Fast and Powerful OSINT Tools for iOS Shortcuts App

This article continues my dive into automation on iOS with the Shortcuts app. You can view the first article here.

In this post I going to cover making simple, fast, but powerful OSINT shortcuts to use on your iOS device that are useful for verifying information quickly when you can’t access a computer or need to work on the move.

Verifying Email Address

This shortcut allows you to verify if an email address is valid. To start you will need to sign up for a free api key at hunter.io

If you already have a service you use to verify information you can follow along but replace the api calls with the service you use instead.

Next we will refer to their api documentation to get the endpoint we need.

https://api.hunter.io/v2/email-verifier?email=<target_email>&api_key=<api_key>

Next we need to decide where we want to save the information returned from the api. I am using an app called Data Jar, but you can use any app you wish that has a Shortcuts integration, such as the built in notes app in iOS.

In Data Jar you will need to create a new list and give that key a name such as ‘email’.

To build the shortcut you will will first have it ask for input, then set a variable from that input, use that variable in the api call by adding a ‘get contents of URL’ shortcut.

Next you will have it add the contents of the URL at the beginning of list ‘email’ in Data Jar.

It should look something like this:

Once ran the information returned will be saved in the Data Jar app.

This Shortcut can be customized to make any type of api call you need, such as phone number lookup or domain searches. Just repeat that same steps using the api of your choosing.

Using Python Scripts in Shortcuts

Another useful way to use the Shortcuts app for OSINT is to quickly run a python script you would normally need a computer for. Use the Pyto Python app and Data Jar app with Shortcuts to create powerful custom shortcuts to make OSINT searches on the go.

Username Lookup

This Shortcut will perform a username search on google using the google custom search api and then save the results to the Bear app.

This shortcut actually involves using two shortcuts. First we will set our variables to search for and save them to Data Jar, then we will call those variables into the second shortcut and search them in the Python script.

Create the Variable Shortcut

You will need to prompt for text input and set it as a variable, do this two times. Next you will use those variables to create a dictionary in Data Jar. Using the ‘Set Value’ option for Data Jar you will want to set the key as the dictionary name then key such as ‘dictionary.key’. If the dictionary is not already made in the app it will create it for you. Once you have a shortcut setup like the image below you can click done and move to creating the second one.

The Search Shortcut

The second shortcut will be the main shortcut we use to perform and save the username searches.

You will need to setup your google custom search api. Once you have your API Key and search engine ID you can create a Python script in the Pyto app.

import requests 
import sys 
# Simple Function to search for usernames on Google 
# https://developers.google.com/custom-search/v1/introduction 
# https://programmablesearchengine.google.com/controlpanel/all 
 
# Example usage 
data1 = sys.argv[1] 
data2 = sys.argv[2] 
website = 'site:' + data1 
username = '"' + data2 + '"' # Replace with the username you want to search 
search = website + ' ' + username 
 
def search_google(query): 
    api_key = 'API KEY'  # Replace with your Google Custom Search JSON API key 
    search_engine_id = 'ID'  # Replace with your Google Custom Search Engine ID 
    base_url = 'https://www.googleapis.com/customsearch/v1' 
 
    params = { 
        'key': 'API KEY', 
        'cx': 'SEARCH ID', 
        'q': query 
    } 
 
    try: 
        response = requests.get(base_url, params=params) 
        data = response.json() 
 
        if 'items' in data: 
            print('Search Results for', query + ':') 
            for item in data['items']: 
                print('Title:', item['title']) 
                print('Link:', item['link']) 
                print('---') 
        else: 
            print('No search results found for', query) 
 
    except requests.exceptions.RequestException as e: 
        print('Error occurred:', str(e)) 
 
 
# Search for the username on Google 
search_google(search)

This essentially is just another API search but involves more than just a simple api endpoint. This search takes your variables entered using the first shortcut and uses them in the python script to search google and print a clean list of links associated with that username.

To pass variables into the Python script from the shortcuts app we use sys.argv in Python.

data1 = sys.argv[1] 
data2 = sys.argv[2]

The returned search results will be added to the Bear app as a new note.

The complete shortcut should look similar to the image below:

Start by telling it to run the first shortcut we created, that will prompt you for the website and username we want to search for. Next you will want to get values from Data Jar and set them as variables. Then you will want to run the Python script with Pyto using those variables. Finally, you will take the script output and create a new note in the Bear app.

To name the note when created click the arrow for the Bear app action and you can add a title. you can use the username and website variables to fill in the information as well.

Once you run the shortcut you will get a new Bear note with all of the search results neatly formatted.

Conclusion

Using the Shortcuts app on iOS can allow you to perform useful OSINT searches while on your mobile device. Building on these shortcuts I covered you can customize them to your needs and expand on their capability to suite what you are searching for.