release: v1.0.2

- 124 sources (+1 xposedornot, bgpview replaced with ripestat)
- Fix gravatar MD5 transform, fofa base64 query encoding
- Fix misp_search URL resolution, threatconnect HMAC placeholder
- Fix spycloud, duckduckgo, mailboxlayer/numverify/ipstack/ipinfodb endpoints
- Fix DeHashEngine v1→v2, DorkEngine engine label, backup_endpoints consumed
- Fix Retry-After HTTP-date parsing, Hashmob API schema, FIPS hashlib crash
- Fix DB.close() event loop leak, _random_headers CH-UA override
- Add query_transform mechanism (md5_lower, fofa_domain)
- Lower scores: spyonweb, pipl_search, twitter_v2, hudsonrock rate_limit
- Clean all internal tracking comments, fix Italian docstring

sources/helpers/config_handler.py

@@ -29,13 +29,13 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "alienvault_otx_malware":  {"display": "AlienVault OTX (Malware)",   "public": True},
     "alienvault_otx_user":     {"display": "AlienVault OTX (User)",      "public": True},
     "anubis_subdomains":       {"display": "Anubis Subdomains",          "public": True},
-    "bgpview_ip":              {"display": "BGPView IP",                 "public": True},
-    "checkleaked":             {"display": "CheckLeaked",                "public": True},
+    "ripestat_ip":             {"display": "RIPE Stat IP",               "public": True},
+    "xposedornot":             {"display": "XposedOrNot",                  "public": True},
     "crt_sh":                  {"display": "crt.sh",                     "public": True},
     "cve_search":              {"display": "CVE Search",                 "public": True},
     "cxsecurity":              {"display": "CXSecurity",                 "public": True},
     "duckduckgo_api":          {"display": "Google / DDG Dorks",         "public": True},
-    "emailrep_io":             {"display": "EmailRep.io",                "public": True},
+    "emailrep_io":             {"display": "EmailRep.io",                "public": False},
     "github_users":            {"display": "GitHub Users",               "public": True},
     "gitlab_search":           {"display": "GitLab Search",              "public": True},
     "gravatar":                {"display": "Gravatar",                   "public": True},
@@ -44,7 +44,10 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "hackertarget_hostsearch": {"display": "HackerTarget Host Search",   "public": True},
     "hackertarget_reverseip":  {"display": "HackerTarget Reverse IP",    "public": True},
     "hackertarget_whois":      {"display": "WHOIS (HackerTarget)",       "public": True},
-    "hudsonrock_osint":        {"display": "HudsonRock OSINT",           "public": True},
+    "ipapi_is":                {"display": "ipapi.is",                      "public": True},
+    "circl_hashlookup":        {"display": "CIRCL Hash Lookup",             "public": True},
+    "proxynova_comb":          {"display": "ProxyNova COMB",                "public": True},
+    "shodan_internetdb":       {"display": "Shodan InternetDB",             "public": True},
     "ipapi_co":                {"display": "ipapi.co",                   "public": True},
     "ipinfo_io":               {"display": "IPInfo.io",                  "public": True},
     "ipvigilante":             {"display": "IPVigilante",                "public": True},
@@ -59,14 +62,10 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "reddit_user":             {"display": "Reddit User",                "public": True},
     "robtex_ip":               {"display": "Robtex IP",                  "public": True},
     "scamwatcher":             {"display": "ScamWatcher",                "public": True},
-    "social_scan":             {"display": "Social Scan",                "public": True},
     "sublist3r_api":           {"display": "Sublist3r API",              "public": True},
-    "threatcrowd_domain":      {"display": "ThreatCrowd (Domain)",       "public": True},
-    "threatcrowd_email":       {"display": "ThreatCrowd (Email)",        "public": True},
