maint: patch sources, engine hardening, proxy update for v1.0.1

sources/cit0day.json

@@ -1,32 +0,0 @@
-{
-    "name": "cit0day",
-    "category": "breaches",
-    "endpoint": "https://cit0day.in/api/v1/search?query={target}",
-    "method": "GET",
-    "requires_auth": true,
-    "selectors": {
-        "results": "$.results"
-    },
-    "rate_limit": 1.0,
-    "headers": {
-        "Authorization": "Bearer {CIT0DAY_API_KEY}"
-    },
-    "api_key_slots": [
-        "{CIT0DAY_API_KEY}"
-    ],
-    "input_type": "email",
-    "output_type": [
-        "email"
-    ],
-    "normalization_map": {},
-    "tags": [
-        "passive",
-        "stealth"
-    ],
-    "health_check_url": "https://cit0day.in",
-    "expected_status": 200,
-    "reliability_score": 2,
-    "is_volatile": true,
-    "backup_endpoints": [],
-    "confidence": 0.55
-}

sources/helpers/config_handler.py

@@ -94,7 +94,6 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "GOOGLE_CX_KEY":            {"display": "Google Custom Search (API key)", "public": False},
     "GOOGLE_CX_ID":            {"display": "Google Custom Search (CX ID)",   "public": False},
     "GREYNOISE_API_KEY":        {"display": "GreyNoise",                 "public": False},
-    "HASHES_API_KEY":           {"display": "Hashes.org",                "public": False},
     "HIBP_API_KEY":             {"display": "HaveIBeenPwned",            "public": False},
     "HIPPO_API_KEY":            {"display": "EmailHippo",                "public": False},
     "HUNTER_API_KEY":           {"display": "Hunter.io",                 "public": False},
@@ -147,6 +146,8 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "MALWAREBAZAAR_API_KEY":    {"display": "MalwareBazaar (abuse.ch)",  "public": False},
     "FULLHUNT_API_KEY":         {"display": "FullHunt (attack surface)", "public": False},
     "NETLAS_API_KEY":           {"display": "Netlas.io (internet scanner)", "public": False},
+    # ── Added in v1.0.2 ───────────────────────────────────────────────
+    "LEAK_LOOKUP_API_KEY":      {"display": "Leak-Lookup",               "public": False},
 }
 
 _PRIVATE_KEYS = {k: v for k, v in SERVICE_REGISTRY.items() if not v["public"]}

sources/hudsonrock_osint.json

@@ -7,8 +7,10 @@
     "selectors": {
         "stealers": "$.stealers"
     },
-    "rate_limit": 1.0,
-    "headers": {},
+    "rate_limit": 5.0,
+    "headers": {
+        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36"
+    },
     "api_key_slots": [],
     "input_type": "email",
     "output_type": [
@@ -25,7 +27,7 @@
     ],
     "health_check_url": "https://cavalier.hudsonrock.com",
     "expected_status": 200,
-    "reliability_score": 4,
+    "reliability_score": 3,
     "backup_endpoints": [],
-    "confidence": 0.85
+    "confidence": 0.7
 }

sources/intelx_search.json

@@ -40,5 +40,9 @@
     "expected_status": 200,
     "reliability_score": 5,
     "backup_endpoints": [],
+    "poll_endpoint": "https://2.intelx.io/intelligent/search/result",
+    "poll_id_field": "id",
+    "poll_id_param": "id",
+    "poll_json_root": "records",
     "confidence": 1.0
 }

sources/leak_lookup.json

@@ -3,17 +3,21 @@
     "category": "breaches",
     "endpoint": "https://leak-lookup.com/api/search",
     "method": "POST",
-    "requires_auth": false,
+    "requires_auth": true,
     "selectors": {
         "results": "$.message"
     },
     "rate_limit": 1.0,
-    "headers": {},
+    "headers": {
+        "X-API-Key": "{LEAK_LOOKUP_API_KEY}"
+    },
     "payload_template": {
         "query": "{target}",
         "type": "email_address"
     },
-    "api_key_slots": [],
+    "api_key_slots": [
+        "{LEAK_LOOKUP_API_KEY}"
+    ],
     "input_type": "email",
     "output_type": [
         "email"

sources/scylla_sh_search.json

@@ -1,35 +0,0 @@
-{
-    "name": "scylla_sh_search",
-    "category": "breaches",
-    "endpoint": "https://scylla.so/search?q={target}",
-    "method": "GET",
-    "requires_auth": false,
-    "selectors": {
-        "results": "$.*"
-    },
-    "rate_limit": 1.0,
-    "headers": {},
-    "api_key_slots": [],
-    "input_type": "email",
-    "output_type": [
-        "email",
-        "domain"
-    ],
-    "normalization_map": {},
-    "tags": [
-        "passive",
-        "stealth"
-    ],
-    "health_check_url": "https://scylla.so",
-    "expected_status": 200,
-    "reliability_score": 2,
-    "is_volatile": true,
-    "bypass_required": [
-        "cloudflare"
-    ],
-    "user_agent_type": "browser",
-    "backup_endpoints": [
-        "https://scylla.so/api/search?q={target}"
-    ],
-    "confidence": 0.55
-}

sources/twitter_v2.json

@@ -24,7 +24,7 @@
     ],
     "health_check_url": "https://api.twitter.com",
     "expected_status": 200,
-    "reliability_score": 4,
+    "reliability_score": 1,
     "backup_endpoints": [],
-    "confidence": 0.85
+    "confidence": 0.4
 }

sources/vigilante_pw.json

@@ -1,28 +0,0 @@
-{
-    "name": "vigilante_pw",
-    "category": "breaches",
-    "endpoint": "https://vigilante.pw/api/search?q={target}",
-    "method": "GET",
-    "requires_auth": false,
-    "selectors": {
-        "results": "$.results"
-    },
-    "rate_limit": 1.0,
-    "headers": {},
-    "api_key_slots": [],
-    "input_type": "email",
-    "output_type": [
-        "email"
-    ],
-    "normalization_map": {},
-    "tags": [
-        "passive",
-        "stealth"
-    ],
-    "health_check_url": "https://vigilante.pw",
-    "expected_status": 200,
-    "reliability_score": 2,
-    "is_volatile": true,
-    "backup_endpoints": [],
-    "confidence": 0.55
-}