PRISM - a self-hosted OSINT platform with a real-time dashboard
I've been building PRISM - a self-hosted OSINT toolkit you run yourself instead of pasting investigation targets into someone else's web service.
Give it a domain, IP, email, phone, or username and it runs 22+ modules in parallel into one dashboard: WHOIS, DNS, crt.sh subdomains, GeoIP, threat intel (Shodan/VirusTotal/AbuseIPDB/Censys), breach data, username search across 3000+ sites (Blackbird + Maigret), dark-web mirror checks, and more. Results come with an entity graph, a GeoIP map, an OPSEC exposure score (0–100), and HTML/PDF/CSV/Markdown exports.
14 of the 22 modules work with zero API keys (missing keys degrade gracefully instead of erroring).
Stack: FastAPI + Next.js 14, runs with one docker compose up. MIT licensed.
Demo: getprism.su/
Github: github.com/NovaCode37/Prism-pl…
Built it solo - feedback welcome, especially on which modules you'd want added.
GitHub - NovaCode37/Prism-platform: All-in-one OSINT platform — 20+ modules, AI analysis, real-time dashboard, OPSEC scoring. Scan domains, IPs, emails, phones, usernames.
All-in-one OSINT platform — 20+ modules, AI analysis, real-time dashboard, OPSEC scoring. Scan domains, IPs, emails, phones, usernames. - NovaCode37/Prism-platformGitHub
like this
don't like this
reshared this

irmadlad
in reply to trulysoulless • • •That's pretty darn cool:
trulysoulless
in reply to irmadlad • • •Hiya, love that you actually tested it. That's exactly the kind of 30-second recon it's built for. The "missing security headers" check catches a surprising number of sites.
If there's a module or source you'd want added, I'm genuinely taking requests that's how the roadmap gets shaped. Thanks for trying it!
irmadlad
in reply to trulysoulless • • •ArcaneSlime
in reply to trulysoulless • • •So I have an interest in self hosting things in the future (nextcloud, chatmail), but for now I'm scared of opening my network to attacks, and also I don't have a network right now I just hotspot from my phone when needed and torrent things at my friend's house.
That said how would I go about using this? I'm guessing something to do with docker or porteus (maybe? The other one that wasn't vulnerable to that recent thing), then when I want to check out X website I just "spin up the docker container" (still not 100% what that means but I've heard the verbiage), hotspot the pc (for now), and run it through the program? Am I understanding that right?
Sorry I'm so green, gotta start somewhere! I feel like a grandma calling an Xbox a "Nintendo" haha.
irmadlad
in reply to ArcaneSlime • • •We all started at green. No shame.
So, yes OP is using Docker. Once you install Docker on your server, you 'spin up' the docker container using the Docker compose file:
github.com/NovaCode37/Prism-pl…
....and the associated .env file that houses all your environmental variables:
github.com/NovaCode37/Prism-pl…
Prism-platform/docker-compose.yml at main · NovaCode37/Prism-platform
GitHubArcaneSlime
in reply to irmadlad • • •irmadlad
in reply to ArcaneSlime • • •ArcaneSlime
in reply to irmadlad • • •FauxLiving
in reply to ArcaneSlime • • •Putting yourself into the position of trying to solve a practical problem is the best way to learn.
If you fail completely, you can always restore your system and try again (you have a backup, right?)
ArcaneSlime
in reply to FauxLiving • • •Yes, but I'd still prefer not to have to spend the like ~2h reinstalling and replacing my files.
That said this seems like a pretty low stakes trial which is why I'm looking at it first. Worst case a reboot (or recovery through live booting) should fix most issues, I think, if I understand correctly. I don't plan to autostart the docker container so if it fucks my system up a reboot should put me back to normal if starting it breaks my sys right?
I do have some old laptops and an unopened router waiting for me to figure out openWRT. I could install some linux OS (deb?) on one of those and use that for docker, get off my ass and install openWRT on the router, and then use that to connect both devices (and I'd have to figure out which to hotspot but that is easy), if that'd be significantly safer for my daily driver. Then I'd have to figure out how to point my browser to that too though.
