Incredibly fast crawler designed for OSINT.


Photon is a incredibly fast crawler designed for automating OSINT(Open Source Intelligence). This tool designed with the simple command line interface consists with multiple options and flags to perform the specific passive reconnaissance operation on our target url or domain name. This tool is written in Python 3x, by s0md3v. You can also install this as a python module by using pip. Photon basically acts as the web crawler which can able to extract the urls and parameters in web application automatically by spidering. Also able to fuzz them and finding the secret auth keys, fetching the previous information about the website from wayback archive so on. Flexibility is one of the main advantage in Photon you can control timeouts, delays and also add seeds, excluding the urls matching the regex pattern. This tool let’s you crawl the web exactly the way you want.


Lock image

Features of Photon

Photon can extract the following data while crawling:

  • URLs (in-scope & out-of-scope)

  • URLs with parameters (

  • Intel (emails, social media accounts, amazon buckets etc.)

  • Files (pdf, png, xml etc.)

  • Secret keys (auth/API keys & hashes)

  • JavaScript files & Endpoints present in them

  • Strings matching custom regex pattern

  • Subdomains & DNS related data

The extracted information is saved in an organized manner or can be exported as json.

Installation and usage:

It’s pretty straight forward to install and get it running. You can directly clone from git or download the zip file from git repository.

git clone

Installing the python-dependencies

Installing the dependencies is very easy most of the developers will place all the required python modules in requirements.txt file, inside the project directory.

  • cd Photon

  • Pip3 install -r requirements.txt

Running Photon

Python3 -h

Will display all the options available the help menu. Then, you will see photon offers lot of option for you to play with the target’s available open source information. You can crawl, clone, set link depth for crawling, specify the user agents, set the timeouts, perform the DNS enumeration etc...


Simply crawl:

Python3 -u

Specify the flags with the argument shown in help options of photon.

For more detailed information and usecases visit: