[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-80030":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":17,"compositeScore":19,"rankGlobal":10,"rankLanguage":10,"license":10,"archived":20,"fork":20,"defaultBranch":21,"hasWiki":22,"hasPages":20,"topics":23,"createdAt":10,"pushedAt":10,"updatedAt":34,"readmeContent":35,"aiSummary":36,"trendingCount":15,"starSnapshotCount":15,"syncStatus":14,"lastSyncTime":37,"discoverSource":38},80030,"WhoCord","Siv-nick\u002FWhoCord","Siv-nick","Scans Discord links across mutual guilds to extract profiles, cross‑references 700+ sites, searches usernames with 30+ tools, and generates an AI‑powered report.","",null,"Python",71,6,2,0,1,3,4,2.54,false,"master",true,[24,25,26,27,28,29,30,31,32,33],"breach-check","discord","discord-token","infosec","investigation","osint","osint-tool","osint-tools","profiling","python","2026-06-12 02:03:57","[![GitHub release](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002FSiv-nick\u002FWhoCord)](https:\u002F\u002Fgithub.com\u002FSiv-nick\u002FWhoCord\u002Freleases)\n[![License: MIT](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-MIT-yellow.svg)](LICENSE)\n[![GitHub stars](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002FSiv-nick\u002FWhoCord)](https:\u002F\u002Fgithub.com\u002FSiv-nick\u002FWhoCord\u002Fstargazers)\n[![Portable](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fdistribution-portable_zip-blue)](#)\n[![Python 3.10+](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fpython-3.10+-blue.svg)](https:\u002F\u002Fwww.python.org\u002Fdownloads\u002F)\n\n\u003Cp align=\"center\">\n  \u003Cimg src=\"logo.png\" alt=\"WhoCord\" width=\"1000\">\n\u003C\u002Fp>\n\n# 🕵️‍♂️ WhoCord v1.1\n\n**Turn any username, email, domain, phone number, image, URL, or probe string into a full identity profile.**\n\nWhoCord is a modular OSINT investigation platform that runs dozens of open‑source tools, builds a knowledge graph, detects correlations, and generates an AI‑enhanced dark‑themed HTML report – all streamed live to a modern React dashboard.\n\n---\n\n## ⚡ Features\n\n* **8 investigation modules** – Username \u002F Manual, Discord, Email, Domain, Phone, Image, URL, Data Probe (auto‑detect).\n* **Discord‑native link resolution** – extracts and resolves Instagram, TikTok, Facebook, and Twitter tracking links shared by a target user.\n* **Full identity pipeline** – names, emails, locations, breach data, GitHub history, avatar metadata, and Google account info (GHunt).\n* **Email intelligence** – Holehe (site registrations), h8mail, HIBP, EmailRep, GHunt, Blackbird email search, MOSINT (social account flags).\n* **Domain investigation** – WHOIS, DNS records, SSL certificate, IP geolocation, subdomain enumeration, theHarvester.\n* **Phone investigation** – number validation, carrier lookup, PhoneInfoga OSINT.\n* **Image analysis** – EXIF metadata, perceptual hash, reverse image search, OCR text extraction.\n* **URL analysis** – HTTP metadata, redirect trace, page metadata, Open Graph tags, Safe Browsing check, Wayback snapshot.\n* **Data Probe** – paste anything (email, domain, phone, URL, username) and WhoCord auto‑detects the type.\n* **Knowledge graph & correlations** – 5 detectors (avatar reuse, email‑platform cluster, username variants, name‑email link, location consistency).\n* **AI‑generated reports** – LLaMA 3.3 (via Groq) produces structured narrative and persona summary.\n* **Dark‑themed HTML report** – collapsible platform cards, avatar display, breach tags, pivot sub‑reports, technical data.\n* **Live SSE streaming** – watch investigations in real time with stage list, finding cards, and console logs.\n* **Pivot system** – recursive investigation of discovered emails\u002Fusernames with user confirmation modal.