PyPI - user-scanner - Versions diffs - 1.1.0.1__py3-none-any.whl → 1.1.0.3__py3-none-any.whl - Mend

user-scanner 1.1.0.1py3-none-any.whl → 1.1.0.3py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

user_scanner/email_scan/hosting/render.py ADDED Viewed

@@ -0,0 +1,60 @@
+import httpx
+from user_scanner.core.result import Result
+async def _check(email: str) -> Result:
+    url = "https://api.render.com/graphql"
+    payload = {
+        "operationName": "signUp",
+        "variables": {
+            "signup": {
+                "email": email,
+                "githubId": "",
+                "name": "",
+                "githubToken": "",
+                "googleId": "",
+                "gitlabId": "",
+                "bitbucketId": "",
+                "inviteCode": "",
+                "password": "StandardPassword123!",
+                "newsletterOptIn": False,
+                "next": ""
+            }
+        },
+        "query": "mutation signUp($signup: SignupInput!) {\n  signUp(signup: $signup) {\n    idToken\n    __typename\n  }\n}\n"
+    }
+    headers = {
+        "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36",
+        "Content-Type": "application/json",
+        "origin": "https://dashboard.render.com",
+        "referer": "https://dashboard.render.com/register",
+        "accept-language": "en-US,en;q=0.9"
+    }
+    async with httpx.AsyncClient(http2=True, timeout=4.0) as client:
+        try:
+            response = await client.post(url, json=payload, headers=headers)
+            if response.status_code == 429:
+                return Result.error("Rate limited, use '-d' flag to avoid bot detection")
+            data = response.json()
+            errors = data.get("errors", [])
+            if errors:
+                msg = errors[0].get("message", "")
+                if '"email":"exists"' in msg:
+                    return Result.taken()
+                elif '"hcaptcha_token":"invalid"' in msg:
+                    return Result.available()
+                else:
+                    return Result.error(f"Render Error: {msg}")
+            return Result.error("Unexpected error, report it via GitHub issues")
+        except Exception as e:
+            return Result.error(e)
+async def validate_render(email: str) -> Result:
+    return await _check(email)

user_scanner/email_scan/music/.ruff_cache/.gitignore ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ # Automatically created by ruff.
2	+ *

user_scanner/email_scan/music/.ruff_cache/0.14.10/14677874048998292530 ADDED Viewed

Binary file

user_scanner/email_scan/music/.ruff_cache/0.14.10/7544735312652879689 ADDED Viewed

Binary file

user_scanner/email_scan/music/.ruff_cache/CACHEDIR.TAG ADDED Viewed

	@@ -0,0 +1 @@
1	+ Signature: 8a477f597d28d172789f06886806bc55

user_scanner/email_scan/music/__init__.py ADDED Viewed

File without changes

user_scanner/email_scan/music/lastfm.py ADDED Viewed

@@ -0,0 +1,60 @@
+import httpx
+from user_scanner.core.result import Result
+async def _check(email: str) -> Result:
+    headers = {
+        "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36",
+        "Accept": "application/json, text/javascript, */*; q=0.01",
+        "Accept-Language": "en-US,en;q=0.9",
+        "Referer": "https://www.last.fm/join",
+        "X-Requested-With": "XMLHttpRequest",
+        "Origin": "https://www.last.fm",
+    }
+    try:
+        async with httpx.AsyncClient(timeout=5.0, follow_redirects=True) as client:
+            await client.get("https://www.last.fm/join", headers=headers)
+            token = client.cookies.get("csrftoken")
+            if not token:
+                return Result.error("CSRF token not found")
+            headers["X-CSRFToken"] = token
+            payload = {
+                "csrfmiddlewaretoken": token,
+                "userName": "",
+                "email": email,
+                "password": "",
+                "passwordConf": ""
+            }
+            response = await client.post(
+                "https://www.last.fm/join/partial/validate",
+                headers=headers,
+                data=payload
+            )
+            if response.status_code != 200:
+                return Result.error(f"HTTP {response.status_code}")
+            data = response.json()
+            email_info = data.get("email", {})
+            if email_info.get("valid") is False and any("already registered" in str(msg).lower() for msg in email_info.get("error_messages", [])):
+                return Result.taken()
+            elif email_info.get("valid") is True:
+                return Result.available()
+            else:
+                return Result.error(data)
+    except httpx.TimeoutException:
+        return Result.error("Connection timed out")
+    except Exception as e:
+        return Result.error(e)
+async def validate_lastfm(email: str) -> Result:
+    return await _check(email)

