My new open source python OSINT framework, skiptracer was released @ HushCon East on June 1st. Initial attack vectors for recon usually involve utilizing pay-for-data/API (Recon-NG), or paying to utilize transforms (Maltego) to get data mining results. Using some basic python webscraping of PII paywall sites to compile passive information on a target. The modules will allow queries for phone/email/screen names/real names/addresses/IP/Hostname/breach credentials etc.. It will help you collect relevant information about a target to help expand your attack surface.`Everyone should be encourage to submit new ideas/modules. You can get the code here: feel free to submit new modules or code fixes.