Back to browse
Osint tool that finds exposed files on domains

Osint tool that finds exposed files on domains

by PatchRequest·Jul 5, 2026·20 points·5 comments

Post Description

hey guys, wanted to show one of my side projects i just made public.

the idea is basically another osint tool for pentesters and bug bounty hunters. it watches certificate transparency logs and checks newly-seen domains for exposed stuff like .env files, open .git dirs, config files, db dumps and so on, and puts whatever it finds into a searchable db. you just search a domain (or part of one) and see what's exposed.

it's read-only and free. one thing i've been thinking about adding is a way to register for certain keywords and get notified when something new shows up for that search.

would love to hear if you have other ideas for useful features, and also ideas for how to reduce abuse of the data, since that's the part i'm least sure about.

https://search.cerast-intelligence.com/

Similar Projects

Security●●Solid

Lumina – passive OSINT recon tool for domains

Pulls together passive sources — crt.sh, Wayback, GitHub search, Shodan and Hunter — into a single HTML+JSON output so you can run recon without touching the target. It isn't reinventing OSINT, but the combination of multi-source subdomain enumeration, built-in WHOIS/JSON export and a ready-to-share dark report plus Docker support makes it an immediately useful tool for quick triage.

Niche GemShip It
surfruit
204mo ago