u/TheRealCrazegaming

Long-time lurker. I do recon as a hobby and got tired of every

investigation starting the same way — sherlock, then theHarvester,

then holehe, then phoneinfoga, then a dozen tabs of crt.sh /

Wayback / HIBP.

So I spent the last few months building a single-menu Python

framework. Pick a number, run a module, get an HTML + JSON

report. 13 modules so far:

[1] Domain — WHOIS, DNS, SSL, WAF, crt.sh, Wayback, SPF/DKIM grade

[2] IP — geo, ASN, reverse DNS, port scan, 16 blacklists, threat score

[3] Email — SMTP existence, HIBP, Gravatar

[4] Username — 115+ platforms

[5] Phone — carrier, region, line type

[6] Google Dorks

[7] Auto Detect — infer input type, run everything relevant

[9] Email Header Analyzer — SPF/DKIM trace

[10] Leak Search — HIBP + paste sites + GitHub

[11] File Metadata — EXIF/GPS, PDF/DOCX

[12] URL Scanner — redirects + phishing score

[13] Network Scanner — subnet sweep + ports

[14] Crypto Wallet Lookup — BTC / ETH

What I'd genuinely like input on:

1. IP threat-scoring weights — currently blacklist hits 60%,

   port exposure 25%, geo-anomaly 15%. Anyone with stronger

   heuristics?

2. The username module hits 115+ platforms but a lot are

   unreliable. Which would you trim, which would you add?

3. Anything obvious missing from the module list?

Authorized targets only — strict on that.

What would you change?

[supprimé]