research — investigating people, locations, domains, images, infrastructure, vehicles, or digital artifacts using publicly available information. Triggers on: "OSINT", "investigate", "who is this person", "where was this photo taken", "find information about", "trace this", "identify this location", "lookup this domain", "reverse image search", "find this username", "social media footprint", "geolocate", "WHOIS", "DNS lookup", "EXIF data", "metadata analysis", "digital forensics", "blockchain trace", "IP lookup", "certificate transparency". Also triggers when the user provides an image and asks where it was taken, or provides a username and asks what accounts exist, or provides a domain and asks about its infrastructure.

MCP Servers9

Stats

Version1.2.0

LanguagePython

Stars0

Forks1

Copy clicks4

MaintenanceExcellent

Last CommitMay 10, 2026

AddedApr 21, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

Available In

osint

Safety Signals

Caution

External network access

Connects to servers outside your machine

Requires secrets

Needs API keys or credentials to function

Help us improve

Share bugs, ideas, or general feedback.

Setup

Configuration

This plugin requires configuration values that are prompted when the plugin is enabled. Sensitive values are stored in your system keychain.

SEARXNG_URL

URL of your SearXNG instance for multi-engine web search. Defaults to http://localhost:8080. See https://github.com/lawriec/mcp-searxng for Docker setup. Leave blank to use the default.

${user_config.SEARXNG_URL}

GEMINI_API_KEY

sensitive

Google Gemini API key for AI analysis of images, video, and audio. Get one at https://aistudio.google.com/apikey. Leave blank to disable the gemini MCP server.

${user_config.GEMINI_API_KEY}

TAVILY_API_KEY

sensitive

Tavily API key for focused web search and content extraction. Get one at https://tavily.com. Leave blank to disable the tavily MCP server.

${user_config.TAVILY_API_KEY}

REDDIT_CLIENT_ID

Optional: Reddit OAuth client ID for higher rate limits on the reddit MCP. Create one at https://www.reddit.com/prefs/apps. Leave blank to use anonymous mode (works but rate-limited).

${user_config.REDDIT_CLIENT_ID}

YTDLP_COOKIES_FILE

Optional: absolute path to a Netscape-format cookies.txt file for yt-dlp. Takes priority over YTDLP_COOKIES_FROM_BROWSER if both are set. Required for the Docker container (no host browser available). Leave blank to skip.

${user_config.YTDLP_COOKIES_FILE}

REDDIT_CLIENT_SECRET

sensitive

Optional: Reddit OAuth client secret matching REDDIT_CLIENT_ID. Leave blank to skip.

${user_config.REDDIT_CLIENT_SECRET}

REDDIT_REFRESH_TOKEN

sensitive

Optional: Reddit OAuth refresh token for persistent authentication. Leave blank to skip.

${user_config.REDDIT_REFRESH_TOKEN}

GOOGLE_VISION_API_KEY

sensitive

Google Cloud Vision API key for reverse image search. Enable the Cloud Vision API at https://console.cloud.google.com/apis/credentials. Free tier 1000 calls/month. Leave blank to disable the google-reverse-image MCP server.

${user_config.GOOGLE_VISION_API_KEY}

YTDLP_COOKIES_FROM_BROWSER

Optional: browser name (chrome, firefox, edge, safari, opera, brave, chromium) for yt-dlp to read YouTube cookies from. Strongly recommended for sustained yt-dlp use — without cookies, YouTube blocks most requests. Leave blank to skip.

${user_config.YTDLP_COOKIES_FROM_BROWSER}

README

OSINT Plugin for Claude Code

An open source intelligence (OSINT) research skill for Claude Code. Investigate people, locations, domains, images, infrastructure, and digital artifacts using publicly available information.

