whatisgithub

What is ghost_scout?

specterops/ghost_scout — explained in plain English

Analysis updated 2026-07-18 · repo last pushed 2026-04-30

14HTMLAudience · ops devopsComplexity · 4/5MaintainedSetup · hard

In one sentence

Ghost Scout automates the research phase of simulated phishing campaigns. It discovers a company's domains and employees, then uses AI to generate personalized phishing test emails for security assessments.

Mindmap

mindmap
  root((repo))
    What it does
      Finds company domains
      Discovers employees
      Scrapes public info
      Writes phishing emails
    Tech stack
      Node.js backend
      HTML frontend
      Redis job queue
    Use cases
      Red team engagements
      Security assessments
      Phishing simulations
    Requirements
      Hunter.io API key
      Anthropic API key
      Redis server
    Audience
      Security professionals
      Penetration testers

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Automate reconnaissance for a red team engagement by discovering target company domains and employees.

USE CASE 2

Generate realistic spear-phishing test emails personalized with public information about each employee.

USE CASE 3

Streamline phishing simulation prep by replacing manual research with an automated AI-driven pipeline.

USE CASE 4

Review and export AI-generated phishing pretexts for client security awareness testing.

What is it built with?

Node.jsHTMLRedisHunter.io APIAnthropic API

How does it compare?

specterops/ghost_scout1tdspw-26/front-aula-08-1sem1tdspy-26/front-1sem-aula-03
Stars141414
LanguageHTMLHTMLHTML
Last pushed2026-04-30
MaintenanceMaintained
Setup difficultyhardeasyeasy
Complexity4/51/51/5
Audienceops devopsgeneralgeneral

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · hard Time to first run · 1h+

Requires paid API keys for both Hunter.io and Anthropic, plus a Redis server for background job management.

The explanation does not mention a specific license, the project notes it is intended for personal use and legitimate security assessments only.

So what is it?

Ghost Scout is a tool for security professionals who run simulated phishing campaigns against companies. It automates the research phase, finding a company's domains, discovering their employees, gathering publicly available information about those employees, and then using AI to write personalized phishing emails tailored to each person. The goal is to make red team engagements more efficient by replacing hours of manual research and email drafting with an automated pipeline. The workflow is straightforward: you start by entering a target company's domain, and the tool discovers related domains, email formats, and potential employees using the Hunter.io service. It then scrapes public sources for information about those individuals, converts what it finds into a format suitable for AI processing, and builds detailed profiles. Finally, it uses Anthropic's AI to generate convincing outreach messages, called "pretexts", that reference details gleaned from the research. You can review, approve, and export the results. This is designed for red teamers and penetration testers, security professionals hired by organizations to test their defenses. For example, if a company wants to know whether its employees would fall for a spear-phishing attack, a red teamer could use this tool to quickly gather intelligence on staff and generate realistic test emails. It requires paid API keys for both Hunter.io (for finding contacts) and Anthropic (for AI text generation), plus some infrastructure setup including a Redis server for managing background jobs. The project is built with a Node.js backend and a lightweight frontend. It uses a job queue system to handle tasks like DNS lookups, web scraping, and AI generation asynchronously, with real-time updates as work progresses. The README notes it's intended for personal use and legitimate security assessments, and the project still has planned improvements like Docker Compose support, additional data sources, and more AI provider options.

Copy-paste prompts

Prompt 1
Set up Ghost Scout with my Hunter.io and Anthropic API keys, then run it against example.com to discover employee emails and generate phishing test pretexts.
Prompt 2
I have Ghost Scout running locally, how do I configure the Redis server for background job processing and start the job queue?
Prompt 3
Help me review and approve the AI-generated phishing emails Ghost Scout produced, and export the approved pretexts for my red team engagement report.
Prompt 4
Walk me through the Ghost Scout workflow from entering a target domain to exporting the final personalized phishing emails, including how it scrapes public sources.

Frequently asked questions

What is ghost_scout?

Ghost Scout automates the research phase of simulated phishing campaigns. It discovers a company's domains and employees, then uses AI to generate personalized phishing test emails for security assessments.

What language is ghost_scout written in?

Mainly HTML. The stack also includes Node.js, HTML, Redis.

Is ghost_scout actively maintained?

Maintained — commit in last 6 months (last push 2026-04-30).

What license does ghost_scout use?

The explanation does not mention a specific license, the project notes it is intended for personal use and legitimate security assessments only.

How hard is ghost_scout to set up?

Setup difficulty is rated hard, with roughly 1h+ to a first successful run.

Who is ghost_scout for?

Mainly ops devops.

Open on GitHub → Ask about another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.