Interactive Steam profile intelligence and public-data collection tool.
Русская версия · Installation · Screenshots · API keys · Sources
SteamRecon is a local Python CLI application for collecting, normalizing and reviewing publicly available information connected to a Steam profile.
The program accepts multiple Steam identifier formats, resolves them to a SteamID64, runs the enabled source connectors and produces a structured HTML report. The report combines profile data, public friends, games, badges, achievements, media, public inventories, aliases, avatar history, competitive-game profiles, source diagnostics and changes between locally stored snapshots.
SteamRecon uses three types of sources:
- Official Steam pages and APIs
- Public third-party APIs and pages
- Link-only pivots for manual verification
The program does not attempt to bypass private profiles, authentication pages, CAPTCHA, rate limits or service restrictions.
Important
SteamRecon collects only information exposed publicly by Steam and connected services. A match, nickname, avatar or external profile link is not proof that two identities belong to the same person. All findings require manual verification.
| Area | Available data |
|---|---|
| Identity | SteamID64, SteamID2, SteamID3, AccountID, hexadecimal Steam ID, custom URL and profile URL |
| Profile | Display name, real name, country, profile summary, level, creation date, online status and privacy state |
| Reputation | VAC bans, game bans, community bans, economy restrictions and external reputation pivots |
| Friends | Public friend list, avatars, online states, current games and mutual-friend comparison |
| Games | Owned games, recent games, playtime, game images, current-player counts and game metadata |
| Community | Groups, comments, reviews, badges, achievements, showcases and profile counters |
| Media | Screenshots, artwork, videos, workshop files, guides and collections |
| Inventory | Public inventories for Steam Community, CS2, TF2 and Dota 2 |
| History | Public aliases, downloaded avatars, image hashes and local profile snapshots |
| Competitive profiles | FACEIT, OpenDota, logs.tf, demos.tf, ETF2L and backpack.tf |
| Diagnostics | Source status, response time, HTTP status, redirect target, parsed item count and connector errors |
-
Interactive numeric CLI
- No required command-line flags
- No arrow-key navigation
- Select a number and press Enter
-
Multiple Steam identifier formats
- SteamID64
- SteamID2
- SteamID3
- AccountID
- Steam hexadecimal ID
- Steam profile URL
- Steam custom URL
- Plain vanity name
-
Public profile collection
- Steam profile information
- Friends and groups
- Comments and profile activity
- Games and recent activity
- Badges and achievements
- Reviews and community media
- Public inventories
-
Source diagnostics
- Honest result statuses
- Per-request HTTP diagnostics
- Blocked/private/not-found detection
- No fake successful results for link-only services
-
Local investigation history
- Previous reports
- Profile snapshots
- Avatar archive
- Change detection
-
Standalone HTML reports
- Embedded CSS and JavaScript
- Embedded project logo
- Embedded current profile avatar
- Search and filters
- Expandable collections
- Image lightbox
- Dark and light themes
- Print-friendly layout
-
Russian and English interface
SteamRecon starts directly in an interactive menu. Every operation has a numeric shortcut, so the tool can be used without memorizing flags or subcommands.
From the main menu you can:
- analyze a Steam profile;
- run source diagnostics;
- compare two Steam profiles;
- inspect a game by AppID;
- reopen previous reports;
- view stored profile snapshots;
- configure API keys and collection limits;
- enable or disable individual sources.
The CLI header contains only the SteamRecon ASCII art. Version text, marketing slogans and decorative panels are intentionally omitted.
During collection, SteamRecon displays each source separately and reports its real state.
A source can return valid data, no public records, a private response, a missing profile, a missing API key, a block page or an unexpected error. Failure of one connector does not stop the rest of the analysis.
The collector also records:
- request duration;
- final URL after redirects;
- HTTP response code;
- content type;
- number of parsed records;
- optional request failures;
- pagination stop reason;
- configured collection limits.
The report opens with a visual profile header rather than a raw table.
When available, SteamRecon displays:
- the current Steam avatar;
- profile background;
- avatar frame;
- display name;
- SteamID64;
- custom profile URL;
- account level;
- online state;
- country;
- main public counters;
- direct profile and copy buttons.
The header adapts to the information actually exposed by the profile. Missing fields are omitted instead of being filled with invented values.
The activity section summarizes the public footprint of the account.
It can include:
- profile awards;
- badge count;
- public inventory count;
- declared and collected screenshot counts;
- reviews;
- declared and parsed friend counts;
- friend states;
- games currently played by friends;
- detected profile showcases;
- collected media totals.
