💻 Installer (recommended)

Best for most customers. Installs shortcuts and makes repeat runs easy.

• Simple install + Start Menu shortcut
• Ideal for office PCs and recurring checks
• Works great with “Run (Recommended)” wrapper

Tip: Use the installer if you want a smooth “click-to-run” experience.

🧰 Portable ZIP (call-out friendly)

No install. Ideal for engineers and quick on-site triage.

• Unzip → run → collect evidence
• Perfect for USB toolkit use
• Includes the “Run_Triage” helper

Tip: Portable is the fastest “arrive → run → evidence” option.

📄 User Guide (PDF)

Clear steps for customers + technical users (EN + NL).

• How to fill in case details
• Which checks to enable (and why)
• Safety + privacy tips included

Want help? Use our contact page for support or deployment guidance.

🚀 Quick start (how to use)

✅ What it’s for

• Incident triage: “What’s exposed and where?”
• Breach & paste exposure checks (where legally allowed / API-based)
• Passive recon for domains (DNS / WHOIS / certificate transparency)
• Evidence-first reporting for documentation and follow-up actions

🚫 What it does not do

• No dark web crawling and no .onion scanning
• No exploitation, “hacking”, or intrusive scanning
• No downloading of leaked content by default (metadata/references only)

Use it for defensive triage with explicit customer consent and clear scope.

🔐 Safety & privacy tips (worth doing every time)

• Consent first: confirm customer authorization and scope before running any checks.
• Prefer app-based MFA: avoid SMS MFA if SIM-swap risk is suspected.
• Check email rules: attackers often add forwarding rules after takeover.
• Evidence handling: store case folders securely and follow a retention policy.
• Redact PII: enable redaction when evidence may be shared outside the org.