\n* **Secure token storage** – API keys stored in your OS keyring, never in plain text.\n* **Web dashboard** – run investigations from your browser, toggle tools, manage tokens, view history.\n\n---\n\n## 🚀 Quick Start (recommended)\n\n1. **Download the portable zip** from the [Releases page](https:\u002F\u002Fgithub.com\u002FSiv-nick\u002FWhoCord\u002Freleases) (Linux 64‑bit, ~500 MB).\n2. **Extract** the archive anywhere:\n   ```bash\n   unzip WhoCord.zip -d WhoCord\n   ```\n3. **Run the web dashboard**:\n   ```bash\n   cd WhoCord\n   .\u002Frun.sh\n   ```\n   *(opens your browser automatically)*\n\n**No Python, pip, or tool installation is required** – everything is bundled inside.\n\n---\n\n## 📦 Installation (from source – for developers)\n\n### 1. Clone the repository\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002FSiv-nick\u002FWhoCord.git\ncd WhoCord\n```\n\n### 2. Create a Python virtual environment\n```bash\npython3 -m venv venv\nsource venv\u002Fbin\u002Factivate   # Linux \u002F macOS\n```\n\n### 3. Install WhoCord and its Python dependencies\n```bash\npip install -e .\n```\n\n### 4. Install external command‑line tools (most via pip)\n\nAll required tools can be installed with a single `pip install` command:\n\n```bash\n# Username search tools\npip install sherlock-project maigret naminter linkook\n\n# Email intelligence tools\npip install holehe h8mail theHarvester\n\n# GitHub & Google tools\npip install gitfive ghunt\n\n# Phone & image analysis\npip install phoneinfoga pillow imagehash pytesseract\n\n# Domain investigation\npip install dnspython\n```\n\n### 5. Install Blackbird (email & username search on 600+ sites)\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Fp1ngul1n0\u002Fblackbird\ncd blackbird\npip install -r requirements.txt\ncd ..\n```\n> The required data file (`wmn-data.json`) is auto‑downloaded on first use. If that fails, download it manually from [WhatsMyName](https:\u002F\u002Fraw.githubusercontent.com\u002FWebBreacher\u002FWhatsMyName\u002Fmain\u002Fwmn-data.json) and place it in `blackbird\u002Fdata\u002F`.\n\n### 6. Install system WHOIS (required for domain investigations)\n```bash\nsudo apt install whois          # Debian\u002FUbuntu\n# brew install whois            # macOS\n```\n\n### 7. (Optional) Authenticate GHunt for Google account intelligence\n```bash\nghunt login\n```\nFollow the instructions to authenticate with your Google account.\n\n### 8. Build the frontend (required for source installations)\n\nThe web dashboard requires a compiled React frontend. Make sure you have **Node.js 18+** and **npm** installed, then run:\n\n```bash\ncd frontend\nnpm install\nnpm run build\ncd ..\n```\n\nThis creates the `frontend\u002Fdist\u002F` folder that Flask serves automatically.\n\n### 9. Launch the web dashboard\n```bash\npython web_app.py\n```\nThen open `http:\u002F\u002F127.0.0.1:5000`.  \nOr use the one‑click launcher: `.\u002Frun.sh`.\n\n\u003Cp align=\"center\"> \u003Cimg src=\"dashboard.png\" alt=\"WhoCord Dashboard\" width=\"700\"> \u003C\u002Fp>\n\n---\n\n## 🚀 Usage\n\n### Web Dashboard (primary interface)\n\nThe dashboard offers eight investigation modules:\n\n| Module | Input | Tools run |\n|--------|-------|------------|\n| **Username \u002F Manual** | username (optional email) | Sherlock, Maigret, Blackbird, Naminter, Linkook, Sociopath, scraping, analysis, intelligence, email tools |\n| **Discord User** | user ID + guild ID | Discord profile fetch, message crawling, tracking‑link resolution |\n| **Email Address** | email | Holehe, h8mail, HIBP, EmailRep, GHunt, SMTP, Gravatar, Scylla, Blackbird email, MOSINT |\n| **Domain** | domain | WHOIS, DNS, SSL, IP geolocation, subdomain