Leebra selfhosted
login register

PRISM - a self-hosted OSINT platform with a real-time dashboard

3 days ago by trulysoulless to c/selfhosted

save

share

report

I've been building PRISM - a self-hosted OSINT toolkit you run yourself instead of pasting investigation targets into someone else's web service.

Give it a domain, IP, email, phone, or username and it runs 22+ modules in parallel into one dashboard: WHOIS, DNS, crt.sh subdomains, GeoIP, threat intel (Shodan/VirusTotal/AbuseIPDB/Censys), breach data, username search across 3000+ sites (Blackbird + Maigret), dark-web mirror checks, and more. Results come with an entity graph, a GeoIP map, an OPSEC exposure score (0–100), and HTML/PDF/CSV/Markdown exports.

14 of the 22 modules work with zero API keys (missing keys degrade gracefully instead of erroring).

Stack: FastAPI + Next.js 14, runs with one docker compose up. MIT licensed.

Demo: https://getprism.su/ Github: https://github.com/NovaCode37/Prism-platform

Built it solo - feedback welcome, especially on which modules you'd want added.

notalannister 52 points 2 days ago

Tried it. ANY given username generates a list of the same sites (e.g. instagram, reddit, imgur, etc) and simply slaps the given username to the base url and gives that as a "result" even if the user doesn't exist on that platform. Even the "AI Analysis" is simply a report of nonexistent platforms and users. You can achieve better results by simply using a bash script.

save

path: 0 24355992, hotness: undefined, score: 52, children: 4
K3can 3 points 2 days ago

Same experience. 🫀

save

path: 0 24355992 24356846, hotness: undefined, score: 3, children: 1
notalannister 1 point 2 days ago

Yeah. Very disappointing.

save

path: 0 24355992 24356846 24356926, hotness: undefined, score: 1, children: 0
chicken 2 points 2 days ago

What would be better ways of doing it?

save

path: 0 24355992 24356909, hotness: undefined, score: 2, children: 1
notalannister 12 points 2 days ago

use curl and try to "ping" the user page to see if it exists (200) or not (400)

save

path: 0 24355992 24356909 24357029, hotness: undefined, score: 12, children: 0
eleijeep 42 points 2 days ago

Did the LLM choose the name? There’s an obvious existing semantic link between PRISM and intel, so congrats on choosing an un-searchable name.

save

path: 0 24352762, hotness: undefined, score: 42, children: 5
Cethin 11 points 2 days ago

There's also the NSA PRISM, which is older than the current LLM garbage. It's just a basic ass name that makes for a good pun on something that changes how you see things.

save

path: 0 24352762 24358101, hotness: undefined, score: 11, children: 1
eleijeep 8 points 2 days ago

Yes that’s the one I was referring to.

save

path: 0 24352762 24358101 24361048, hotness: undefined, score: 8, children: 0
trulysoulless 4 points 2 days ago

Xd, prism is basically un-googleable that one's on me cause there is not a great SEO foresight. The name was mine though

save

path: 0 24352762 24353742, hotness: undefined, score: 4, children: 0
eager_eagle 3 points 2 days ago

yeah, I know of two other tools with that name just from my workplace, both probably suggested by ai

save

path: 0 24352762 24355397, hotness: undefined, score: 3, children: 0
caseyweederman 2 points 18 hours ago

Especially rough with the Snowden post on the top of most people's front page today.

save

path: 0 24352762 24378428, hotness: undefined, score: 2, children: 0
x00z 41 points 2 days ago

Full of AI fingerprints yet no disclosure.

save

path: 0 24354185, hotness: undefined, score: 41, children: 3
trulysoulless 2 points 2 days ago

Yep, I'm a solo dev and I use AI assistance while building this. So, I should've been upfront about it. The code's all reviewed, tested, and MIT-licensed, so it's fully auditable. I'll add a disclosure to the README

save

path: 0 24354185 24354355, hotness: undefined, score: 2, children: 2
4am 46 points 2 days ago

So you vibecoded a security product and named it after a famous government program known for spying unlawfully on American citizens

To what, capitalize on the SEO?

