Run Sherlock to enumerate the username across ~400 platforms.

why:Cast the widest possible net first. False positives are noisy but acceptable at this stage.

note:python3 sherlock.py blue_kestrel_91. Filter results manually — Sherlock will report some sites as hits even when the page is a 404.

Cross-check against WhatsMyName, which has a different (and often larger) site list than Sherlock.

why:Catches platforms Sherlock misses, particularly newer or niche sites. Confirms or contradicts Sherlock's hits.

note:Web version at whatsmyname.app is fastest for casual queries. CLI exists for batch work.

For deeper coverage including dark web and country-specific platforms, run Maigret.

why:Maigret covers 3,000+ platforms — overkill for most cases, essential for thorough work.

Visit the top-confirmed profiles in a sandboxed browser. Capture screenshots with Hunchly or SingleFile.

why:Automated tools confirm registration; manual verification confirms it's actually the same person (profile photo, bio, posting history).

note:Use a non-attributable browser profile. Some platforms (LinkedIn) record profile views.

If you find an associated email anywhere (signup pages, public profiles, leaks), run EpieOS on it.

why:EpieOS will reveal the Google account display name + photo behind a Gmail address, often producing a real name.

Check found emails against breach databases.

why:Breach exposure can corroborate identity, reveal password reuse patterns, and surface other accounts.

Take any profile photo and run it through reverse image search (Google + Yandex + PimEyes if available).

why:A profile photo reused on a LinkedIn account is the single most common identity link. Yandex face match is dramatically better than Google for this.