"Because Excel sheets are for accountants, not investigators"
A full-stack OSINT investigation management system built for serious intelligence gathering with a modern, professional interface.
- Role-based categorization: Suspects, Witnesses, Persons of Interest, Associates, Victims
- Comprehensive tracking: Addresses, phone numbers, emails, social media handles
- Travel history: Timeline and analysis of person movements
- Case associations: Link people to specific investigations
- Status tracking: Active, Inactive, Under Investigation, Cleared
- Custom fields: Extend person profiles with custom data fields
- Advanced search: Multi-parameter search with filters
- Interactive relationship diagrams: Visual network mapping with ReactFlow
- Multi-entity support: People, businesses, locations, phones, emails
- Connection types: Family, Business, Criminal, Social, Known Associates
- Drag-and-drop interface: Intuitive node manipulation
- Real-time updates: Live relationship mapping
- Network filtering: Focus on specific entity types and relationships
- Geocoded locations: Automatically geocode addresses with database caching
- Clustered markers: Performance-optimized clustering for large datasets
- Person-location correlation: Visual tracking of person movements
- Interactive popups: Detailed location information on click
- Map filters: Filter by person, date range, or location type
- Manual network entry: Add wireless networks manually with comprehensive forms
- KML import: Import WiGLE wardriving data
- Network tracking: SSID, BSSID, encryption, signal strength, passwords
- WiFi 7 support: Full support for WiFi 7 frequency bands (2.4GHz, 5GHz, 6GHz)
- Multi-entity associations: Link networks to multiple people and businesses
- Person association: Link wireless networks to investigations
- Map visualization: Wireless networks appear on global map with WiFi icons
- Map toggle: Show/hide wireless networks on map
- Advanced filtering: Filter by signal strength, encryption, KML file source
- Location preview: Interactive map in detail view
- Flexible validation: Only SSID required, BSSID and location optional
- OSINT tool inventory: Catalog of investigation tools
- Categories: Social Media, Background Check, Data Mining, Surveillance
- URL management: One-click access to tools
- Usage notes: Documentation and tips
- Search and filtering: Quick tool discovery
- Investigation todos: Linked to cases and people
- Priority levels: Low, Medium, High, Urgent
- Status tracking: Pending, In Progress, Completed
- Case assignment: Organize tasks by investigation
- Multi-case support: Manage multiple investigations
- Status tracking: Custom case statuses and data types
- Case-person linking: Associate people with cases
- Timeline tracking: Investigation chronology
- Cross-referencing: See case interconnections
- Business tracking: Companies and organizations
- Employee mapping: Track personnel
- Business relationships: Link to people and other businesses
- Address and contact management: Full business profiles
- Solid backgrounds: Professional, readable interface with proper contrast
- Dark mode: Full dark mode support with optimized text readability
- Responsive layout: Works on desktop and tablet
- Professional colorway: Business-appropriate aesthetics
- Smooth animations: Apple-inspired interactions
- Enhanced readability: All text elements have proper contrast in both light and dark modes
- Centered visualizations: Relationship graphs center properly on load
The easiest way to run GHOST is with Docker:
# Clone the repository
git clone <repo-url>
cd GHOST-osint-crm
# Copy environment file and configure it
cp .env.example .env
# IMPORTANT: Edit .env with your configuration
# For production, you MUST set:
# - DB_PASSWORD (strong password)
# - SESSION_SECRET (generate with: openssl rand -base64 32)
# - FRONTEND_URL (your frontend URL)
nano .env
# Start all services
docker-compose up --build -dCreate your first admin user:
# After containers are running
docker exec -it osint-crm-backend node scripts/createAdminUser.js
# Follow the prompts:
# - Username: (required)
# - Email: (optional - press Enter to skip)
# - Password: (required)
# - First Name: (optional)
# - Last Name: (optional)Access the application:
- Frontend: http://localhost:8080
- Backend API: http://localhost:3001
- Health Check: http://localhost:3001/api/health
- Database: PostgreSQL on port 5432 (development only)
- Docker & Docker Compose (recommended)
- OR Manual Setup:
- Node.js 18+
- PostgreSQL 15+
- npm or yarn
cd frontend
npm install
npm startFrontend runs on http://localhost:3000
cd backend
npm install
# Configure environment
cp .env.example .env
# Edit .env with your database credentials
# Start server
npm startBackend runs on http://localhost:3001
# Create database
createdb osint_crm_db
# Run migrations (from backend directory)
psql -U postgres -d osint_crm_db < migrations/create_wireless_networks.sqlGHOST-osint-crm/
โโโ frontend/ # React frontend
โ โโโ src/
โ โ โโโ components/ # React components
โ โ โโโ utils/ # API utilities
โ โ โโโ index.css # Tailwind styles
โ โโโ public/ # Static assets
โ โโโ nginx.conf # Nginx configuration
โโโ backend/ # Node.js/Express API
โ โโโ server.js # Main server file
โ โโโ migrations/ # Database migrations
โ โโโ public/uploads/ # File uploads
โโโ docker-compose.yml # Docker configuration
โโโ .env.example # Environment template
- Create a case in the Cases section
- Add people with all relevant details
- Map connections in Entity Network view
- Track locations on the Global Map
