// the find
aydinnyunus/exifLooter
ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap
exifLooter is a Go CLI that extracts EXIF metadata from images — locally, from directories, or piped from URL lists — and maps GPS coordinates to OpenStreetMap URLs. It's a bug bounty / OSINT tool for finding geolocation data that web apps forgot to strip from uploaded images. The real-world use case is exactly what the HackerOne/BugCrowd reports show: crawl a target's image URLs, find unstripped GPS tags, file a low/medium severity report.
Pipe mode integrates cleanly into existing recon toolchains (waybackurls, etc.) without needing glue scripts. The metadata removal flag is a nice touch — same tool for finding the problem and cleaning it up locally. `go install` one-liner plus the Kali apt package means setup friction is basically zero. The scope is deliberately narrow: it does one thing and doesn't try to be a full OSINT platform.
The entire tool is a thin wrapper around exiftool — the Go code itself adds very little; you could replicate most of this with a bash one-liner and exiftool's own `-if` GPS filter. With everything in a single cmd/root.go, there's no library interface, so you can't import this as a package in a larger pipeline without shelling out. Only 27 forks despite the bugbounty audience suggests the community isn't building on it. No rate limiting or concurrency controls on the pipe mode — feed it a large URL list against a production server and you'll either get blocked or hammer bandwidth unnecessarily.