UnauthScout is a CLI tool for unauthenticated OSINT reconnaissance on public developer platforms such as GitHub and GitLab.
It standardizes the collection of publicly available user data using a consistent interface and normalized JSON output contracts.
Public developer platforms expose valuable reconnaissance data without requiring authentication. However, this data is often inconsistent across providers and hard to consume programmatically.
UnauthScout addresses this by:
- Querying public APIs without authentication
- Normalizing responses via explicit schemas
- Providing a simple, script-friendly CLI
- Unauthenticated user reconnaissance on GitHub
- Unauthenticated user reconnaissance on GitLab
- Normalized JSON output defined by explicit schemas
- Raw output mode for debugging and field discovery
- Modular, provider-based architecture
- Authentication or token-based access
- Rate-limit bypassing
- Collection of private or restricted data
- Automated correlation or enrichment across platforms
- Bash (POSIX-compatible)
curljq
git clone https://github.com/rmottanet/unauthscout.git
cd unauthscout
chmod +x bin/unauthscoutunauthscout <username>unauthscout <username> --rawBy default, UnauthScout outputs normalized JSON that conforms to the
corresponding schema under schemas/.
Normalized outputs are defined via JSON Schema:
schemas/github_user.jsonschemas/gitlab_user.json
These schemas are the source of truth for all processed output and ensure stable, predictable data structures.
bin/ # CLI entry point and orchestration
lib/ # Provider integrations and parsing logic
schemas/ # Normalized data contracts (JSON Schema)
docs/ # Documentation as code
tests/ # Automated tests (optional)
- Unauthenticated by default
- Explicit data contracts over implicit assumptions
- Clear separation between orchestration and data retrieval
- Minimal surface area, extensible by design
