Skip to content

kennbroorg/iKy

Repository files navigation

Redis Python Celery FastAPI Node Angular Docker

Logo

DescriptionΒ Β Β |Β Β Β InstallationΒ Β Β |Β Β Β WebsiteΒ Β Β |Β Β Β ModulesΒ Β Β |Β Β Β IssuesΒ Β Β |Β Β Β Supporting


iKy

Description

iKy is an OSINT tool that collects information from an email address or other selectors and displays the results in a visual interface.

(pending update: reflects the previous frontend)
Video Demo

Installation

Prerequisites

Quick start

git clone https://gitlab.com/kennbroorg/iKy.git
cd iKy
just build
just up

Open your browser at http://localhost:4300

To stop all services:

just down

just up starts backend, iky-frontend, and redis. No other services are launched by default.

Without Docker (native)

If you cannot run Docker, iKy can run natively: Caddy serves the pre-built frontend and Redis + Celery + Uvicorn run as local processes. Requires redis-server, Python 3.12, curl and tar on the host (Caddy is downloaded automatically).

just setup          # create the venv
just up-native      # installs deps, downloads Caddy + frontend, starts everything

Open your browser at http://localhost:4300. Stop with Ctrl-C or just down-native.

The frontend is pulled from the latest GitHub release β€” no Node build needed. tor is not launched in native mode; only the darkweb module needs it.

Architecture

Service Stack Port
backend FastAPI 0.115 + Celery 5.6 5000
iky-frontend Angular 21 + nginx 4300
redis Redis 7 56379 (host)
tor SOCKS5 proxy (darkweb module) internal

Modules

iKy routes 26 modules through backend/module_registry.py:

Category Modules
Social networks twitter, linkedin, instagram, tiktok, mastodon, twitch, reddit
Identity / username github, gitlab, keybase, sherlock, socialscan, holehe, usersearch, skype
Dating / payments tinder, venmo
Music spotify
Reputation / data brokers peopledatalabs, emailrep, fullcontact
Leaks / breaches leaks, leaklookup, darkweb, hudsonrock
Search search

API Keys

Once the application is loaded in the browser, enter your API keys in the settings panel. Below is the full table of fields from backend/factories/apikeys_default.json:

Module Status Field in apikey How to obtain
LinkedIn πŸ†— πŸͺ linkedin_cookies (or legacy linkedin_li_at / linkedin_JSESSIONID) just cookies-grab linkedin linkedin.com or just cookies-import linkedin <file>
Twitter πŸ†— πŸͺ twitter_cookies just cookies-grab twitter x.com
TikTok πŸ†— πŸͺ tiktok_cookies just cookies-grab tiktok tiktok.com
PeopleDataLabs πŸ†— peopledatalabs_key πŸ†“ Free API β€” wiki
Emailrep πŸ†— emailrep_key πŸ†“ Free API β€” wiki
Leaklookup πŸ†— leaklookup_key πŸ†“ Free API β€” wiki
Spotify πŸ†— spotify_client_id / spotify_client_secret πŸ†“ Free API β€” wiki
Twitch πŸ†— twitch_client_id / twitch_client_secret πŸ†“ Free API β€” wiki
CSE (Google) πŸ†— cse_api_key / cse_cx πŸ†“ Free API β€” wiki
Brave πŸ†— brave_key πŸ†“ Free API
Instagram ⚠️ instagram_user / instagram_pass Under revision
Fullcontact πŸ›‘ fullcontact_api Discontinued
HaveIBeenPwned πŸ›‘ haveibeenpwned_key Discontinued

APIs marked with πŸͺ use browser session cookies; the rest use service tokens.

Session cookies

Some modules (LinkedIn, Twitter, TikTok) require session cookies from your browser. Cookies are stored in backend/cookies/ (mounted in the container as /app/cookies) and persist across restarts. There are two ways to load them, both via just.

Cookies are personal session tokens: do not share them or commit them to the repository (backend/cookies/ is git-ignored).

Option A: Import a browser export

Export the site cookies with an extension such as Cookie-Editor to a JSON file and import it:

just cookies-import linkedin ~/Downloads/linkedin_cookies.json

Option B: Extract them automatically from the browser

Extracts cookies directly from your local browser. Close the browser before running (an open browser locks its cookie database):

# Try all installed browsers (firefox, chrome, brave, edge)
just cookies-grab linkedin linkedin.com

# Or a specific one
just cookies-grab linkedin linkedin.com brave

The command reports, browser by browser, what it could read and what it could not, and writes the file only if it finds the cookies the module needs. For example, LinkedIn requires li_at and JSESSIONID.

Module Domain Required cookies
LinkedIn linkedin.com li_at, JSESSIONID
Twitter x.com auth_token, ct0
TikTok tiktok.com msToken

Cookies expire periodically (LinkedIn cookies last between 1 and 3 months). When a module stops authenticating, run the command again.

Development

The development workflow uses a virtualenv for linting/pre-commit hooks and Docker (or the native just up-native flow) for building and running the application.

Setting up the dev environment

Install just, then:

just setup
source .venv/bin/activate

This creates a Python virtualenv with pre-commit and ruff, and installs the git hooks.

Common recipes

Command Description
just build Build Docker images
just up Start all services
just down Stop all services
just logs Follow backend logs (just logs frontend for frontend)
just ps Show running containers
just shell-backend Open a shell in the backend container
just lint Run ruff linter and format check
just fmt Auto-format Python code
just restart backend Restart a specific service
just rebuild Stop, rebuild, and start all services
just clean Remove containers, volumes, and local images
just up-native Start iKy natively (no Docker)
just down-native Stop the native services
just up-native-clean Wipe native caches (Caddy, frontend, logs)

Update iKy

Pull the latest changes and rebuild the Docker images:

git pull
just rebuild

To preserve your API keys across updates, use the Export/Import options in the apikeys menu of the graphical interface.

apis
(pending update: reflects the previous frontend)

Wiki

Video Demo

iKy demo

Vimeo

(pending update: reflects the previous frontend)

Support the project

Whether you use this project, have learned something from it, or just like it, please consider supporting it by buying me a coffee, so I can dedicate more time on open-source projects like this.

Buy Me A Coffee

Disclaimer

Anyone who contributes or contributed to the project, including me, is not responsible for the use of the tool (Neither the legal use nor the illegal use, nor the "other" use).

Keep in mind that this software was initially written for a joke, then for educational purposes (to educate ourselves), and now the goal is to collaborate with the community making quality free software, and while the quality is not excellent (sometimes not even good) we strive to pursue excellence.

Consider that all the information collected is free and available online, the tool only tries to discover, collect and display it. Many times the tool cannot even achieve its goal of discovery and collection. Please load the necessary APIs before remembering my mother. If even with the APIs it doesn't show "nice" things that you expect to see, try other e-mails before you remember my mother. If you still do not see the "nice" things you expect to see, you can create an issue, contact us by e-mail or by any of the RRSS, but keep in mind that my mother is neither the creator nor Contribute to the project.

We do not refund your money if you are not satisfied. I hope you enjoy using the tool as much as we enjoy doing it. The effort was and is enormous (Time, knowledge, coding, tests, reviews, etc.) but we would do it again. Do not use the tool if you cannot read the instructions and / or this disclaimer clearly.

By the way, for those who insist on remembering my mother, she died many years ago but I love her as if she were right here.

Packages

 
 
 

Contributors

Languages