user_scanner/email_scan/music/spotify.py ADDED Viewed

@@ -0,0 +1,87 @@
+import httpx
+import json
+from user_scanner.core.result import Result
+async def _check(email: str) -> Result:
+    async with httpx.AsyncClient(http2=False, follow_redirects=True) as client:
+        try:
+            get_url = "https://www.spotify.com/in-en/signup"
+            get_headers = {
+                'User-Agent': "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36",
+                'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
+                'Accept-Encoding': "identity",
+                'sec-ch-ua': "\"Not(A:Brand\";v=\"8\", \"Chromium\";v=\"144\", \"Google Chrome\";v=\"144\"",
+                'sec-ch-ua-mobile': "?0",
+                'sec-ch-ua-platform': "\"Linux\"",
+                'upgrade-insecure-requests': "1",
+                'sec-fetch-site': "same-origin",
+                'sec-fetch-mode': "navigate",
+                'sec-fetch-user': "?1",
+                'sec-fetch-dest': "document",
+                'referer': "https://www.spotify.com/us/signup",
+                'accept-language': "en-US,en;q=0.9",
+                'priority': "u=0, i"
+            }
+            await client.get(get_url, headers=get_headers)
+            post_url = "https://spclient.wg.spotify.com/signup/public/v2/account/validate"
+            payload = {
+                "fields": [
+                    {
+                        "field": "FIELD_EMAIL",
+                        "value": email
+                    }
+                ],
+                "client_info": {
+                    "api_key": "a1e486e2729f46d6bb368d6b2bcda326",
+                    "app_version": "v2",
+                    "capabilities": [1],
+                    "installation_id": "3740cfb5-c76f-4ae9-9a94-f0989d7ae5a4",
+                    "platform": "www",
+                    "client_id": ""
+                },
+                "tracking": {
+                    "creation_flow": "",
+                    "creation_point": "https://www.spotify.com/us/signup",
+                    "referrer": "",
+                    "origin_vertical": "",
+                    "origin_surface": ""
+                }
+            }
+            post_headers = {
+                'User-Agent': "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36",
+                'Accept-Encoding': "identity",
+                'Content-Type': "application/json",
+                'sec-ch-ua-platform': "\"Linux\"",
+                'sec-ch-ua': "\"Not(A:Brand\";v=\"8\", \"Chromium\";v=\"144\", \"Google Chrome\";v=\"144\"",
+                'sec-ch-ua-mobile': "?0",
+                'origin': "https://www.spotify.com",
+                'sec-fetch-site': "same-site",
+                'sec-fetch-mode': "cors",
+                'sec-fetch-dest': "empty",
+                'referer': "https://www.spotify.com/",
+                'accept-language': "en-US,en;q=0.9",
+                'priority': "u=1, i"
+            }
+            response = await client.post(post_url, content=json.dumps(payload), headers=post_headers)
+            data = response.json()
+            if "error" in data and "already_exists" in data["error"]:
+                return Result.taken()
+            elif "success" in data:
+                return Result.available()
+            return Result.error(f"Unexpected error [{response.status_code}], report it via GitHub issues")
+        except Exception as e:
+            return Result.error(f"Exception: {e}")
+async def validate_spotify(email: str) -> Result:
+    return await _check(email)

user_scanner/email_scan/shopping/envato.py ADDED Viewed

@@ -0,0 +1,41 @@
+import httpx
+from user_scanner.core.result import Result
+async def _check(email: str) -> Result:
+    headers = {
+        'User-Agent': "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36",
+        'Accept': 'application/json',
+        'Accept-Language': 'en-US,en;q=0.9',
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Origin': 'https://account.envato.com',
+        'Referer': 'https://account.envato.com/sign_up',
+    }
+    payload = {'email': email}
+    try:
+        async with httpx.AsyncClient(timeout=10.0) as client:
+            response = await client.post(
+                'https://account.envato.com/api/validate_email',
+                headers=headers,
+                data=payload
+            )
+            if 'Email is already in use' in response.text:
+                return Result.taken()
+            if response.status_code == 200:
+                return Result.available()
+            if "Page designed by Kotulsky" in response.text or response.status_code == 429:
+                return Result.error("Rate limit or Cloudflare challenge detected")
+            return Result.error(f"Unexpected response: {response.status_code}")
+    except httpx.TimeoutException:
+        return Result.error("Connection timed out")
+    except Exception as e:
+        return Result.error(str(e))
+async def validate_envato(email: str) -> Result:
+    return await _check(email)