This is kinda gross dude, not gonna lie

save

path: 0 24354185 24354355 24354971, hotness: undefined, score: 46, children: 1
eager_eagle 22 points 2 days ago

at this point "prism" must be one of the most overused project names, there's no hope for any seo using that name

save

path: 0 24354185 24354355 24354971 24355445, hotness: undefined, score: 22, children: 0
WhyJiffie 28 points 2 days ago

Your targets never leave your PC

how can that be true if the whole thing relies on sending the infos to the API providers?

save

path: 0 24357709, hotness: undefined, score: 28, children: 0
irmadlad 13 points 3 days ago

That's pretty darn cool:

save

path: 0 24351076, hotness: undefined, score: 13, children: 2
trulysoulless 10 points 2 days ago

Hiya, love that you actually tested it. That's exactly the kind of 30-second recon it's built for. The "missing security headers" check catches a surprising number of sites.

If there's a module or source you'd want added, I'm genuinely taking requests that's how the roadmap gets shaped. Thanks for trying it!

save

path: 0 24351076 24351796, hotness: undefined, score: 10, children: 1
irmadlad 3 points 2 days ago

You bet. I've dropped it in my 'Projects' folder. Thank you for sharing.

save

path: 0 24351076 24351796 24352107, hotness: undefined, score: 3, children: 0
EncryptKeeper 12 points 2 days ago

Soviet Union TLD is an interesting choice lol

save

path: 0 24353262, hotness: undefined, score: 12, children: 0
quick_snail 9 points 2 days ago

Terrible name. It's taken.

save

path: 0 24364101, hotness: undefined, score: 9, children: 0
DieserTypMatthias 6 points 2 days ago

Great name indeed.

Stack: FastAPI + Next.js 14, runs with one docker compose up. MIT licensed.

Isn't this what every chatbot builds with by default?

save

path: 0 24361232, hotness: undefined, score: 6, children: 3
brainwashed 1 point a day ago

Isn't there also a palantir module called prisma or something?

save

path: 0 24361232 24375875, hotness: undefined, score: 1, children: 2
DieserTypMatthias 1 point 21 hours ago

AFAIK no. The only prisma I know is this one.

save

path: 0 24361232 24375875 24376507, hotness: undefined, score: 1, children: 1
brainwashed 1 point 18 hours ago

save

path: 0 24361232 24375875 24376507 24378059, hotness: undefined, score: 1, children: 0
mlg 3 points 2 days ago

NSA is that you?

Also jokes aside, how does the use case compare to some existing tools like BBOT?

This seems morr geared towards public facing targets than targeted information OSINT (user profiling, etc.)

save

path: 0 24354557, hotness: undefined, score: 3, children: 0
ArcaneSlime 3 points 2 days ago

So I have an interest in self hosting things in the future (nextcloud, chatmail), but for now I'm scared of opening my network to attacks, and also I don't have a network right now I just hotspot from my phone when needed and torrent things at my friend's house.

That said how would I go about using this? I'm guessing something to do with docker or porteus (maybe? The other one that wasn't vulnerable to that recent thing), then when I want to check out X website I just "spin up the docker container" (still not 100% what that means but I've heard the verbiage), hotspot the pc (for now), and run it through the program? Am I understanding that right?

Sorry I'm so green, gotta start somewhere! I feel like a grandma calling an Xbox a "Nintendo" haha.

save

path: 0 24352228, hotness: undefined, score: 3, children: 10
irmadlad 3 points 2 days ago

Sorry I’m so green, gotta start somewhere!

We all started at green. No shame.

So, yes OP is using Docker. Once you install Docker on your server, you 'spin up' the docker container using the Docker compose file:

https://github.com/...

....and the associated .env file that houses all your environmental variables:

https://github.com/...

save

path: 0 24352228 24352872, hotness: undefined, score: 3, children: 5
ArcaneSlime 2 points 2 days ago

Awesome, thank you for the help/info! This seems like a good first step, I'll try it out!

save

path: 0 24352228 24352872 24353384, hotness: undefined, score: 2, children: 4
irmadlad 3 points 2 days ago

Give it a go man. What's the worst that can happen? .....you have to drop back and do some studyin'. That's pretty much how I learn. Read, Do, Fuck it up ad nauseam until it clicks, then I write that shit down.

save

path: 0 24352228 24352872 24353384 24353441, hotness: undefined, score: 3, children: 3
ArcaneSlime 3 points 2 days ago

Same here lol, I will for sure!

save

path: 0 24352228 24352872 24353384 24353441 24354055, hotness: undefined, score: 3, children: 2
FauxLiving 3 points 2 days ago

Yeah, this project is built as a docker container. The repo has instructions on starting the container. You should watch a few introductory videos on Docker so you understand the concepts and basic usage.

