metabigor
Metabigor is an OSINT reconnaissance tool written in Go that performs network discovery, IP enrichment, certificate transparency searches, and related domain discovery without requiring API keys. It leverages free public data sources like Shodan InternetDB, crt.sh, and GitHub code search to support security research and bug bounty workflows.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | j3ssie/metabigor |
| Owner | j3ssie |
| Primary language | Go |
| License | MIT — OSI-approved |
| Stars | 1.6k |
| Forks | 185 |
| Open issues | 7 |
| Latest release | v2.1.0 (2026-02-15) |
| Last updated | 2026-07-03 |
| Source | https://github.com/j3ssie/metabigor |
What metabigor is
Go-based CLI tool providing network reconnaissance capabilities via local ASN/IP databases (2M+ entries), certificate transparency queries, Shodan free API integration, GitHub code search via grep.app, and CDN/WAF detection using the projectdiscovery/cdncheck library. Supports batch processing, multiple output formats (JSON, CSV, flat), and pipeline-friendly stdin/stdout workflows.
Get the metabigor source
Clone the repository and explore it locally.
git clone https://github.com/j3ssie/metabigor.gitcd metabigor# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Go binary is self-contained with no external runtime dependencies; pre-built binaries available or build from source with `make build`. Quick installation via PATH.
- Local ASN database (2M+ entries) needs periodic refresh with `metabigor update`; plan for offline-first queries or live data via `--dynamic` flag.
- Pipeline-friendly design: stdin/stdout, multiple output formats (JSON, CSV, flat). Integrates into shell workflows and can be chained with tools like `dnsx`, `grep`, and other recon tools.
- Concurrency configurable per command (`-c` flag); tune based on target rate limits and network capacity. Default likely conservative to avoid blocking from external services.
- No authentication required for core features; relies on free tier access to external APIs. Monitor for service changes or blocking; consider caching results for repeated queries.
When to avoid it — and what to weigh
- Requires Real-Time Threat Intelligence Updates — Local ASN/IP database requires manual updates via `metabigor update` command. Data freshness depends on user maintenance; not suitable for live, continuously-updated threat feeds.
- Needs Authenticated/Premium Data Sources — Tool deliberately uses only free, unauthenticated sources. If your workflow requires paid APIs (Shodan premium, custom threat feeds, commercial WHOIS), this tool will not meet those needs.
- Integrating into Closed/Airgapped Environments — Most commands require live internet access to query external services (crt.sh, grep.app, viewdns.info, builtwith.com). Offline or restricted network deployments will be severely limited.
- High-Volume, Real-Time Processing Requirements — Concurrency tuning via `-c` flag mitigates but tool is designed for interactive/batch recon, not sustained high-throughput stream processing. Rate limits from external services apply.
License & commercial use
Released under the MIT License, a permissive OSI-compliant license permitting unrestricted use, modification, and distribution in commercial and private projects.
MIT License permits commercial use. However, tool depends on third-party free data sources (Shodan InternetDB, crt.sh, grep.app, viewdns.info, builtwith.com) whose terms of service must be independently reviewed. Ensure compliance with each external service's acceptable use policy before deploying in commercial security workflows.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Good |
| Assessment confidence | High |
Tool itself is open-source (MIT license) and auditable. Security posture depends on: (1) third-party data sources (crt.sh, Shodan, grep.app) and their data integrity; (2) user's adherence to legal/ethical bounds (tool includes disclaimer for educational use only); (3) network exposure when querying external services (no encryption layer mentioned). No built-in output sanitization or injection protection documented; user responsible for safe downstream handling of results. Shodan InternetDB queries may reveal exposed services; results should be handled with appropriate access controls.
Alternatives to consider
Nuclei (ProjectDiscovery)
Focused on vulnerability scanning and template-based testing rather than open-source intelligence; premium integrations available. Better for active exploitation workflows; weaker on passive OSINT.
Shodan CLI (shodan-python)
Official Shodan command-line interface; requires API key (paid). More comprehensive Shodan data access; steeper cost and authentication overhead compared to Metabigor's free InternetDB approach.
Recon-ng
Modular Python-based OSINT framework with larger module ecosystem and interactive console. Steeper learning curve; supports more data sources but requires manual API key management.
Build on metabigor with DEV.co software developers
Metabigor is powerful for passive reconnaissance, but integrating it reliably into production security pipelines requires planning around external API dependencies and data freshness. Devco can help architect robust reconnaissance automation, handle API fallbacks, and ensure compliance with third-party service terms.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
metabigor FAQ
Do I need API keys to use Metabigor?
How often should I update the local ASN database?
Can Metabigor be integrated into larger reconnaissance automation?
What happens if external services (crt.sh, grep.app) are down or rate-limit requests?
Work with a software development agency
Need help beyond evaluating metabigor? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source security integrations — and maintain them long-term.
Need Help Integrating Metabigor Into Your Security Workflow?
Metabigor is powerful for passive reconnaissance, but integrating it reliably into production security pipelines requires planning around external API dependencies and data freshness. Devco can help architect robust reconnaissance automation, handle API fallbacks, and ensure compliance with third-party service terms.