user_scanner/email_scan/shopping/naturabuy.py ADDED Viewed

@@ -0,0 +1,46 @@
+import httpx
+from user_scanner.core.result import Result
+async def _check(email: str) -> Result:
+    headers = {
+        'User-Agent': "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36",
+        'Accept': '*/*',
+        'Accept-Language': 'fr,fr-FR;q=0.9,en;q=0.8',
+        'X-Requested-With': 'XMLHttpRequest',
+        'Origin': 'https://www.naturabuy.fr',
+        'Referer': 'https://www.naturabuy.fr/register.php',
+    }
+    files = {
+        'jsref': (None, 'email'),
+        'jsvalue': (None, email),
+        'registerMode': (None, 'full')
+    }
+    try:
+        async with httpx.AsyncClient(timeout=10.0) as client:
+            response = await client.post(
+                'https://www.naturabuy.fr/includes/ajax/register.php',
+                headers=headers,
+                files=files
+            )
+            if response.status_code != 200:
+                return Result.error(f"Unexpected status: {response.status_code}")
+            data = response.json()
+            if data.get("free") is False:
+                return Result.taken()
+            elif data.get("free") is True:
+                return Result.available()
+            return Result.error("Unexpected response format")
+    except httpx.TimeoutException:
+        return Result.error("Connection timed out")
+    except Exception as e:
+        return Result.error(str(e))
+async def validate_naturabuy(email: str) -> Result:
+    return await _check(email)

user_scanner/email_scan/shopping/vivino.py ADDED Viewed

@@ -0,0 +1,49 @@
+import httpx
+from user_scanner.core.result import Result
+async def _check(email: str) -> Result:
+    headers = {
+        'User-Agent': "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36",
+        'Accept': 'application/json',
+        'Referer': 'https://www.vivino.com/',
+        'Accept-Language': 'en-US,en;q=0.9',
+        'X-Requested-With': 'XMLHttpRequest',
+        'Content-Type': 'application/json',
+    }
+    try:
+        async with httpx.AsyncClient(timeout=10.0) as client:
+            await client.get("https://www.vivino.com/", headers=headers)
+            payload = {
+                "email": email,
+                "password": "password123"
+            }
+            response = await client.post(
+                'https://www.vivino.com/api/login',
+                headers=headers,
+                json=payload
+            )
+            if response.status_code == 429:
+                return Result.error("Rate limit exceeded")
+            data = response.json()
+            error_msg = data.get("error", "")
+            if error_msg == "The supplied email does not exist":
+                return Result.available()
+            if not error_msg or "password" in error_msg.lower():
+                return Result.taken()
+            return Result.error(f"Vivino Error: {error_msg}")
+    except httpx.TimeoutException:
+        return Result.error("Connection timed out")
+    except Exception as e:
+        return Result.error(str(e))
+async def validate_vivino(email: str) -> Result:
+    return await _check(email)

user_scanner/email_scan/social/mastodon.py CHANGED Viewed

@@ -15,10 +15,10 @@ async def _check(email):
         "origin": "https://mastodon.social"
     }
-    async with httpx.AsyncClient(http2=True, headers=headers, follow_redirects=False) as client:
+    async with httpx.AsyncClient(http2=True, headers=headers, follow_redirects=True) as client:
         try:
             initial_resp = await client.get(signup_url)
-            if initial_resp.status_code != 200:
+            if initial_resp.status_code not in [200, 302]:
                 return Result.error(f"Failed to access signup page: {initial_resp.status_code}")
             token_match = re.search(
@@ -43,7 +43,9 @@ async def _check(email):
             res_status = response.status_code
             if "has already been taken" in res_text:
                 return Result.taken()
-            elif "has already been taken" not in res_text and res_status == 200:
+            elif "registration attempt has been blocked" in res_text:
+                return Result.error("Your IP has been flagged by mastodon, try after some time")
+            elif "has already been taken" not in res_text and res_status in [200, 302]:
                 return Result.available()
             elif res_status == 429:
                 return Result.error("Rate limited, use '-d' flag to avoid bot detection")

