OSINT Tool Tuesday - Zen
Learn how to use Zen for OSINT investigations
👋 Welcome to OSINT Tool Tuesday. This week we’re looking into Zen, an email OSINT tool you can use to investigate profiles on GitHub. This is a tool I’ve used on several occasions to conduct research into malicious activity found on GitHub as well as helping others do investigations on international crime. I’ll share some of those anecdotes in this issue.
🚨 This tool has been added to the OSINT Resources for Email Addresses page on The OSINT Newsletter for easy reference later. That list serves as a roadmap for new tutorials in the future. If there are any tools you’d like to see added to the list and covered, please reach out jake@osint.news with details.
Let’s get started. ⬇️
Zen
Zen is a very basic OSINT tool that allows you to get an email address for a specific GitHub user or find all of the email addresses that have contributed to a particular project or organization. This tool will not allow you to look up an email address; rather, it allows you to discover an email address. This tool requires very little setup and is very beginner-friendly if you’re new to command-line tools.
🎩 H/T: Somdev Sangwan
In this tutorial we’re going to look at the following:
Set up and configuration
Download with Git
Python library installation
Usage
Searching by profile username
Searching by GitHub repository
Searching by GitHub organization
Use cases
Using GitHub to find email addresses for other profiles
Investigating exploit/proof of concept developers
Pivoting from GitHub to other accounts
Let’s get started. ⬇️
Setup
The setup and installation of Zen is pretty simple relative to other GitHub tools. First, you’ll need to use git to clone the repository to your device.
If you don’t have git installed on your device, here are some instructions.
git clone https://github.com/s0md3v/Zen.gitOnce you have that repository cloned, open it using the following command.
cd ZenNow that you have that directory open, use the ls command to inspect the files. It should look something like this.
jakecreps@Macbook Zen % ls
LICENSE README.md requirements.txt zen.pyNext, make sure you install the dependencies using the following command.
pip install -r requirements.txtIf successful, it should look something like this.
jakecreps@Macbook Zen % pip install -r requirements.txt
Requirement already satisfied: requests in /opt/homebrew/lib/python3.11/site-packages (from -r requirements.txt (line 1)) (2.31.0)
Requirement already satisfied: charset-normalizer<4,>=2 in /opt/homebrew/lib/python3.11/site-packages (from requests->-r requirements.txt (line 1)) (3.1.0)
Requirement already satisfied: idna<4,>=2.5 in /opt/homebrew/lib/python3.11/site-packages (from requests->-r requirements.txt (line 1)) (3.4)
Requirement already satisfied: urllib3<3,>=1.21.1 in /opt/homebrew/lib/python3.11/site-packages (from requests->-r requirements.txt (line 1)) (2.0.3)
Requirement already satisfied: certifi>=2017.4.17 in /opt/homebrew/lib/python3.11/site-packages (from requests->-r requirements.txt (line 1)) (2023.5.7)🗒️ I already have the requirements satisfied for using Zen. Yours might look a bit different if libraries need to be installed.
This should satisfy all of the requirements to set up and use Zen.
Usage
Now that we have installed Zen, let’s take a look at what options are available. Start by using the following command.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.