Large friend lists are presented as visual cards with avatars, profile links, state indicators and current-game information. SteamRecon validates the parsed friend list against the public count when Steam exposes one.
Public media and community data are rendered as visual collections instead of JSON dumps.
Depending on profile visibility, the report can display:
- badge artwork;
- achievement icons;
- game cover images;
- screenshots;
- artwork;
- workshop content;
- review images;
- group avatars;
- comment-author avatars;
- historic profile avatars.
Image collections support filtering, gradual expansion and fullscreen preview. Very large pages are collapsed by default so that profiles containing hundreds of friends, thousands of games or large media galleries remain usable.
Steam identifier
│
▼
Local format detection
│
▼
SteamID64 normalization
│
├── Official Steam sources
├── Public APIs and pages
├── Local analysis
└── Manual external pivots
│
▼
Normalized profile model
│
├── HTML report
├── History record
├── Profile snapshot
└── Avatar archive
The program does not simply combine page text. Each automatic connector returns normalized fields, items, a result status and diagnostic data. The report renderer then decides how those records should be displayed.
SteamRecon automatically accepts and normalizes the following values:
76561197960287930
STEAM_0:0:11101
[U:1:22202]
22202
steam:1100001000056ba
https://steamcommunity.com/profiles/76561197960287930
https://steamcommunity.com/id/customname
customname
| Input | Example |
|---|---|
| SteamID64 | 76561197960287930 |
| SteamID2 | STEAM_0:0:11101 |
| SteamID3 | [U:1:22202] |
| AccountID | 22202 |
| Hexadecimal Steam ID | steam:1100001000056ba |
| Profile URL | https://steamcommunity.com/profiles/... |
| Custom URL | https://steamcommunity.com/id/... |
| Vanity name | customname |
SteamRecon currently contains 37 source definitions:
| Source type | Count | Behavior |
|---|---|---|
| Automatic sources | 18 | Data is requested, parsed, validated and added to the report |
| Link-only sources | 19 | A direct lookup link or prepared value is created for manual review |
Note
Link-only services are not presented as successfully collected data. They remain clearly marked as manual pivots in the report and diagnostics.
| Source | Mode | Data |
|---|---|---|
| Steam Community | Official pages/XML | Core profile, visible fields, groups and games |
| Steam alias history | Official endpoint | Persona names exposed by Steam |
| Steam profile activity | Local parser | Counters, links, showcases and public activity |
| Steam public pages | Official HTML | Friends, badges, media, reviews, workshop, guides and collections |
| Steam Web API | Official API | Summary, bans, level, games, friends, badges and achievements |
| Steam public inventory | Official endpoint | Public Steam, CS2, TF2 and Dota 2 inventory summaries |
| socid-extractor | Local library | Identifiers and links found in downloaded profile HTML |
| OpenDota | Public API | Dota 2 profile, rank, win/loss and recent matches |
| FACEIT Data API | Official API | FACEIT identity, ELO, skill level and game statistics |
| logs.tf | Public HTML | Competitive TF2 logs uploaded by the player |
| demos.tf | Public API | Public TF2 demos connected to the account |
| ETF2L | Public API | Competitive TF2 profile and results |
| backpack.tf | Public API | Public trading and reputation fields |
| Steam Store | Official endpoint | Game metadata and images |
| Steam Reviews | Official endpoint | Public review totals and rating summary |
| Steam current players | Official endpoint | Current players for an AppID |
| Steam Charts | Public HTML | Historical player-count information |
| SteamSpy | Public API | Owners estimate, tags, playtime and game statistics |
Show all manual pivots
- SteamHistory
- SteamID.uk
- rep.tf
- SteamRep
- Faceit Finder
- CSStats.gg
- VacList
- Community Ban List
- STEAMID I/O
- SteamID64.net
- SteamID.xyz
- FindSteamID
- Steam Ladder
- completionist.me
- AStats
- Steam Hunters
- Dotabuff
- SteamID.Pro
- SteamAnalyst
Every automatic connector uses a specific result status.
| Status | Meaning |
|---|---|
ok |
Valid public data was received and parsed |
degraded |
Useful data was collected, but one or more optional requests failed |
empty |
The source responded correctly but returned no matching records |
private |
The requested information is hidden by privacy settings |
not_found |
No matching account or game profile was found |
needs_key |
The connector requires an API key that is not configured |
blocked |
Automated access was rejected, rate-limited or challenged |
link_only |
A manual lookup link was prepared; no data was claimed |
skipped |
The source was disabled or a dependency was unavailable |
error |
An unexpected network, parsing or data-format error occurred |
This distinction is important. A 403, CAPTCHA page, empty profile or prepared URL must not be reported as a successful collection result.
