# Zen

| **Zen**          | **Quick Overview**                                                                                                                     |
| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
| URL              | <https://github.com/s0md3v/Zen>                                                                                                        |
| What it does     | Takes an email address and investigates GitHub for accounts, activity, and public repositories associated with it.                     |
| How to use it    | Run the tool from the command line with a target email.                                                                                |
| Cost             | Free.                                                                                                                                  |
| Account required | No.                                                                                                                                    |
| Cookies          | None (runs locally in your environment).                                                                                               |
| Ownership        | Developed by Somdev Sangwan (s0md3v), a well-known security researcher and developer from India.                                       |
| Use in Reporting | Ideal for linking emails to GitHub accounts, profiling suspicious users, and documenting malicious activity for investigative reports. |

### What does Zen do?

Zen automates email-based OSINT on GitHub. Instead of manually searching for a suspicious email across GitHub, it quickly reveals accounts, repositories, and activity linked to that email, making research faster and more accurate.

The lowdown: It’s a fast, free OSINT tool for linking emails to GitHub accounts and activity.

### How to Use:

**1. Clone the Zen repository from GitHub.**

**2. Install required dependencies.**

**3. Run the tool with a target email address and review the output for GitHub usernames, public repos, and activity.**

Example command to find email address of a user:

python zen.py username

You can [view our detailed guide to Zen in The OSINT Newsletter here.](https://osintnewsletter.com/p/zen)

### Cost

* [x] Free
* [ ] Partially Free
* [ ] Paid

## Data Processing

### Account Required:

* [ ] Yes
* [x] No

### Cookies:&#x20;

None (runs locally in your environment).

### Use in Reporting

Zen can be used to:

* Link email addresses to GitHub accounts.
* Identify suspicious or malicious users.
* Gather evidence of activity for investigations.
* Enrich OSINT profiles with verified GitHub data.
* Document findings in cybersecurity or international crime reports.

You can [view some detailed use cases via The OSINT Newsletter here.](https://osintnewsletter.com/p/zen)

| **Capabilities**                           | **Limitations**                                        |
| ------------------------------------------ | ------------------------------------------------------ |
| Email-based GitHub account discovery.      | Only works for GitHub accounts linked to an email.     |
| Public repository and activity monitoring. | Cannot access private/unlinked accounts.               |
| Quick identification of suspicious users.  | CLI-based so requires command-line knowledge.          |
| Fast, automated workflow.                  | Possible false positives so results need verification. |
| <p><br></p>                                | Limited to GitHub - doesn’t cover other platforms.     |

### Summary

Zen is best used in the analysis and enrichment stage of the OSINT workflow, particularly useful for investigating malicious actors, documenting suspicious behavior, and enriching OSINT profiles in cybersecurity or international crime research.

### Ownership

Developed by [Somdev Sangwan](https://www.linkedin.com/in/s0md3v/) (s0md3v), a well-known security researcher and developer from India.

### Ethical Considerations

* Only investigate emails you are authorized to research.
* Avoid harassing or doxxing users.
* Use findings responsibly in investigations or reporting.
* Respect privacy and legal boundaries when documenting accounts.

### Related Tools:

* Sherlock
* TruffleHog&#x20;
* SpiderFoot

#### Sources

<https://github.com/s0md3v/Zen>&#x20;

<https://osintnewsletter.com/p/zen>&#x20;

<https://github.com/s0md3v>

<https://www.linkedin.com/in/s0md3v/>&#x20;

<https://x.com/s0md3v>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://tools.osintnewsletter.com/osint-tools/zen.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.