Skip to content

v1.4.0 — 16 new intel APIs, invalid-key detection, AlienVault fix

Choose a tag to compare

View all tags
@the-clipper the-clipper released this 06 Jun 20:15
· 14 commits to main since this release
v1.4.0
7e6030b

What's new in v1.4.0

Added

  • 16 new intelligence API integrations — Twitch, Mastodon (4 federated instances), Keybase, Gravatar, HackerNews, Tumblr, Flickr, Spotify, Steam, VK, Telegram (public channels), Discord (user + server), Facebook/Meta Graph, EmailRep, Intelligence X (dark web / paste / breach), and Abstract API phone validation
  • Ghost Key invalid-key indicator — TEST button in the Ghost Key Vault now detects HTTP 401/403 rejections and surfaces an amber ⚠ INVALID badge on the key row with a targeted toast message, distinct from generic network failures (✗ FAIL)
  • APIAuthError exception (intel/apis/base.py) — raised on 401/403 in _get; propagates through the orchestrator and is caught specifically by the test endpoint, keeping scan pipelines unaffected
  • WebSocket sync on late join (web/app.py, terminal.js) — server emits current scan progress to clients that connect after a scan has already started; eliminates the stuck-at-0% progress bar on page load
  • Polling fallback for live results (results.html) — a background fetch loop keeps the progress bar accurate even when SocketIO events are missed

Changed

  • AlienVault OTX timeout fix — section requests (general, reputation, geo, malware, passive_dns) now run concurrently via asyncio.gather with an 8-second per-section timeout instead of sequentially; eliminates the consistent 30s timeout caused by the slow reputation endpoint
  • People aggregator — now runs free no-key sources as a fallback baseline when no paid people-intel APIs are configured; improved field merging for names, employers, social profiles, and phone numbers
  • Socket init timinginitSocket() called at module load before DOMContentLoaded so the results page attaches scan room listeners immediately
  • Scan start delay — 1-second delay before first module fires, preventing WebSocket race where events emit before the browser joins the scan room
  • .gitignore.env.* wildcard covers all environment variants (.env.testing, .env.local, etc.); !.env.example keeps a template file committable

Fixed

  • Ghost Key TEST showing ✓ OK with 0 results for an invalid/revoked key (e.g. Shodan 403)
  • AlienVault consistently timing out on IP scans due to sequential section fetches
  • Progress bar stuck at 0% when navigating directly to a scan URL mid-run

Install / upgrade

pip install phantomsignal==1.4.0

Built with PhantomSignal · For authorized use only · Know your target's laws

Assets 4
Loading