Flowsint
Flowsint is an open-source OSINT graph exploration tool designed for ethical investigation, transparency, and verification.
Ethics: Please read ETHICS.md for responsible use guidelines.
https://github.com/user-attachments/assets/eaabfa81-d7b3-414d-8cf7-f69b4e37bab6
https://github.com/user-attachments/assets/7457d94a-cf1d-4a97-949f-f9b1d8d92644
https://github.com/user-attachments/assets/65c3f26e-7132-4853-be45-21b8933688bd
Contributing
Flowsint is still in early development and definetly needs the help of the community! Feel free to raise issues, propose features, etc.
Get started
Don't want to read ? Got it. Here's your install instructions:
Linux / macOS
1. Install pre-requisites
- Docker
- Make
2. Run install command
git clone https://github.com/reconurge/flowsint.git
cd flowsint
make prod
Windows
No Make needed. Works in both Command Prompt (cmd) and PowerShell.
1. Install pre-requisites
- Docker Desktop (make sure it is running before the next step)
- Git
2. Clone and set up environment files
git clone https://github.com/reconurge/flowsint.git
cd flowsint
copy .env.example .env
copy .env.example flowsint-api\.env
copy .env.example flowsint-core\.env
copy .env.example flowsint-app\.env
3. Start
docker compose -f docker-compose.prod.yml up -d
This pulls the pre-built images from GitHub Container Registry — no local build needed.
First login
Then go to http://localhost:5173/register and create an account. There are no credentials or account by default.
✅ OSINT investigations need a high level of privacy. Everything is stored on your machine.
Deploy on a network (team / server)
The same setup works out of the box on a server: the frontend serves the UI and proxies all API calls internally, so no extra configuration is needed for clients.
git clone https://github.com/reconurge/flowsint.git
cd flowsint
cp .env.example .env
# Edit .env — see "Before exposing to a network" below
docker compose -f docker-compose.prod.yml up -d
Anyone on the network can then access Flowsint at http://<server-ip>:5173.
Before exposing to a network, change the default secrets in .env:
AUTH_SECRET— signs authentication tokens. Generate one:openssl rand -hex 32MASTER_VAULT_KEY_V1— encrypts stored API keys. Generate one:python3 -c "import os, base64; print('base64:' + base64.b64encode(os.urandom(32)).decode())"NEO4J_PASSWORD— Neo4j database password.
Also add your server hostname/IP to the Host-header allowlist in flowsint-app/nginx.conf (look for map $http_host $is_flowsint_host). The default allowlist accepts only localhost / 127.0.0.1 / [::1], which defends single-user installs against DNS rebinding; LAN and public deploys must opt-in their own hostname. Two commented-out template lines in the same map block show the format.
Only port 5173 is exposed to the network. PostgreSQL, Redis, Neo4j and the API are bound to 127.0.0.1 on the server and reachable only through the frontend proxy.
To pin a specific version instead