CLI-Based Recon and Threat Intelligence Framework
Project description
DEFCON 34🗓️ Aug 6–9, 2026 • Las Vegas • Upcoming Farsight: Turning OSINT into Actionable Attack Surface Intelligence |
BLACKHAT 2025🎯 Oct 1–2, 2025 • Toronto • Presented |
FARSIGHT
A fast, modular CLI recon and threat-intelligence framework. Works with or without API keys.
Features
- Organization Discovery: WHOIS, certificate transparency, passive DNS, related domains
- Recon & Asset Discovery: DNS enumeration, subdomain discovery, async port scanning
- Threat Intelligence: leak detection, credential exposure, dark web mentions, email reputation
- Typosquatting Detection: domain permutation, content similarity, risk scoring
- News Monitoring: relevance-scored news tracking across multiple sources
- Reporting: Markdown and PDF output with executive summaries
- API-optional: works out of the box; add keys (Shodan, Censys, VirusTotal, ...) for deeper results
Install
pip install --pre farsight-recon
(--pre is required while FARSIGHT is in beta. The PyPI distribution is named farsight-recon since farsight was already taken, but it installs the same farsight command.)
With Poetry:
poetry add farsight-recon --allow-prereleases
Or run from source:
git clone https://github.com/seedon198/Farsight.git
cd Farsight
python3 -m venv venv && source venv/bin/activate
pip install -r requirements.txt
Requires Python 3.10+.
Usage
# Basic scan (org discovery + recon)
farsight scan example.com
# Everything, verbose
farsight scan example.com --all --verbose
# Specific modules, PDF output
farsight scan example.com -m org -m threat --output report.pdf
Running from source instead of a pip install? Swap farsight for python -m farsight in any command above.
Run farsight scan --help for the full option list.
Web UI
A local-only web UI wraps the same scan modules with a live-progress browser view:
pip install -r requirements-web.txt
python -m farsight web
Opens a browser at http://127.0.0.1:8000 with real-time module progress, live stats, and an in-browser report with Markdown/PDF download. Binds to loopback only — there's no authentication, so don't expose it beyond your own machine. Run python -m farsight web --help for options.
API Keys (optional)
FARSIGHT works with zero configuration. Set these for deeper results:
export FARSIGHT_SHODAN_API_KEY="..."
export FARSIGHT_CENSYS_API_KEY="..."
export FARSIGHT_SECURITYTRAILS_API_KEY="..."
export FARSIGHT_VIRUSTOTAL_API_KEY="..."
export FARSIGHT_INTELX_API_KEY="..."
export FARSIGHT_LEAKPEEK_API_KEY="..."
Development
pip install -r requirements-dev.txt
pytest tests/
Contributions welcome: fork, branch, open a PR.
License
MIT. See LICENSE.
Disclaimer
For authorized security assessments only. Always get permission before scanning a domain or network you don't own.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file farsight_recon-2.0.0b2.tar.gz.
File metadata
- Download URL: farsight_recon-2.0.0b2.tar.gz
- Upload date:
- Size: 199.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
52ba830972ea25029e1d2150e391b5599bac25e5ca79b52a00b1d20e638ab5a8
|
|
| MD5 |
2bc6f1ca0cf3201e4f24f3767e8b723e
|
|
| BLAKE2b-256 |
72055c97b986fe068a5768e7d3e2e1ae3211398e90b7eca3f146ce080306efe1
|
Provenance
The following attestation bundles were made for farsight_recon-2.0.0b2.tar.gz:
Publisher:
publish-pypi.yml on seedon198/Farsight
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
farsight_recon-2.0.0b2.tar.gz -
Subject digest:
52ba830972ea25029e1d2150e391b5599bac25e5ca79b52a00b1d20e638ab5a8 - Sigstore transparency entry: 2176076235
- Sigstore integration time:
-
Permalink:
seedon198/Farsight@2ead2539a9b0c3a9276cb73115577d16c616e731 -
Branch / Tag:
refs/tags/v2.0.0-beta.2 - Owner: https://github.com/seedon198
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi.yml@2ead2539a9b0c3a9276cb73115577d16c616e731 -
Trigger Event:
release
-
Statement type:
File details
Details for the file farsight_recon-2.0.0b2-py3-none-any.whl.
File metadata
- Download URL: farsight_recon-2.0.0b2-py3-none-any.whl
- Upload date:
- Size: 212.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3b148227743fa761e7cc8f699dd682ea1809cc15fbb741d84be9c50765dc9005
|
|
| MD5 |
624ecf815c94e8c17d95e417e4a54e6a
|
|
| BLAKE2b-256 |
28751caaab3268fa9e8154562ee306b624c655a8fa1466bb4842a74bd508e1fe
|
Provenance
The following attestation bundles were made for farsight_recon-2.0.0b2-py3-none-any.whl:
Publisher:
publish-pypi.yml on seedon198/Farsight
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
farsight_recon-2.0.0b2-py3-none-any.whl -
Subject digest:
3b148227743fa761e7cc8f699dd682ea1809cc15fbb741d84be9c50765dc9005 - Sigstore transparency entry: 2176076292
- Sigstore integration time:
-
Permalink:
seedon198/Farsight@2ead2539a9b0c3a9276cb73115577d16c616e731 -
Branch / Tag:
refs/tags/v2.0.0-beta.2 - Owner: https://github.com/seedon198
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi.yml@2ead2539a9b0c3a9276cb73115577d16c616e731 -
Trigger Event:
release
-
Statement type: