Search everything...

Stats

Actions

Available In

huntkit

Name: huntkit
Author: assafkip

By assafkip

Run structured digital investigations and OSINT research within Claude Code — manage cases, collect evidence from platforms like LinkedIn and Telegram, apply CIA tradecraft analytic techniques, map relationships, and export findings as markdown, JSON, or interactive timelines.

security

automation

npx claudepluginhub assafkip/huntkit

Popularity

Stars

Top 10%

Med: 0·Avg: 281

Installs

Med: 0·Avg: 1

What's Inside

Slash Commands22

Q Analyze

/q-analyze

Review all collected data and surface patterns, connections, and gaps.

Steps

/q-begin

Start a new investigation session. Read all state files to load context before doing anything.

Q Brief

/q-brief

Generate a structured investigation brief summarizing current state.

Steps

/q-challenge

Force a structured challenge of all investigation assumptions and hypotheses.

Q Checkpoint

/q-checkpoint

Save current investigation state. Run at the end of every session.

Skills2

osint

/osint

Conduct deep OSINT research on individuals. Build full digital footprint, psychoprofile (MBTI/Big Five), career history, social graph with confidence scores. Recursive self-evaluation until completeness threshold is met. Includes internal intelligence (Telegram history, email, vault contacts) before going external. Use when: "osint", "research person", "find everything about", "due diligence", "background check", "digital footprint", "dossier", "profile someone". NOT for: company/product research without a named person, competitive analysis, market research, content generation, or general web scraping tasks.

analyze

/structured-analysis

Conduct structured analysis on any problem using CIA/IC analytic techniques — assess competing hypotheses, challenge assumptions, stress-test judgments, and produce defensible evidence-based assessments with full citations. Supports 18 techniques including ACH, Key Assumptions Check, What-If, Premortem, Cross-Impact Matrix, Contrasting Narratives, Devil's Advocacy, Red Hat Analysis, Alternative Futures, and Deception Detection.

Stats

Version0.2.0

LanguageShell

Stars43

Forks5

MaintenanceGood

LicenseMIT

Last CommitApr 15, 2026

AddedJun 23, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

README

huntkit

Investigation toolkit for Claude Code. Case management, OSINT, structured analytic techniques, chain-of-custody evidence capture, and bundled MCP servers for infrastructure recon and threat intel.

Not just a scraper wrapper. A full investigation workflow — from case intake to evidence-grade dossier.

Use it for: OSINT, due diligence, threat intelligence, incident response, digital forensics, journalistic research, competitive intel, security research, CTF challenges.

How it works

Investigation lifecycle

flowchart LR
    Start([New case]) --> NewCase[/q-new-case/]
    NewCase --> Scope[/q-scope/]
    Scope --> Begin[/q-begin/]

    Begin --> Collect{Collection}
    Collect --> Intake[/q-intake<br/>client docs/]
    Collect --> OSINT[/q-osint<br/>platform-targeted/]
    Collect --> Sweep[/q-collect<br/>broad sweep/]
    Collect --> Target[/q-target<br/>profile/]

    Intake --> Evidence[(EV-NNNN<br/>evidence items<br/>Wayback + archive.today<br/>+ Chrome PDF + SHA-256)]
    OSINT --> Evidence
    Sweep --> Evidence
    Target --> Evidence

    Evidence --> Analyze{Analysis}
    Analyze --> Timeline[/q-timeline/]
    Analyze --> Link[/q-link<br/>graph edges/]
    Analyze --> ACH[/q-analyze<br/>Heuer's ACH/]
    Analyze --> Challenge[/q-challenge<br/>red team/]
    Analyze --> Reality[/q-reality-check/]

    Timeline --> Report{Report}
    Link --> Report
    ACH --> Report
    Challenge --> Report
    Reality --> Report

    Report --> Brief[/q-brief<br/>evidence-cited/]
    Report --> Debrief[/q-debrief<br/>internal/]
    Brief --> Export[/q-export/]
    Debrief --> Export
    Export --> End([Dossier delivered])

    style Evidence fill:#fef3c7,stroke:#d97706,stroke-width:2px
    style Start fill:#dbeafe,stroke:#2563eb
    style End fill:#dcfce7,stroke:#16a34a

Every URL routes through capture-evidence.sh. Every finding cites [EV-NNNN]. Every claim has an A-F reliability grade.

Architecture

graph TB
    subgraph Claude[Claude Code]
        CC[/Claude Code session/]
    end

    subgraph huntkit[huntkit plugin]
        direction TB
        subgraph Skills
            OSINT_S[osint<br/>6-phase workflow]
            SA_S[structured-analysis<br/>Heuer's ACH + tradecraft primer]
        end

        subgraph Commands[22 commands]
            CM[case mgmt]
            CL[collection]
            AN[analysis]
            RP[reporting]
        end

        subgraph Rules[Enforced rules]
            EC[evidence-capture-protocol]
            QI[q-investigation]
            TD[token-discipline]
            SY[sycophancy]
        end

        subgraph Templates
            NI[new-investigation]
            SS[sec-stack-case]
        end
    end

    subgraph MCP[Bundled MCP servers]
        OI[osint-infra<br/>whois, dns, wayback]
        TI[threat-intel<br/>VT, URLhaus, ThreatFox, crt.sh]
    end

    subgraph External[Optional external APIs]
        PPL[Perplexity]
        EXA[Exa]
        TAV[Tavily]
        APF[Apify<br/>55+ scrapers]
        JIN[Jina]
        BD[Bright Data]
    end

    subgraph Case[Case workspace]
        EVD[(investigations/case/<br/>evidence/ findings/<br/>targets/ timelines/)]
    end

    CC --> huntkit
    huntkit --> MCP
    huntkit --> External
    huntkit --> Case
    Rules -.enforces.-> Commands
    Commands -.uses.-> Skills

    style Case fill:#fef3c7,stroke:#d97706
    style MCP fill:#e0e7ff,stroke:#6366f1
    style Rules fill:#fee2e2,stroke:#dc2626

What you get

Skills

osint — 6-phase investigation: tooling check → seed collection → optional internal intel → platform extraction → cross-reference → psychoprofile → completeness scoring → dossier.
structured-analysis — CIA tradecraft primer library (Heuer's ACH, key assumptions check, quality of information check, red team, premortem, 66-technique taxonomy). Apache 2.0, upstream Blevene/structured-analysis-skill.

Commands (22)

Case management: /q-new-case, /q-scope, /q-begin, /q-status, /q-checkpoint, /q-handoff, /q-end

Collection: /q-intake, /q-collect, /q-osint, /q-target, /q-screenshots

Analysis: /q-analyze, /q-challenge, /q-reality-check, /q-client-questions, /q-timeline, /q-link

Reporting: /q-brief, /q-debrief, /q-export

Specialized: /q-sec-stack (SaaS security stack intel)

MCP servers (bundled)

View full README on GitHub

huntkit

Popularity

What's Inside

Confidence

README

huntkit

How it works

Investigation lifecycle

Architecture

What you get

Skills

Commands (22)

MCP servers (bundled)

Similar Plugins

spotlight

structured-analysis

culture-index

pownie

cyberbro

grainulator

More by assafkip

research-mode

kipi-design

kipi-core

kipi-ops

prd-os

huntkit

How it works

Investigation lifecycle

Architecture

What you get

Skills

Commands (22)

MCP servers (bundled)

Popularity

Health & Quality

More by assafkip

research-mode

kipi-design

kipi-core

kipi-ops

prd-os

Similar Plugins

spotlight

structured-analysis

culture-index

pownie

cyberbro

grainulator