HandleHawk is a cross-platform username reconnaissance tool for OSINT analysts, CyberSecurity professionnals, Red Teamers, and CTF enthusiasts. It scans multiple social platforms to gather publicly available user information by just a single username input.
"Find the signal in the noise."
HandleHawk/
│
├── API_KEY/
│ └── twitter_api_key.txt # Optional Twitter API Key file
│
├── handlehawk.py # Main script
├── requirements.txt # Python dependencies
├── README.md # Tool documentation
├── platforms/ # External platform modules added after tool creation
│ ├── __init__.py # Makes platforms a package
│ └── paypal.py # PayPal Module
│ └── hudsonrock.py # Hudson Rock Module
├── Assets/ # Assets folder
└── HandleHawk_Logo.png # HandleHawk logo
└── HandleHawk_small.png # HandleHawk logo (small)
└── Report_Sample[1].html # HandleHawk report sample
└── Report_Sample[2].html # HandleHawk report sample
└── Report_Sample[3].html # HandleHawk report sample
└── test1.png # Testing platforms before launch
└── test2.png # Testing platforms before launch
└── HandleHawk-cyberguy.pdf # Clean PDF report from html
└── Bluesky_Logo.png
└── Hudsonrock_Logo.png
└── Mastodon_Logo.png
└── Nostr_Logo.png
└── Paypal_Logo.png
└── Reddit_Logo.png
└── Snapchat_Logo.png
└── Truth-Social_Logo.png
└── X_Logo.png
| Platform | Logo | Supported |
|---|---|---|
| BlueSky | ✅ | |
| Hudson Rock | ✅ | |
| Mastodon | ✅ | |
| Nostr | ✅ | |
| PayPal | ✅ | |
| ✅ | ||
| Snapchat | ✅ | |
| TruthSocial | ✅ | |
| X (Twitter) | ✅ + API |
- 🔍 Scans multiple platforms:
- Bluesky
- Mastodon
- Nostr
- PayPal
- Snapchat
- TruthSocial
- Twitter (via optional RapidAPI)
- 🥷🏻 Infostealer information from a username with the Hudson Rock module
- 🛡️ Resilient to Cloudflare thanks to cloudscraper
- 📄 Generates a clean, dark-mode HTML report
- 🧠 Smart spinner for each check (UX-friendly)
- 🔐 Optional Twitter API key (kept local)
- ✅ Supports pagination through all available pages of Nostr search results (up to hundreds of results!)
- 🔁 Converts hex-encoded pubkeys to Nostr npub format using Bech32 encoding
- 🔗 Generates accurate profile links:
https://nostrapp.link/npub... - 📅 Displays account creation date and time in human-readable format
This allows HandleHawk to return all Nostr profiles that match a username, with rich metadata and clickable profile URLs — not just the first few!
git clone https://github.com/C3n7ral051nt4g3ncy/HandleHawk.git
cd HandleHawk
pip install -r requirements.txtTo enable Twitter checks (via RapidAPI), do the following:
- Create a free account on Rapid API
- Choose the free Twitter API plan (1000 requests per month) by Alexander Vikhorev
- Paste your API key into the file
twitter_api_key.txt - If no key is found, HandleHawk will skip X/Twitter and continue without errors
Run the tool from terminal:
python3 handlehawk.pyHandleHawk.mov
A list of upcoming features and improvements planned for HandleHawk:
- Core recon engine with spinner animations
- Cross-platform username scanning for:
- Mastodon
- Bluesky
- TruthSocial
- Nostr
- Snapchat
- Twitter (X) scanning via optional RapidAPI key
- HTML report generator with profile summaries & images which does more than other username enumeration tools
- Optional
API_KEY/folder for key management - User-agent spoofing & anti-bot headers
- PayPal module added (platforms/paypal.py)
- Extract PayPal full name, currency, and avatar
- Refactored architecture to support modular platform checks
- Improved HTML report with PayPal-specific display logic
- Clean integration of external paypal.py instead of monolithic block
- Hudson Rock module added to pull stealerinfo from a username module added (platforms/hudsonrock.py)
- CSV report export
- JSON output for automation
- Support for more platforms:
- Threads
- Telegram
- YouTube
- GitHub
Developed by C3n7ral051nt4g3ncy
- Open an issue or start a discussion! Contributions and feature ideas are welcome 🦅
- If you use HandleHawk in your investigations, feel free to give a ⭐️ or suggest a feature!