enumeration, theHarvester |\n| **Phone Number** | phone | phonenumbers library, carrier lookup, PhoneInfoga |\n| **Image Analysis** | image URL | EXIF, perceptual hash, reverse search, OCR |\n| **URL Analysis** | URL | HTTP meta, redirects, page metadata, Open Graph, Safe Browsing, Wayback |\n| **Data Probe** | any string | auto‑detects type and runs the appropriate module |\n\n**Live investigation page** shows:\n- Stage list with real‑time status\n- Finding cards (emails, names, breaches, correlations)\n- Console logs (raw tool output)\n- Pivot confirmation modal (when enabled)\n\n**History page** – list all past investigations with links to reports and JSON intel.\n\n**Config page** – manage API tokens, toggle tools, set pivot options, upgrade tools.\n\n### Interactive menu (legacy CLI)\n\n```bash\ndiscord-osint\n```\n\nThen use the numbered menu to toggle tools, set tokens, and start investigations.\n\n### Command‑line mode (limited to manual\u002Fdiscord)\n```bash\ndiscord-osint --mode manual --target someusername --output html --debug\n```\n\n---\n\n## 📁 Output files\n\nAll results are saved in **`investigation_cache\u002F`**:\n\n| File | Description |\n|---|---|\n| `intel_*.json` | Complete intelligence snapshot (structured JSON) |\n| `report_*.md` | AI‑generated markdown report (if Groq enabled) |\n| `report_*.html` | Interactive dark‑themed HTML report |\n| `blackbird_output\u002F` | Raw Blackbird JSON results |\n| `socialscan_output\u002F` | Socialscan results |\n| `debug_*.log` | Detailed debug logs (when debug mode is on) |\n\n### HTML report sections\n- Identity (Discord handle, name clues, location, language, confidence scores)\n- Persona Summary (AI)\n- Social Profiles (collapsible platform cards with avatars, bios, extra fields)\n- Email Intelligence (breach tags, MOSINT flags)\n- Intelligence Analysis (graph stats, narrative, correlations)\n- Pivot Sub‑Investigations\n- Technical Data (WHOIS, DNS, SSL, IP geolocation, subdomains, theHarvester, phone, URL analysis, GHunt)\n\n---\n\n## 🛠️ Tools & technologies\n\nWhoCord integrates these open‑source OSINT projects:\n\n| Category | Tools |\n|----------|-------|\n| **Username search** | Sherlock, Maigret, Blackbird, Naminter, Linkook, Sociopath, Social Analyzer, Toutatis |\n| **Email intelligence** | Holehe, h8mail, HIBP, EmailRep, GHunt, MOSINT, Scylla, Gravatar, SMTP verification |\n| **Domain & DNS** | WHOIS (system), dnspython, theHarvester, sublist3r (fallback wordlist) |\n| **Phone** | phonenumbers, PhoneInfoga, AbstractAPI (free) |\n| **Image** | Pillow, imagehash, exifread, SauceNAO (reverse image), Tesseract OCR |\n| **URL** | requests, BeautifulSoup, Google Safe Browsing, Wayback Machine |\n| **Intelligence** | networkx, socid‑extractor, Groq (LLaMA 3.3) |\n| **Web dashboard** | Flask, React, TypeScript, Tailwind CSS, SSE |\n\n---\n\n## 🔄 Updates\n\nCheck [CHANGELOG.md](CHANGELOG.md) for version history.\n\n---\n\n## 🔒 Security & privacy\n\n- **Tokens are never stored in plain text** – kept in your OS keyring.\n- `config.json` only contains non‑sensitive toggles.\n- All investigation data stays on your machine inside `investigation_cache\u002F`.\n\n---\n\n## ⚠️ Disclaimer\n\nWhoCord is intended for **educational purposes** and **authorised security testing** only.  \nDo not use it to stalk, harass, or violate anyone’s privacy.  \nThe author assumes no liability for misuse.\n\n---\n\n## 📄 License\n\nMIT License\n","WhoCord 是一个用于从 Discord 链接中提取用户资料并进行跨平台信息搜集的工具，能够检查超过700个网站，并使用30多种工具搜索用户名，最终生成由AI驱动的报告。其核心功能包括8种调查模块（如用户名、Discord、电子邮件等），支持解析Discord原生链接以发现目标用户的社交媒体账号，以及对电子邮件、域名、电话号码和图片等内容进行全面分析。此外，它还具备构建知识图谱、检测数据关联性及生成暗色主题HTML报告的能力。适用于网络安全调查、个人信息收集与分析等领域。","2026-06-11 03:58:57","CREATED_QUERY"]