First Use

import { Aside } from ‘@astrojs/starlight/components’;

Launch the interactive agent

osint-agent

You’ll see something like:

╔══════════════════════════════════════════╗
║         OSINT AI Agent v1.0              ║
║  Threat Intelligence & Investigation     ║
╚══════════════════════════════════════════╝

osint>

Investigate your first IP

osint> Investigate IP 185.220.101.34

The ReAct agent automatically selects the appropriate tools:

[Using VirusTotal] → Reputation: MALICIOUS (87 detections)
[Using AbuseIPDB]  → Abuse score: 95% — 1,247 reports
[Using Shodan]     → Port 9001 open (Tor relay)
[Using AlienVault] → 12 associated threat pulses
[Using IPInfo]     → AS: Frantech Solutions, NL

=== Threat Assessment ===
IP: 185.220.101.34
Risk level: CRITICAL (94/100)

This IP operates as a Tor exit node. Detected in multiple
malware campaigns. Block immediately if seen in logs.

Investigate a domain

osint> Analyze domain evil-phishing-example.com

For domains the agent uses: VirusTotal, WHOIS, DNS, crt.sh, and URLScan if there is an active URL.

View the risk dashboard

osint> /dashboard

Shows a table with all IOCs investigated in the session:

┌─────────────────────────────────────────────────────────────────┐
│ IOC                        │ Type   │ Risk    │ Score │ Verdict  │
├─────────────────────────────────────────────────────────────────┤
│ 185.220.101.34             │ IP     │ CRITICAL│  94   │ Malicious│
│ evil-phishing-example.com  │ Domain │ HIGH    │  78   │ Phishing │
│ 8.8.8.8                    │ IP     │ CLEAN   │   2   │ Benign   │
└─────────────────────────────────────────────────────────────────┘

Save a report

osint> /report save

Saves a complete report to reports/ in Markdown format with:

• Executive summary
• Individual assessment for each IOC
• Session timeline
• Risk dashboard

Contextual queries

The agent handles not just technical IOCs but also contextual questions:

osint> What is the recent activity of the APT Lazarus group?
osint> What is Iran's current cybersecurity threat posture this month?
osint> Give me context on the conflict in the Red Sea

Interactive prompt commands

Command	Description
/dashboard	Risk table for all IOCs in the session
/report save	Save Markdown report to reports/
/help	List of available commands
exit / quit	Exit the agent

The agent responds in whatever language you use. Write in English, get English. Write in Spanish, get Spanish.