
Photon is one tool that can do many things to help you collect data about target. Just insert the target and this tool will automatically grab and show the detailed data.
Description
Photon is a incredibly fast crawler designed for OSINT, because with this tool you can extracts emails, subdomains, social media accounts, Secret Keys and many more.
This some features that can do with Photon :
Key Features
Data Extraction
Photon can extract the following data while crawling:
- URLs (in-scope & out-of-scope)
- URLs with parameters (
example.com/gallery.php?id=2
) - Intel (emails, social media accounts, amazon buckets etc.)
- Files (pdf, png, xml etc.)
- Secret keys (auth/API keys & hashes)
- JavaScript files & Endpoints present in them
- Strings matching custom regex pattern
- Subdomains & DNS related data
The extracted information is saved in an organized manner or can be exported as json.

Flexible
Control timeout, delay, add seeds, exclude URLs matching a regex pattern and other cool stuff. The extensive range of options provided by Photon lets you crawl the web exactly the way you want.
Genius
Photon’s smart thread management & refined logic gives you top notch performance.
Still, crawling can be resource intensive but Photon has some tricks up it’s sleeves. You can fetch URLs archived by archive.org to be used as seeds by using --wayback
option.
Plugins
Intelligent Multi-Threading
Here’s a secret, most of the tools floating on the internet aren’t properly multi-threaded even if they are supposed to. They either supply a list of items to threads which results in multiple threads accessing the same item or they simply put a thread lock and end up rendering multi-threading useless.
But Photon is different or should I say “genius”? Take a look at this and decide yourself.
Ninja Mode
In Ninja Mode, 3 online services are used to make requests to the target on your behalf. So basically, now you have 4 clients making requests to the same server simultaneously which gives you a speed boost, minimizes the risk of connection reset as well as delays requests from a single client.

Docker
Photon can be launched using a lightweight Python-Alpine (103 MB) Docker image.
git clone https://github.com/s0md3v/Photon.git cd Photon docker build -t photon . docker run -it --name photon photon:latest -u google.com
To view results, you can either head over to the local docker volume, which you can find by running docker inspect photon
or by mounting the target loot folder:
Usage
usage: photon.py [options]
-u --url root url
-l --level levels to crawl
-t --threads number of threads
-d --delay delay between requests
-c --cookie cookie
-r --regex regex pattern
-s --seeds additional seed urls
-e --export export formatted result
-o --output specify output directory
-v --verbose verbose output
--keys extract secret keys
--clone clone the website locally
--exclude exclude urls by regex
--stdout print a variable to stdout
--timeout http requests timeout
--ninja ninja mode
-update update photon
--headers supply http headers
--dns enumerate subdomains & dns data
--only-urls only extract urls
--wayback Use URLs from archive.org as seeds
--user-agent specify user-agent(s)
Frequent & Seamless Updates
Photon is under heavy development and updates for fixing bugs. optimizing performance & new features are being rolled regularly.
If you would like to see features and issues that are being worked on, you can do that on Development project board.
Updates can be installed & checked for with the --update
option. Photon has seamless update capabilities which means you can update Photon without losing any of your saved data.
Contribution & License
You can contribute in following ways:
- Report bugs
- Develop plugins
- Add more “APIs” for ninja mode
- Give suggestions to make it better
- Fix issues & submit a pull request
Please read the guidelines before submitting a pull request or issue.
Do you want to have a conversation in private? Hit me up on my twitter, inbox is open 🙂
Screenshots

