zerodumb@ethics-journal:~/audit$

OSINT Surface Audit

You're launching cool things, but have you ever stopped to check what the internet knows about you? This is a simple recon scan for normal humans who want to stay out of breach headlines.

Think of this as a digital pat-down for your public presence. No deep-dives, no red-team ninjas dropping from ceiling tiles. Just a surface recon audit to help you not look like an unpatched WordPress install from 2013.

What You Get

  • Public email + metadata scan (DNS, WHOIS, common leaks)
  • Subdomain visibility check (no active fuzzing, just passive recon)
  • Credential exposure review (HIBP, Dehashed, public breach APIs)
  • Open-source footprint review (GitHub, pastebins, indexable docs)
  • API key or config file checks (if anything’s hanging out in the breeze)
  • Quick passive recon of all linked assets (domains, repos, social, etc.)
  • Clean PDF report with takeaways, red flags, and maybe a meme

Pricing

$100 flat for solo devs / $1,000+ for startups with actual funding.

I'm not a big fan of the "I'm a startup" discount, but I'm open to it if you're willing to pay more.

If you require a more comprehensive audit, please reach out to me at zero@zerodumb.dev.

How to Order

Request a Report

Your request MUST include:

  • Your name (or alias, no judgment)
  • Your main domain or project URL
  • Your email address that matches the domain (I will check, and I don’t do work for gmail, hotmail, or your mom’s mail, etc.)
  • A sentence saying "Yes, I give permission for surface-level recon"

I'll get back to you with a report, and suggestions for next steps. If it is determined that you are not the site owner, you will not be refunded, and you will not receive a report.

$ echo "Request sent to Zero." > osint-lite.log