LookerBot is a project that leverages AI Agents to perform OSINT collection on a target organization that's built using HuggingFace's Smolagents library.
- Domain recon
- Uses DuckDuckGo searches & WHOIS records to identify domains associated with a target organization
- GitHub recon
- Uses the GitHub search API to identify repositories attributed to a target organization
- TruffleHog Integration for secret identification & verification
- DuckDuckGo recon
- Uses DuckDuckGo search queries to identify login pages, documents, etc. from identified domains
- Result verification
- Assigns a confidence score to each Result
- Removes results that are confidently not associated with the target
- Provides reasoning as to why a confidence score was assigned
- Create a Python virtual environment, you may want to use uv to manage your environments.
- Install the Python dependencies
pip install -r requirements.txt- Install TruffleHog - If on windows just place the binary within the LookerBot folder
- Create a GitHub personal access token with no permissions
- Copy
.sample.envto.env- and paste your GitHub PAT - If using OpenAI, HuggingFace, or another API to interact with your LLM, include your API key in
.env - Configure your operating system, max workers, etc. in
config.yaml
main.py openai "Tesla"
main.py litellm "Penn State"
main.py hf "Minitab"