FauxLiving
in reply to ArcaneSlime • • •Yeah, this project is built as a docker container. The repo has instructions on starting the container. You should watch a few introductory videos on Docker so you understand the concepts and basic usage.
Once it's started, the machine that docker is running on will be serving a website that acts as the application. If you're running docker on your desktop you can then open a web browser and go to http://localhost:8080/ and you will see something that looks like the demo link above.
This doesn't expose it to the Internet. If you're running this on a home LAN with a router between you and the ISP's modem (or the ISP's modem is a router/AP) then only computers connected to your network will be able to access it. You would have to go to your router's administration console and specifically forward a port for that service so that people on the Internet could get past your modem.
ArcaneSlime
in reply to FauxLiving • • •realitaetsverlust
in reply to ArcaneSlime • • •Start with the documentation. Docker has a great introductory section that teaches you the basics.
docs.docker.com/get-started/in… (the pushing your image part is not that important, the rest is)
Running a project that does things you don't know is not the best thing to learn. Learning is done by going through the basics first, not immediately firing docker compose, which is one step above pure docker.
Introduction
Docker Inc (Docker Documentation)ArcaneSlime
in reply to realitaetsverlust • • •xyro
in reply to trulysoulless • • •eleijeep
in reply to trulysoulless • • •like this
K3CAN likes this.
trulysoulless
in reply to eleijeep • • •Eager Eagle
in reply to eleijeep • • •Cethin
in reply to eleijeep • • •PRISM - Wikipedia
Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)eleijeep
in reply to Cethin • • •caseyweederman
in reply to eleijeep • • •ikidd
in reply to trulysoulless • • •Some mailchecks would be useful. DNS and the server responses.
Edit: Oops, just found it, different section. Valid DKIM check would be handy. Also, I'm not sure what "Deliverable" is about, comes up as "No" for a domain I use for email with no issues.
trulysoulless
in reply to ikidd • • •Encrypt-Keeper
in reply to trulysoulless • • •like this
K3CAN likes this.
x00z
in reply to trulysoulless • • •trulysoulless
in reply to x00z • • •4am
in reply to trulysoulless • • •So you vibecoded a security product and named it after a famous government program known for spying unlawfully on American citizens
To what, capitalize on the SEO?
This is kinda gross dude, not gonna lie
Eager Eagle
in reply to 4am • • •clb92
in reply to trulysoulless • • •Registrar privacy is in fact used. It's just the Namecheap abuse email address and an anonymized *@withheldforprivacy.com mail address. It shouldn't list those as results.
trulysoulless
in reply to clb92 • • •mlg
in reply to trulysoulless • • •NSA is that you?
Also jokes aside, how does the use case compare to some existing tools like BBOT?
This seems morr geared towards public facing targets than targeted information OSINT (user profiling, etc.)
Decronym
in reply to trulysoulless • • •Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
[Thread #21 for this comm, first seen 20th Jun 2026, 21:30]
[FAQ] [Full list] [Contact] [Source code]
Decronym: A simple Reddit bot
Gistnotalannister
in reply to trulysoulless • • •K3CAN
in reply to notalannister • • •notalannister
in reply to K3CAN • • •chicken
in reply to notalannister • • •notalannister
in reply to chicken • • •WhyJiffie
in reply to trulysoulless • • •how can that be true if the whole thing relies on sending the infos to the API providers?
Matt
in reply to trulysoulless • • •Great name indeed.
Isn't this what every chatbot builds with by default?
PRISM - Wikipedia
Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)brainwashed
in reply to Matt • • •Matt
in reply to brainwashed • • •Agent Infrastructure for TypeScript
Prismabrainwashed
in reply to Matt • • •Inside Ukraine’s Palantir-Powered AI War Room Guiding Drone Strikes Deep Into Russia
Ivan Khomenko (UNITED24 Media)quick_snail
in reply to trulysoulless • • •