SteamRecon works without API keys for its core Steam Community collection. API keys unlock additional official or structured data.
| API | Required? | What it enables | Where it is configured |
|---|---|---|---|
| Steam Web API | Optional | Official summary, bans, level, games, recent games, friends, badges and achievements | Settings → Steam Web API key |
| FACEIT Data API | Optional | FACEIT player lookup, game identity, ELO, level and statistics | Settings → FACEIT Data API key |
| backpack.tf API | Optional | Public TF2 trading and reputation enrichment | Settings → backpack.tf API key |
| OpenDota | No key in the current connector | Public Dota 2 profile and recent match data | Enabled sources |
| Steam Store / Reviews / current players | No user key | Public game information | Enabled sources |
| SteamSpy | No key | Public game estimates and tags | Enabled sources |
Create a key on Steam:
https://steamcommunity.com/dev/apikey
The key enables the official Steam Web API connector.
Steam may still withhold information because of profile privacy. For example, the official friend-list endpoint can return 401 Unauthorized when a user keeps the friend list private.
Create a FACEIT developer application and an API key:
https://developers.faceit.com/
The connector sends the key using the required bearer authorization header.
Request or manage a backpack.tf API key:
https://backpack.tf/developer/apikey/view
Respect backpack.tf API limits and terms. SteamRecon does not scrape around API restrictions or rate limiting.
Keys entered through the SteamRecon settings menu are saved locally:
Windows
%USERPROFILE%\.steamrecon\settings.json
Linux and macOS
~/.steamrecon/settings.json
Warning
settings.json contains API keys as local configuration values. Do not publish it, upload it to GitHub or send it with a report.
The default .gitignore excludes local runtime data, but user configuration is stored outside the repository as an additional safeguard.
- Python 3.10 or newer
- Internet connection for live collection
- A terminal with UTF-8 support
- Git, or a downloaded ZIP archive
Python dependencies:
| Package | Purpose |
|---|---|
requests |
HTTP requests and API calls |
beautifulsoup4 |
Public HTML parsing |
Pillow |
Avatar processing and image hashes |
rich |
Terminal rendering |
socid-extractor |
Local identifier and link extraction |
git clone https://github.com/zakhar-git/SteamRecon.git
cd SteamRecon- Open the repository.
- Press Code.
- Select Download ZIP.
- Extract the archive.
- Open a terminal inside the extracted
SteamRecondirectory.
python -m venv .venv
.venv\Scripts\activate
python -m pip install --upgrade pip
pip install -r requirements.txt
python main.pypython3 -m venv .venv
source .venv/bin/activate
python -m pip install --upgrade pip
pip install -r requirements.txt
python main.pyRun SteamRecon from the project directory:
python main.pyNo CLI arguments are required.
1. Analyze Steam profile
2. Source diagnostics
3. Compare two profiles
4. Analyze game by AppID
5. History
6. Profile snapshots
7. Settings
8. Sources
9. About
0. Exit
- Choose Analyze Steam profile.
- Enter a supported Steam identifier.
- Wait for enabled sources to finish.
- Open the generated HTML report.
- Review source statuses before using the collected data.
Diagnostics tests the enabled source connectors and creates a separate HTML report containing:
- source mode;
- result status;
- HTTP code;
- response time;
- final URL;
- content type;
- parsed item count;
- pagination details;
- failure reason;
- whether an API key is missing;
- manual reachability checks for link-only sources.
Use diagnostics after installing SteamRecon, changing API keys or noticing that a third-party service has changed.
The comparison workflow resolves two profiles and can show:
- normalized identifiers;
- basic profile differences;
- public mutual friends;
- source availability;
- direct profile links.
Enter a Steam AppID to collect:
- Steam Store metadata;
- artwork and game description;
- review summary;
- current player count;
- Steam Charts data;
- SteamSpy estimates and tags.
Reports are written to:
output/
A profile report filename looks like:
profile_76561198000000000_20260714_021500.html
The report is standalone. Its layout, scripts, current avatar and custom project logo are embedded into the HTML file.