     "threatminer_domain":      {"display": "ThreatMiner (Domain)",       "public": True},
     "threatminer_ip":          {"display": "ThreatMiner (IP)",           "public": True},
     "urlscan_search":          {"display": "URLScan.io",                 "public": True},
-    "vigilante_pw":            {"display": "Vigilante.pw",               "public": True},
     "wayback_machine":         {"display": "Wayback Machine",            "public": True},
     # ── Private / key-required ────────────────────────────────────────
     "ABSTRACT_API_KEY":         {"display": "Abstract Email Validation", "public": False},
@@ -78,7 +77,6 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "BING_API_KEY":             {"display": "Bing Search API",           "public": False},
     "CENSYS_AUTH_BASE64":       {"display": "Censys",                    "public": False},
     "CIRCL_AUTH_BASE64":        {"display": "CIRCL.lu PDNS",             "public": False},
-    "CIT0DAY_API_KEY":          {"display": "Cit0day",                   "public": False},
     "SEON_API_KEY":             {"display": "SEON Email Intelligence",   "public": False},
     "CRIMINALIP_API_KEY":       {"display": "CriminalIP",                "public": False},
     "DEHASHED_AUTH_BASE64":     {"display": "Dehashed",                  "public": False},
@@ -108,7 +106,6 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "JOE_API_KEY":              {"display": "Joe Sandbox",               "public": False},
     "LEAKCHECK_API_KEY":        {"display": "LeakCheck",                 "public": False},
     "LEAKIX_API_KEY":           {"display": "LeakIX",                    "public": False},
-    "LEAKSTATS_API_KEY":        {"display": "LeakStats.pw",              "public": False},
     "MAILBOX_API_KEY":          {"display": "Mailboxlayer",              "public": False},
     "MALSHARE_API_KEY":         {"display": "MalShare",                  "public": False},
     "METADEFENDER_API_KEY":     {"display": "MetaDefender",              "public": False},
@@ -124,7 +121,6 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "SNUSBASE_API_KEY":         {"display": "Snusbase",                  "public": False},
     "SPYCLOUD_API_KEY":         {"display": "SpyCloud",                  "public": False},
     "SPYONWEB_API_KEY":         {"display": "SpyOnWeb",                  "public": False},
-    "SPYSE_API_KEY":            {"display": "Spyse",                     "public": False},
     "TC_API_KEY":               {"display": "ThreatConnect",             "public": False},
     "FLARE_API_KEY":            {"display": "Flare LeaksDB",              "public": False},
     "TP_API_KEY":               {"display": "ThreatPortal",              "public": False},
@@ -138,7 +134,6 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "WHOXY_API_KEY":            {"display": "Whoxy WHOIS",               "public": False},
     "ZEROBOUNCE_API_KEY":       {"display": "ZeroBounce",                "public": False},
     "ZOOMEYE_API_KEY":          {"display": "ZoomEye",                   "public": False},
-    # ── Added in v1.0.1 ───────────────────────────────────────────────
     "EMAILREP_API_KEY":         {"display": "EmailRep.io",               "public": False},
     "HASHES_COM_API_KEY":       {"display": "Hashes.com (crack API)",    "public": False},
     "THREATFOX_API_KEY":        {"display": "ThreatFox (abuse.ch)",      "public": False},
@@ -146,8 +141,8 @@ SERVICE_REGISTRY: Dict[str, Dict] = {
     "MALWAREBAZAAR_API_KEY":    {"display": "MalwareBazaar (abuse.ch)",  "public": False},
     "FULLHUNT_API_KEY":         {"display": "FullHunt (attack surface)", "public": False},
     "NETLAS_API_KEY":           {"display": "Netlas.io (internet scanner)", "public": False},
-    # ── Added in v1.0.2 ───────────────────────────────────────────────
     "LEAK_LOOKUP_API_KEY":      {"display": "Leak-Lookup",               "public": False},
+    "MISP_URL":                 {"display": "MISP Instance URL",         "public": False},
 }
 
 _PRIVATE_KEYS = {k: v for k, v in SERVICE_REGISTRY.items() if not v["public"]}