Β
Β
Β
Omnisci3nt is a comprehensive web reconnaissance and intelligence framework designed for cybersecurity professionals, ethical hackers, and security researchers. It enables automated discovery and analysis of domain-related data such as subdomains, SSL/TLS certificates, exposed services, technologies, and archived web content.
By aggregating multiple reconnaissance techniques into a single workflow, Omnisci3nt helps users gain clear visibility into a domainβs external attack surface, configuration posture, and historical footprint. This makes it an effective tool for security assessments, bug bounty reconnaissance, threat modeling, and defensive research.
Omnisci3nt is intended for authorized testing and security analysis, helping teams understand and reduce unintended exposure across internet-facing assets.
Omnisci3nt is designed for security research and authorized reconnaissance only.
π‘ For full functionality and better performance, a local installation is recommended.
| Feature | Description |
|---|---|
| IP Lookup | Retrieve geolocation and ISP data |
| WHOIS Lookup | Get domain registration information |
| HTTP Header Analysis | Analyze response headers |
| SSL Inspection | Fetch and inspect SSL certificate |
| DNS Enumeration | Gather DNS, Reverse, and Shared DNS records |
| Subdomain Discovery | Identify subdomains using various techniques |
| Port Scanning | Scan and detect open ports |
| Directory Brute-Force | Discover hidden files and directories |
| Web Crawling | Fetch links, robots.txt, and sitemap.xml |
| Tech Detection | Detect technologies used by the website |
| Wayback Machine | View archived pages over time |
| DMARC Analysis | Check domain email authentication (SPF, DKIM, DMARC) |
| Social Media Discovery | Extract social profiles and emails |
| Admin Panel Detection | Identify admin login portals |
| Reverse DNS Lookup | Get hostnames from IP addresses |
| Shared DNS Lookup | Discover other domains on the same DNS server |
| vulnerabilities Scanner | Scan for common vulnerabilitie |
| Full Recon Mode | Run all modules for deep analysis |
git clone https://github.com/spyboy-productions/omnisci3nt.git
cd omnisci3nt
pip3 install -r requirements.txt
python3 -m omnisci3nt.omnisci3nt -hpython -m omnisci3nt.omnisci3nt -whois example.com
Install via pipx for isolated, global access:
python3 -m pip install --user pipx
python3 -m pipx ensurepathpipx install git+https://github.com/spyboy-productions/omnisci3nt.gitomnisci3nt -whois example.com| Command | Description |
|---|---|
-ip <domain> |
IP geolocation info |
-headers <domain> |
Show HTTP headers |
-whois <domain> |
WHOIS lookup |
-ssl <domain> |
SSL certificate analysis |
-dns <domain> |
DNS enumeration |
-reversedns <domain> |
Reverse DNS lookup |
-shareddns <domain> |
Domains on the same DNS |
-subdomains <domain> |
Subdomain enumeration |
-dmarc <domain> |
DMARC record validation |
-crawl <domain> |
Crawl and fetch links |
-robots <domain> |
Fetch robots.txt and sitemap.xml |
-tech <domain> |
Detect technologies used |
-wayback <domain> |
Archive data from Wayback Machine |
-social <domain> |
Extract social media/email |
-dirscan <domain> |
Directory brute-force |
-portscan <domain> |
Port scanning |
-admin <domain> |
Admin panel finder |
-vulnscan <domain> |
Run vulnerability scanner |
-all <domain> |
Run all tools in one go |
π To upgrade from GitHub
pipx upgrade omnisci3nt
# If you originally installed using a local directory (pipx install .), then use:
pipx install . --force
β To uninstall
pipx uninstall omnisci3nt
# Bonus: Check where it's installed
pipx list
Pull requests and issues are welcome! Found a bug? Have an idea? Letβs collaborate to improve Omnisci3nt.
- Integration with urlscan.io
- Email spoofability check via MX records
- Reverse IP lookup (domain neighbors)
- Banner grabbing
- CVE-based vulnerability check (top techs)
Need help or want to suggest a feature? Join our Discord server and connect with the community.