Depending on the available public data, a report can contain:
- profile overview;
- Steam identifiers;
- account state and bans;
- profile summary;
- public activity counters;
- friends and current games;
- groups;
- games and playtime;
- badges with artwork;
- achievements with icons;
- screenshots and artwork;
- videos;
- workshop files;
- guides and collections;
- reviews;
- comments;
- public inventories;
- aliases;
- avatar history and hashes;
- Dota 2, FACEIT and TF2 profiles;
- external manual pivots;
- local snapshot changes;
- source diagnostics and errors;
- attribution and responsible-use notice.
Large collections are collapsed by default. Users can:
- search across the full report;
- filter individual sections;
- expand additional cards;
- collapse long collections;
- open public profiles and source pages;
- copy identifiers;
- switch between dark and light themes;
- open images in a fullscreen viewer;
- navigate image previews;
- print or save the report as PDF.
Raw source JSON is not used as the main report interface.
SteamRecon can embed your own project logo into every generated HTML report.
Create or use this directory:
output/logo/
Place one image inside it using one of the preferred filenames:
output/logo/logo.png
output/logo/logo.jpg
output/logo/logo.jpeg
output/logo/logo.webp
Supported formats:
- PNG
- JPG
- JPEG
- WEBP
The selected image is converted to a data URI and embedded into the report. The HTML file will continue to display the logo even after it is moved to another folder or computer.
If no logo is found, SteamRecon displays the project name without a placeholder avatar.
SteamRecon stores runtime data outside the repository.
%USERPROFILE%\.steamrecon\
├── settings.json
├── history.json
├── cache\
└── profiles\
└── <steamid64>\
├── avatars\
└── snapshots\
~/.steamrecon/
├── settings.json
├── history.json
├── cache/
└── profiles/
└── <steamid64>/
├── avatars/
└── snapshots/
settings.json contains:
- interface language;
- accent color;
- request timeout;
- API keys;
- enabled sources;
- collection limits;
- history settings;
- snapshot settings;
- avatar-download preference.
history.json stores references to recent profile, diagnostics and game reports.
Every enabled profile snapshot is saved locally and compared with the previous snapshot.
SteamRecon can identify changes in:
- display name;
- real name;
- profile URL;
- custom URL;
- avatar;
- country;
- privacy state;
- Steam level;
- ban fields;
- public games and counts.
Downloaded avatars are stored under:
~/.steamrecon/profiles/<steamid64>/avatars/
SteamRecon can calculate:
- SHA-256;
- MD5;
- dHash;
- pHash;
- width;
- height;
- image format;
- first-seen time.
| Variable | Purpose |
|---|---|
STEAMRECON_HOME |
Changes the settings, history, cache and snapshot directory |
STEAMRECON_OUTPUT |
Changes the report output directory |
STEAMRECON_NO_CLEAR |
Prevents terminal clearing |
$env:STEAMRECON_HOME = "D:\SteamReconData"
$env:STEAMRECON_OUTPUT = "D:\SteamReconReports"
python main.pyexport STEAMRECON_HOME="$HOME/.local/share/steamrecon"
export STEAMRECON_OUTPUT="$HOME/Documents/SteamReconReports"
python main.pyLarge Steam accounts can contain thousands of games, friends, badges and media items. SteamRecon exposes limits in the Settings menu to prevent accidental long-running collection.
| Setting | Purpose |
|---|---|
| Game enrichment limit | Maximum number of games enriched using game-data sources |
| Achievement game limit | Maximum number of games queried for achievements |
| Inventory limit | Maximum number of inventory items processed per inventory |
| Public-page limit | Maximum number of public friends, badges or media records collected |
| Request timeout | Maximum wait time for an HTTP request |
Increase limits gradually when working with very large public profiles.
Tip
Run source diagnostics before using large collection limits. A slow or blocked third-party connector should be disabled rather than repeatedly retried.
SteamRecon respects the visibility rules of each source.
- Private profile fields are not bypassed.
- Hidden friend lists are not reconstructed through unauthorized access.
- Private inventories are not accessed.
- Login pages and CAPTCHA are not bypassed.
- API limits are not circumvented.
- Link-only services are not presented as automatically collected results.
- API keys remain local and are excluded from reports.
Query generation and report rendering happen locally. Public values are sent only to the enabled external sources required for collection.