user_scanner/user_scan/gaming/battlenet.py ADDED Viewed

@@ -0,0 +1,65 @@
+import re
+from user_scanner.core.orchestrator import generic_validate
+from user_scanner.core.result import Result
+def validate_battlenet(user: str) -> Result:
+    """
+    Check username availability on Battle.net via Overwatch player search.
+    Battle.net uses BattleTags (Username#1234) but this validator checks
+    if the username portion exists in the Overwatch player database.
+    Note: This checks Overwatch profiles specifically. A username may exist
+    on Battle.net but not have an Overwatch profile, or vice versa.
+    API behavior:
+        - Returns JSON array with player data if username exists
+        - Returns empty array [] if username not found
+    """
+    # BattleTag username rules: 3-12 chars, letters/numbers, one optional #
+    # For this validator, we strip any #1234 discriminator if present
+    username = user.split('#')[0]
+    if not (3 <= len(username) <= 12):
+        return Result.error("Length must be 3-12 characters")
+    if not re.match(r'^[a-zA-Z][a-zA-Z0-9]*$', username):
+        return Result.error("Must start with letter, only letters and numbers allowed")
+    url = f"https://overwatch.blizzard.com/en-us/search/account-by-name/{username}"
+    headers = {
+        "User-Agent": "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Mobile Safari/537.36",
+        "Accept": "application/json",
+        "Accept-Encoding": "gzip, deflate, br, zstd",
+    }
+    def process(response):
+        if response.status_code != 200:
+            return Result.error(f"Unexpected status: {response.status_code}")
+        try:
+            data = response.json()
+            if isinstance(data, list) and len(data) == 0:
+                return Result.available()
+            elif isinstance(data, list) and len(data) > 0:
+                return Result.taken()
+            else:
+                return Result.error("Unexpected response format")
+        except Exception:
+            return Result.error("Failed to parse response")
+    return generic_validate(url, process, headers=headers, timeout=15.0, follow_redirects=True)
+if __name__ == "__main__":
+    user = input("Username?: ").strip()
+    result = validate_battlenet(user)
+    if result == 1:
+        print("Available!")
+    elif result == 0:
+        print("Unavailable!")
+    else:
+        print(f"Error occurred! Reason: {result.get_reason()}")

user_scanner/user_scan/shopping/__init__.py ADDED Viewed

File without changes

user_scanner/user_scan/shopping/vinted.py ADDED Viewed

@@ -0,0 +1,42 @@
+import difflib
+import re
+from user_scanner.core.orchestrator import generic_validate
+from user_scanner.core.result import Result
+def validate_vinted(user: str):
+    user = user.lower().strip()
+    url = f"https://www.vinted.pt/member/general/search?search_text={user}"
+    if not re.match(r"^[a-zA-Z0-9_.-]+$", user):
+        return Result.error(
+            "Usernames can only contain letters, numbers, underscores, periods and dashes"
+        )
+    if user.startswith(("_", "-", ".")) or user.endswith(("_", "-", ".")):
+        return Result.error("Cannot start/end with a special character")
+    def process(response):
+        if response.status_code != 200:
+            return Result.error("Invalid status code")
+        pattern = r"\"login\\\":\\\"([A-Za-z0-9_.-]+)"
+        search = re.findall(pattern, response.text)
+        if len(search) == 0:
+            return Result.available()
+        elif user not in search:
+            closest = difflib.get_close_matches(user, search, n=1)
+            msg = f"closest: {closest[0]}" if closest else None
+            return Result.available(msg)
+        else:
+            return Result.taken()
+    return generic_validate(url, process)
+if __name__ == "__main__":
+    user = input("Username?: ").strip()
+    validate_vinted(user).show()

user_scanner/version.json CHANGED Viewed

@@ -1,4 +1,4 @@
 {
-"version": "1.1.0.1",
+"version": "1.1.0.2",
 "version_type": "pypi"
 }