Installation

/plugin install osint@github:lawriec/claude-osint-plugin

What It Does

When you ask Claude Code to investigate something — a person, a location in a photo, a suspicious domain, an image's metadata — this plugin activates a structured OSINT methodology based on the intelligence cycle:

Define the intelligence requirement
Plan the collection strategy
Collect data across multiple sources
Analyze and cross-reference findings
Report with evidence provenance and confidence ratings

OSINT Domains

Domain	Capabilities
Geolocation	Identify locations from photos/video using signs, vegetation, road markings, sun position, architecture
People / Social Media	Username enumeration, profile correlation across platforms, SOCMINT
Domain / Infrastructure	WHOIS, DNS enumeration, subdomain discovery, certificate transparency, IP enrichment
Image / Video Forensics	EXIF extraction, reverse image search, manipulation detection, metadata analysis
Document Analysis	PDF metadata, email header analysis, file forensics
Vehicle / Object ID	License plates, aircraft tracking (ADS-B), ship tracking (AIS)
Cryptocurrency	Blockchain address lookup, wallet tracing, transaction analysis
Radio / Signals	Broadcast identification, amateur radio callsign lookup

MCP Servers

This plugin configures 9 MCP servers:

Server	Package	Purpose	API Key Required
searxng	`github:lawriec/mcp-searxng`	Primary search tool. Multi-engine web search via self-hosted SearXNG — queries Google, Bing, Brave, Yahoo, DuckDuckGo, and 250+ engines simultaneously. Full operator pass-through, category-based search, language filtering, and engine attribution.	No API key — requires Docker (see SearXNG Setup)
tavily	`tavily-mcp@latest`	Targeted web search with date filtering, content extraction, site crawling	Yes — `TAVILY_API_KEY`
gemini	`github:lawriec/mcp-gemini-media`	AI analysis of images, video, and audio files	Yes — `GEMINI_API_KEY`
google-reverse-image	`github:lawriec/mcp-google-reverse-image`	Reverse image search via Google Cloud Vision Web Detection — finds pages containing an image, exact/partial/visually-similar matches, and detected web entities. Accepts local paths or public URLs.	Yes — `GOOGLE_VISION_API_KEY`
yt-dl	`@kevinwatt/yt-dlp-mcp@latest`	YouTube search, metadata, downloads	No (but cookies strongly recommended — see below)
internet-archive	`github:lawriec/mcp-internet-archive`	Wayback Machine and Internet Archive access	No
video-reader	`github:lawriec/mcp-video-reader`	Video/image frame extraction, thumbnails, ffmpeg operations	No
common-crawl	`github:lawriec/mcp-common-crawl`	Search and extract content from Common Crawl web archives	No
reddit	`adhikasp/mcp-reddit`	Reddit thread discovery and post scraping	No (optional OAuth for higher rate limits)

SearXNG Setup

SearXNG is the plugin's primary search tool. It requires a local Docker instance — without it, searches fall back to the less capable WebSearch tool.

1. Install Docker if you don't have it: https://docs.docker.com/get-docker/

2. Start SearXNG using the pre-configured Docker Compose setup in the mcp-searxng repo:

git clone https://github.com/lawriec/mcp-searxng.git
cd mcp-searxng/docker
docker compose up -d

3. Verify it's running:

curl "http://localhost:8080/search?q=test&format=json" | head -c 200

4. Note the URL — you'll be asked for it when you install the plugin. The default is http://localhost:8080.

SearXNG runs as a lightweight Docker container. Start it before launching Claude Code and leave it running — it uses minimal resources when idle.

Optional: VPN protection — SearXNG queries upstream engines (Google, Bing, etc.) directly from your IP. During intensive OSINT sessions this can lead to rate-limiting or blocking. The mcp-searxng Docker setup includes an optional OpenVPN sidecar that routes all search traffic through a VPN tunnel:

Place .ovpn files from your VPN provider (NordVPN, ExpressVPN, Surfshark, ProtonVPN, Mullvad, etc.) into a folder
If your provider requires auth, add a default.auth file (username line 1, password line 2)
Set environment variables and start with the VPN override:

View full README on GitHub

Help us improve

Find plugins for your project

Help us improve

osint

Popularity

Health & Quality

What's Inside

Help us improve

Confidence

Setup

Configuration

README

OSINT Plugin for Claude Code

Installation

What It Does

OSINT Domains

MCP Servers

SearXNG Setup

Similar Plugins

claude-mem

nanobanana

human-resources

product-management

marketing

sales

More by lawriec

lost-media-search

OSINT Plugin for Claude Code

Installation

What It Does

OSINT Domains

MCP Servers

SearXNG Setup

More by lawriec

lost-media-search

Similar Plugins

claude-mem

nanobanana

human-resources

product-management

marketing

sales

Popularity

Health & Quality