- Import wireless networks (if using WiGLE data)
- Assign tasks to track investigation progress
Manual Entry:
- Go to Wireless Networks section
- Click "Add Network" button
- Enter network details (SSID required, rest optional)
- Select associated people/businesses
- Save and view on map
KML Import:
- Export KML from WiGLE app/website
- Go to Wireless Networks section
- Click "Import KML"
- Upload your KML file
- Networks appear on map and table
- Associate networks with people under investigation
Map View:
- Toggle wireless networks on/off in the global map
- Click WiFi icons for network details
- Filter networks by various criteria
- Navigate to "Entity Network" section
- View interactive relationship diagram
- Filter by entity types and relationships
- Click nodes for details
- Add connections between entities
Optimized for:
- Up to 5,000 people records
- Up to 10,000 wireless networks
- Up to 1,000 locations on map
- Up to 500 relationship nodes
Features:
- Database-level geocoding cache
- Map marker clustering
- Pagination ready (future enhancement)
- Lazy loading support
Critical - Production Deployment:
โ ๏ธ Never use default passwords in production - Application will refuse to startโ ๏ธ Generate strong SESSION_SECRET - Minimum 32 characters required# Generate a secure secret openssl rand -base64 32โ ๏ธ Set FRONTEND_URL - Required for CORS securityโ ๏ธ Use strong DB_PASSWORD - Weak passwords rejected in production- ๐ Remove database port exposure - Comment out port mapping in
docker-compose.ymlfor production - ๐ Never commit
.envfiles - Contains sensitive credentials - ๐ Keep
backend/public/uploads/out of version control - User-generated content - ๐ Review uploaded files for security - Implement malware scanning if needed
- ๐ Follow local laws for data collection - Comply with privacy regulations
- ๐ Use HTTPS in production - Configure reverse proxy with SSL/TLS
- ๐ Regular security updates - Keep dependencies updated
Development vs Production:
- Development mode shows warnings for weak credentials
- Production mode enforces security requirements and exits if not met
Contributions welcome! Please:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
You are free to:
- โ Use for personal investigations
- โ Use for educational purposes
- โ Use for research
- โ Modify and improve
- โ Share with others
Under these conditions:
- ๐ Attribution - Give appropriate credit
- ๐ซ NonCommercial - No commercial use without permission
- ๐ ShareAlike - Share modifications under same license
Commercial use requires explicit permission from the author.
For commercial licensing, contact: hurdles.remand_9g [at] icloud.com
This tool is intended for legitimate OSINT investigation purposes only. Users are responsible for:
- Complying with all applicable laws and regulations
- Respecting privacy rights and data protection laws
- Using the tool ethically and responsibly
- Obtaining proper authorization for investigations
The authors are not responsible for misuse of this software.
Common Issues:
This has been fixed in v2.1.0. The users table is now created automatically.
# Rebuild containers to apply fix
docker-compose down -v
docker-compose up --buildCheck that you've set required environment variables:
# Verify .env file contains:
DB_PASSWORD=<strong-password-not-changeme>
SESSION_SECRET=<32+-character-secret>
FRONTEND_URL=http://localhost:8080The backend now runs as non-root user (nodejs:1001). Ensure upload directories have correct permissions:
chmod -R 777 backend/public/uploads/-
Check service health:
docker-compose ps # All services should show (healthy) -
View logs:
docker-compose logs backend docker-compose logs frontend docker-compose logs db
-
Check health endpoint:
curl http://localhost:3001/api/health
-
Verify database connection:
docker exec osint-crm-db psql -U postgres -d osint_crm_db -c "SELECT COUNT(*) FROM users;"
-
Clean restart:
docker-compose down -v # WARNING: Deletes all data docker-compose up --build -
Check browser console for frontend errors
-
Open an issue on GitHub with:
- Error messages from logs
- Steps to reproduce
- Docker version
- Operating system
Feedback, inputs, and suggestions are highly welcome! Please open an issue or reach out directly.
Frontend:
- React 18
- Tailwind CSS
- Leaflet (maps)
- ReactFlow (diagrams)
- Lucide Icons
Backend:
- Node.js / Express
- PostgreSQL 15
- xml2js (KML parsing)
Infrastructure:
- Docker & Docker Compose
- Nginx (reverse proxy)
- ๐ Manual wireless network entry - Add networks manually with comprehensive forms
- ๐บ๏ธ Wireless networks on map - Networks appear on global map with WiFi icons
- ๐ก WiFi 7 support - Full support for WiFi 7 frequency bands
- ๐ Multi-entity associations - Associate networks with multiple people and businesses
- ๐จ Dark mode improvements - Fixed text readability across all components
- ๐ Relationship graph enhancements - Better centering and header readability
- โจ UI refinements - Solid backgrounds for improved readability
- ๐ง Flexible validation - Only SSID required for network entry
- ๐ Critical security improvements - Production environment validation
- ๐ Fixed users table creation - No more manual migrations needed
- โก Performance optimizations - Database indexes added
- ๐ฏ Optional email field - Admin users don't require email
- ๐ก๏ธ Docker security - Non-root user implementation
- ๐ฅ Health checks - All services monitored for reliability
- ๐ Graceful shutdown - Proper cleanup on container stop
See CHANGELOG.md for complete details.
Built with โค๏ธ for the OSINT community.
Version: 2.2.0 Last Updated: January 28, 2026