HN Showcase
Back to browse
GitHub Repository

⚡ Passive OSINT reconnaissance tool — subdomains, GitHub leaks, Shodan, Wayback Machine

4 starsPython

Lumina – passive OSINT recon tool for domains

by surfruit·Feb 18, 2026·2 points·0 comments
Visit ProjectView on HN

AI Analysis

●●SolidNiche GemShip It
The Take

Pulls together passive sources — crt.sh, Wayback, GitHub search, Shodan and Hunter — into a single HTML+JSON output so you can run recon without touching the target. It isn't reinventing OSINT, but the combination of multi-source subdomain enumeration, built-in WHOIS/JSON export and a ready-to-share dark report plus Docker support makes it an immediately useful tool for quick triage.

Category
Security
Target Audience

Security researchers, penetration testers, bug bounty hunters, OSINT enthusiasts

Post Description

Hey! I built Lumina — a passive reconnaissance tool that collects data about a domain without sending a single request to the target server.

Features: - Subdomain enumeration (crt.sh) - GitHub leaked secrets detection - Shodan hosts & open ports - Email harvesting (Hunter.io) - DNS records (A, MX, NS, TXT, AAAA) - Tech stack detection - Beautiful HTML report

All API keys are free.

GitHub: https://github.com/surfruit/lumina

Similar Projects