SteamRecon/
├── docs/
│ ├── REFERENCES.md
│ ├── SOURCES.md
│ └── SOURCE_AUDIT.md
├── output/
│ ├── .gitkeep
│ └── logo/
│ ├── .gitkeep
│ └── README.txt
├── photo/
│ ├── menu.png
│ ├── search.png
│ ├── html_report.png
│ ├── html_report2.png
│ └── html_report3.png
├── steamrecon/
│ ├── data/
│ │ ├── report_template.html
│ │ └── sources.json
│ ├── sources/
│ │ ├── base.py
│ │ ├── game_data.py
│ │ ├── game_profiles.py
│ │ ├── socid.py
│ │ ├── steam_activity.py
│ │ ├── steam_aliases.py
│ │ ├── steam_api.py
│ │ ├── steam_community.py
│ │ ├── steam_inventory.py
│ │ └── steam_public_pages.py
│ ├── analyzer.py
│ ├── app.py
│ ├── avatar.py
│ ├── browser.py
│ ├── catalog.py
│ ├── config.py
│ ├── history.py
│ ├── http.py
│ ├── i18n.py
│ ├── menu.py
│ ├── models.py
│ ├── paths.py
│ ├── report.py
│ ├── snapshot.py
│ ├── steamid.py
│ └── ui.py
├── tests/
├── .gitignore
├── CHANGELOG.md
├── CONTRIBUTING.md
├── LICENSE
├── README.md
├── README_RU.md
├── main.py
├── requirements-dev.txt
├── requirements.txt
└── pytest.ini
Install development dependencies:
pip install -r requirements-dev.txtRun all tests:
python -m pytestThe test suite covers:
- Steam ID conversion;
- numeric menu parsing;
- Steam Community profile parsing;
- aliases;
- public activity;
- public inventories;
- OpenDota normalization;
- game-data sources;
- source catalog validation;
- source status classification;
- public friends;
- public-page pagination;
- profile snapshots;
- mutual-friend comparison;
- report rendering;
- diagnostics reports;
- large-profile fixtures;
- custom report logo;
- visual report features.
Add a Steam Web API key in:
Settings → Steam Web API key
Possible reasons:
- the profile friend list is private;
- Steam returned a temporary error;
- the public friends page changed;
- the public-page source is disabled;
- collection stopped at the configured limit.
Run Source diagnostics and inspect the steam_public_pages and steam_api results.
Add a FACEIT Data API key in Settings. Faceit Finder remains available as a manual pivot even without a key.
The service may have returned:
- HTTP 403;
- HTTP 429;
- CAPTCHA;
- Cloudflare challenge;
- regional restriction;
- authentication page.
SteamRecon reports this as blocked and continues with other sources.
Check that the file is inside:
output/logo/
Use one of these names:
logo.png
logo.jpg
logo.jpeg
logo.webp
Generate a new report after adding the file.
External pivots are opened only after user selection. Select fewer sources or open links directly from the HTML report.
- Steam and third-party page structures can change without notice.
- Public visibility differs from profile to profile.
- A service may block automated requests even when its public page opens in a browser.
- API rate limits and key permissions are controlled by the service provider.
- SteamRecon cannot guarantee that a third-party record is current or correct.
- Very large profiles require increased collection limits and more processing time.
- Historical data starts when it becomes available from public sources or when SteamRecon creates its first local snapshot.
- A missing result does not prove that no related account or record exists.
Use SteamRecon only for lawful research involving publicly available information.
Do not use the tool to:
- harass users;
- bypass privacy settings;
- access accounts without authorization;
- evade service restrictions;
- publish unverified allegations;
- expose personal information without a legitimate reason.
Review every result manually and keep source context in the final investigation notes.
Contributions are welcome for:
- broken source fixes;
- new public and documented APIs;
- improved parsers;
- additional tests;
- report design improvements;
- Russian and English translations;
- documentation corrections.
Before opening a pull request:
- Confirm the source is publicly accessible.
- Do not bypass authentication, CAPTCHA or rate limits.
- Add an honest connector status.
- Include diagnostic data.
- Add tests for the parser.
- Run
python -m pytest. - Update
docs/SOURCES.mdanddocs/SOURCE_AUDIT.md.
See CONTRIBUTING.md for repository guidelines.
SteamRecon uses public information from Steam and independent third-party services.
Steam, the Steam logo and related marks belong to Valve Corporation. FACEIT, OpenDota, backpack.tf and other service names belong to their respective owners.
SteamRecon is not affiliated with Valve Corporation or the operators of third-party sources.
Every generated report includes source attribution and a reminder that results require manual verification.
SteamRecon is released under the MIT License.




