Skip to content

ZeroTrace OSINT

Frequently Asked Questions

Common questions about licensing, privacy, sources, capabilities, and workflows.

Licensing & Access

What does the license cover?

A lifetime license to use ZeroTrace OSINT on your machine. One-time purchase. No subscription. No per-query cost. No expiry.

What is the three-hour session?

Each time you launch the application, the licensing system grants a three-hour session. When the session expires, restart the application to begin a new session. There is no limit on the number of sessions.

The session model exists to keep the license validation lightweight — once a session is active, the toolkit does not re-check with our servers for the duration.

Can I use the toolkit on multiple machines?

The license is keyed to your ZeroTrace account. You can install the toolkit on multiple personal machines under the same account; concurrent use across many machines may trip session limits.

For team or enterprise use, contact us about volume licensing.

What happens if your license servers go down?

A short outage is unlikely to affect an active session — the toolkit only contacts the license server at session start. Once you are in a session, the toolkit runs independently.

For sustained outages, the toolkit will not start a new session until the license server is reachable. We aim for high availability; we do not currently offer offline-licensing.

What happens if you go out of business?

Lifetime-licensed users would be reissued an offline-validation key as part of any wind-down. We do not condition your continued use on our continued operation.

Privacy

Do my queries go through ZeroTrace?

No. Every reconnaissance query goes from your machine directly to the public source you are using (Shodan, HIBP, crt.sh, BGPView, OpenStreetMap, etc.). ZeroTrace's servers see only the periodic license-validation handshake, which contains no information about what you searched for.

Do you log anything?

The license-validation handshake is logged for fraud-detection purposes (which IP started a session, when). We do not log query content because we do not see query content.

For details, see the security and transparency page.

Are there analytics in the application?

No. No analytics SDK, no telemetry, no error reporter. If something fails, it fails on your machine; you can attach logs voluntarily when you contact support.

Where are my profiles stored?

Locally, on disk, under your user account. The exact path depends on your operating system; the in-app settings page shows it.

Profiles are not synced to any cloud, are not transmitted to ZeroTrace, and are not visible to anyone but the user account on your machine.

How do I back up my profiles?

Copy the profile-storage directory shown in settings. Standard file-system backup tools (Time Machine on macOS, File History on Windows, rsync on Linux) work fine. There is no proprietary backup format.

Sources & Capabilities

Which public sources does the toolkit query?

Many. Each tool's documentation lists the sources it queries. Examples:

  • DNS tools — system resolver + Cloudflare / Google / Quad9 DoH (when cross-resolution enabled).
  • WHOIS — IANA root + per-TLD registries + per-registrar RDAP.
  • Threat feeds — ThreatFox, URLhaus, Spamhaus DROP, Tor consensus list, GreyNoise Community.
  • Subdomain discovery — crt.sh.
  • Image search — links to Google Lens, Yandex, Bing, TinEye, SauceNAO (you click; the search engines see the image, not us).
  • Aerial imagery — OpenStreetMap, Esri World Imagery, Bing Maps, Apple Maps, Sentinel Hub.

Every source is named on every result.

Why do you not use paid premium sources?

Two reasons:

  1. Cost predictability. A lifetime-licensed product cannot embed a paid API that charges per query — the user would inherit unbounded costs.
  2. Source-quality calibration. Many "premium" OSINT sources are recombinations of public data with a paid wrapper. Using the public sources directly keeps source attribution clean.

For workflows that need a specific premium source, the toolkit's exports integrate with downstream tools that can call those sources.

Does the toolkit do face recognition?

No. Deliberately. See the Visual & Geolocation overview for the full reasoning. The closest capability is photo-content hashing for cross-source image-reuse matching, which works without any biometric processing.

Can I add custom sources?

Some tools accept custom configuration (custom subdomain wordlists, custom proxy lists, custom platform additions for username search). Full custom-tool development is not currently exposed; suggestions for new built-in tools are welcome via support.

Workflows

Can I script the toolkit?

The toolkit is GUI-driven; it does not currently expose a CLI or scripting interface. The exports (JSON especially) are the natural integration point with scripts and downstream automation.

For workflows that need full scripting, Recon-ng is the better fit.

Can multiple investigators share a profile?

Profiles are local. To share, export to JSON and your colleague imports.

A native multi-user / cloud-sync feature is not on the roadmap — it would conflict with the local-only privacy model.

Can I integrate the toolkit with a SIEM?

The JSON export format is stable and machine-readable. Most SIEMs can ingest a JSON file. The toolkit does not currently push directly into a SIEM.

For continuous-monitoring use cases (re-running the same scan periodically and feeding results into a SIEM), the saved-searches feature handles the re-running; you would script the export-and-push step yourself.

How big can a profile get?

Hundreds to thousands of findings is comfortable. The filtering and search inside a profile are designed for this scale. Tens of thousands of findings will work but may slow the UI; for that scale, consider splitting into themed sub-profiles.

Can I use the toolkit offline?

Some tools work fully offline (CIDR calculators, MAC vendor lookup, hash detector, encoders, decoders, defang, timestamps, file hasher, hash detector, image metadata, sun/shadow solver, geo clue extractor's local OCR).

Most tools call public sources over the network. Without internet, those tools cannot do anything.

The license validation itself requires periodic internet to renew sessions.

Reports & Exports

What format are the exports?

JSON, CSV, Markdown, and dark-themed PDF. Per-result, per-selection, or whole-profile.

Are PDF exports defensible in court / regulatory contexts?

The PDF is reproducible (same profile produces the same bytes modulo the export timestamp), source-cited (every finding shows its public sources), and machine-verifiable (the underlying JSON export carries the same data with full structure).

For court-grade evidence handling, you may need to capture the JSON export alongside the PDF and document your chain-of-custody — those are practices on top of the toolkit's capability rather than features the toolkit provides.

Can I customise the PDF template?

Limited customisation today (theme: dark / light, organisation name in the footer). A fuller template-customisation feature may land in a future release.

For full custom-formatting, export Markdown and run it through your own templating pipeline.

Updates & Support

How often do you ship updates?

Roughly every two to four weeks for the application. Faster for security or licensing-related fixes.

The bundled fingerprint catalogs (Wappalyzer, OUI, security headers, etc.) update with each application release.

How do I get the latest version?

Through your ZeroTrace Dashboard → OSINT tab. The dashboard shows the latest available version; download and install over the existing version.

See Installation for platform-specific update flow.

What if I find a bug?

Contact support through your dashboard. Voluntary log-attachment helps; the toolkit does not transmit logs automatically.

What if I want a feature that does not exist?

Feature requests welcome through your dashboard. The roadmap is informed by user requests, but we will not add capabilities that conflict with the privacy model (no analytics, no cloud sync of profiles, no face recognition).

Pricing & Billing

How is the toolkit priced?

See the store page for current pricing. Lifetime license, one-time purchase.

Are upgrades free?

Yes. Once you own a lifetime license, every future update is included.

Can I get a refund?

See the returns policy. Generally yes within a defined window after purchase.

Is there a free trial?

The store page shows current trial / demo options if available. The licensing model does not support indefinite free use.

Do you offer team licensing?

Contact sales through your dashboard for team or enterprise pricing.

A question that is not answered here? Contact support through your ZeroTrace Dashboard. We add common questions to this page as they come up.

Command Palette

Search for a command to run...