{user_scanner-1.1.0.1.dist-info → user_scanner-1.1.0.3.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: user-scanner
-Version: 1.1.0.1
+Version: 1.1.0.3
 Summary: Check username availability across multiple popular platforms
 Keywords: username,checker,availability,social,tech,python,user-scanner
 Author-email: Kaif <kafcodec@gmail.com>
@@ -16,7 +16,7 @@ Project-URL: Homepage, https://github.com/kaifcodec/user-scanner
 ![User Scanner Logo](https://github.com/user-attachments/assets/49ec8d24-665b-4115-8525-01a8d0ca2ef4)
 <p align="center">
-  <img src="https://img.shields.io/badge/Version-1.1.0.1-blueviolet?style=for-the-badge&logo=github" />
+  <img src="https://img.shields.io/badge/Version-1.1.0.3-blueviolet?style=for-the-badge&logo=github" />
   <img src="https://img.shields.io/github/issues/kaifcodec/user-scanner?style=for-the-badge&logo=github" />
   <img src="https://img.shields.io/badge/Tested%20on-Termux-black?style=for-the-badge&logo=termux" />
   <img src="https://img.shields.io/badge/Tested%20on-Windows-cyan?style=for-the-badge&logo=Windows" />
@@ -26,8 +26,6 @@ Project-URL: Homepage, https://github.com/kaifcodec/user-scanner
 ---
-### ⚠️ Email OSINT mode had not been implemented yet, still in progress
 A powerful *Email OSINT tool* that checks if a specific email is registered on various sites, combined with *username scanning* for branding or OSINT — 2-in-1 tool.
 Perfect for fast, accurate and lightweight email OSINT
@@ -54,12 +52,28 @@ Perfect for finding a **unique username** across GitHub, Twitter, Reddit, Instag
 - ✅ **Bulk email scanning** from file support for checking multiple emails at once
 ---
-## Installation
+## Virtual Environment (optional but recommended)
 ```bash
-pip install user-scanner
+# create venv
+python -m venv .venv
+````
+## Activate venv
+```bash
+# Linux / macOS
+source .venv/bin/activate
+# Windows (PowerShell)
+.venv\Scripts\Activate.ps1
 ```
+## Installation
+```bash
+# upgrade pip
+python -m pip install --upgrade pip
+# install
+pip install user-scanner
+```
 ---
 ## Important Flags
@@ -169,9 +183,11 @@ user-scanner -U
 - Note*: New modules are constantly getting added so this might have only limited, outdated output:
-<img width="1072" height="848" alt="user-scanner's main usage screenshot" src="https://github.com/user-attachments/assets/34e44ca6-e314-419e-9035-d951b493b47f" />
+<img width="1080" height="656" alt="1000146096" src="https://github.com/user-attachments/assets/1101e2f8-18ea-45a4-9492-92e237ecc670" />
+---
+<img width="1072" height="848" alt="user-scanner's main usage screenshot" src="https://github.com/user-attachments/assets/34e44ca6-e314-419e-9035-d951b493b47f" />
 ---
@@ -224,6 +240,16 @@ See [CONTRIBUTING.md](CONTRIBUTING.md) for examples.
 This project is licensed under the **MIT License**. See [LICENSE](LICENSE) for details.
+---
+## ⚠️ Disclaimer
+This tool is provided for **educational purposes** and **authorized security research** only.
+- **User Responsibility:** Users are solely responsible for ensuring their usage complies with all applicable laws and the Terms of Service (ToS) of any third-party providers.
+- **Methodology:** The tool interacts only with **publicly accessible, unauthenticated web endpoints**. It does not bypass authentication, security controls, or access private user data.
+- **No Profiling:** This software performs only basic **yes/no availability checks**. It does not collect, store, aggregate, or analyze user data, behavior, or identities.
+- **Limitation of Liability:** The software is provided **“as is”**, without warranty of any kind. The developers assume no liability for misuse or any resulting damage or legal consequences.
 ---

user-scanner 1.1.0.1__py3-none-any.whl → 1.1.0.3__py3-none-any.whl

user-scanner 1.1.0.1py3-none-any.whl → 1.1.0.3py3-none-any.whl