Robin is an AI-powered tool for conducting dark web OSINT investigations. It leverages LLMs to refine queries, filter search results from dark web search engines, and provide an investigation summary.
Installation • Usage • Contributing • Acknowledgements
- ⚙️ Modular Architecture – Clean separation between search, scrape, and LLM workflows.
- 🤖 Multi-Model Support – Easily switch between OpenAI, Claude, Gemini or local models like Ollama.
- 💻 CLI-First Design – Built for terminal warriors and automation ninjas.
- 🐳 Docker-Ready – Optional Docker deployment for clean, isolated usage.
- 📝 Custom Reporting – Save investigation output to file for reporting or further analysis.
- 🧩 Extensible – Easy to plug in new search engines, models, or output formats.
This tool is intended for educational and lawful investigative purposes only. Accessing or interacting with certain dark web content may be illegal depending on your jurisdiction. The author is not responsible for any misuse of this tool or the data gathered using it.
Use responsibly and at your own risk. Ensure you comply with all relevant laws and institutional policies before conducting OSINT investigations.
Additionally, Robin leverages third-party APIs (including LLMs). Be cautious when sending potentially sensitive queries, and review the terms of service for any API or model provider you use.
Note
The tool needs Tor to do the searches. You can install Tor using apt install tor on Linux/Windows(WSL) or brew install tor on Mac. Once installed, confirm if Tor is running in the background.
- Download the appropriate binary for your system from the latest release
- Unzip the file, make it executable
chmod +x robin- Run the binary as:
robin cli --model gpt-4.1 --query "ransomware payments"- Build the Docker Image:
docker build -t robin .- Run the Docker as:
docker run --rm \
-v "$(pwd)/.env:/app/.env" \
-p 8501:8501 \
robin ui --ui-port 8501 --ui-host 0.0.0.0- With
Python 3.10+installed, run the following:
pip install -r requirements.txt
python main.py -m gpt-4.1 -q "ransomware payments" -t 12Tip
You can provide OpenAI or Anthropic or Google API key by either creating .env file (refer to sample env file in the repo) or by setting env variables in PATH
Robin: AI-Powered Dark Web OSINT Tool
options:
-h, --help show this help message and exit
--model {gpt4o,gpt-4.1,claude-3-5-sonnet-latest,llama3.1,gemini-2.5-flash}, -m {gpt4o,gpt-4.1,claude-3-5-sonnet-latest,llama3.1,gemini-2.5-flash}
Select LLM model (e.g., gpt4o, claude sonnet 3.5, ollama models, gemini 2.5 flash)
--query QUERY, -q QUERY
Dark web search query
--threads THREADS, -t THREADS
Number of threads to use for scraping (Default: 5)
--output OUTPUT, -o OUTPUT
Filename to save the final intelligence summary. If not provided, a filename based on the
current date and time is used.
Example commands:
- robin -m gpt4o -q "ransomware payments" -t 12
- robin --model claude-3-5-sonnet-latest --query "sensitive credentials exposure" --threads 8 --output filename
- robin -m llama3.1 -q "zero days"
- robin -m gemini-2.5-flash -q "zero days"Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (git checkout -b feature/amazing-feature)
- Commit your changes (git commit -m 'Add some amazing feature')
- Push to the branch (git push origin feature/amazing-feature)
- Open a Pull Request
Open an Issue for any of these situations:
- If you spot a bug or bad code
- If you have questions or about doubts about usage
- Idea inspiration from Thomas Roccia and his demo of Perplexity of the Dark Web.
- Tools inspiration from my OSINT Tools for the Dark Web repository.
- LLM Prompt inspiration from OSINT-Assistant repository.