Once it's started, the machine that docker is running on will be serving a website that acts as the application. If you're running docker on your desktop you can then open a web browser and go to http://localhost:8080/ and you will see something that looks like the demo link above.

This doesn't expose it to the Internet. If you're running this on a home LAN with a router between you and the ISP's modem (or the ISP's modem is a router/AP) then only computers connected to your network will be able to access it. You would have to go to your router's administration console and specifically forward a port for that service so that people on the Internet could get past your modem.

save

path: 0 24352228 24352904, hotness: undefined, score: 3, children: 1
ArcaneSlime 2 points 2 days ago

Awesome thanks for all the help and info, I'll definitely check it out! I think this will be a nice step to help teach me these concepts and get me to the other projects!

save

path: 0 24352228 24352904 24353367, hotness: undefined, score: 2, children: 0
realitaetsverlust 2 points 2 days ago

Sorry I’m so green, gotta start somewhere!

Start with the documentation. Docker has a great introductory section that teaches you the basics.

https://docs.docker.com/get-started/introduction/ (the pushing your image part is not that important, the rest is)

Running a project that does things you don't know is not the best thing to learn. Learning is done by going through the basics first, not immediately firing docker compose, which is one step above pure docker.

save

path: 0 24352228 24357917, hotness: undefined, score: 2, children: 1
ArcaneSlime 1 point 2 days ago

Thank you! I'll check out the docker docs before I try spinning this up as my first trial run!

save

path: 0 24352228 24357917 24358331, hotness: undefined, score: 1, children: 0
clb92 3 points 2 days ago

WHOIS exposes 2 contact email(s) β€” registrar privacy not used

Registrar privacy is in fact used. It's just the Namecheap abuse email address and an anonymized *@withheldforprivacy.com mail address. It shouldn't list those as results.

save

path: 0 24354302, hotness: undefined, score: 3, children: 1
trulysoulless 2 points 2 days ago

Thanks, I'll fix that. I'll add a filter for known privacy-proxy and registrar abuse domains

save

path: 0 24354302 24354366, hotness: undefined, score: 2, children: 0
xyro 1 point 2 days ago

Super cool, I'm gonna host it when I have some time !

save

path: 0 24352369, hotness: undefined, score: 1, children: 0
anotherandrew 1 point 2 days ago

This looks really cool. One minor bug: with the online demo, at least on mobile (chrome, iOS), the target text field never brings up the keyboard so it can’t be used.

save

path: 0 24351947, hotness: undefined, score: 1, children: 1
trulysoulless 2 points 2 days ago

Oh thanks, I'll fix that

save

path: 0 24351947 24352016, hotness: undefined, score: 2, children: 0
Decronym 1 point 2 days ago

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
AP WiFi Access Point
DNS Domain Name Service/System
ISP Internet Service Provider

[Thread #21 for this comm, first seen 20th Jun 2026, 21:30] [FAQ] [Full list] [Contact] [Source code]

save

path: 0 24355500, hotness: undefined, score: 1, children: 0
ikidd 0 points 2 days ago

Some mailchecks would be useful. DNS and the server responses.

Edit: Oops, just found it, different section. Valid DKIM check would be handy. Also, I'm not sure what "Deliverable" is about, comes up as "No" for a domain I use for email with no issues.

save

path: 0 24353075, hotness: undefined, score: 0, children: 1
trulysoulless 1 point 2 days ago

Thanks, gotcha. I figured marking those cases as inconclusive makes a lot more sense than treating them as failures. It should cut down on false alarms from catch-all and greylisted servers while still keeping the results reliable. Since I'm already checking MX, SPF, and DMARC, I should have enough confidence without being overly aggressive

save

path: 0 24353075 24353777, hotness: undefined, score: 1, children: 0
selfhosted
selfhosted

@lemmy.world

login for more options
60075
6388
7716

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

go to feed...