update README with enhanced breach sources, 200+ platforms, and CRO module docs

README.md

@@ -4,35 +4,34 @@
 
 EireScope is a modular OSINT (Open-Source Intelligence) tool designed to enrich, correlate, and visualize data from multiple intelligence sources through a single unified interface.
 
-EireScope consolidates username searches, email enrichment, phone analysis, IP reconnaissance, and domain recon into one easy-to-use web dashboard.
+EireScope consolidates username searches, email enrichment, phone analysis, IP reconnaissance, domain recon, and company registry lookups into one easy-to-use web dashboard.
 
 ## Features
 
-- **Username Search** — Scan 40+ social platforms for matching profiles (Sherlock-like)
-- **Email Enrichment** — Breach checks (HIBP), MX validation, provider detection, disposable email detection
+- **Username Search** — Scan 200+ social platforms for matching profiles (Sherlock-like)
+- **Email Enrichment** — Multi-source breach checks (HIBP, XposedOrNot, BreachDirectory, LeakCheck, EmailRep.io), MX validation, provider detection, disposable email detection
 - **Phone Analysis** — Irish carrier detection (Vodafone, Three, etc.), E.164 validation, number classification
 - **IP Recon** — GeoIP lookup, WHOIS, reverse DNS, proxy/VPN detection
 - **Domain Recon** — DNS records (A, MX, NS, TXT), WHOIS, subdomain enumeration via crt.sh
 - **Social Media Discovery** — GitHub profile enrichment, Gravatar cross-referencing
+- **Irish CRO Lookup** — Search the Irish Companies Registration Office open data for company registrations, directors and status
 - **Entity Relationship Graph** — Interactive D3.js visualization of discovered connections
 - **Investigation History** — SQLite-backed persistence of all investigations
-- **HTML Report Export** — Professional investigation reports for official use
+- **HTML Report Export** — Professional reports with entity tables, relationship maps and disclaimers
 - **Auto-Detection** — Automatically identifies input type (email, IP, phone, etc.)
 
 ## Quick Start
 
 ```bash
-git clone https://github.com/yourusername/eirescope.git
+git clone https://github.com/richardnixondev/eirescope.git
 cd eirescope
 python3 run.py
 ```
 
-Open http://localhost:5000 in your browser.
-
-### Command Line Options
+Open http://localhost:5000 in your browser. If port 5000 is in use, pick another:
 
 ```bash
-python3 run.py --host 0.0.0.0 --port 5000
+python3 run.py --port 8080
 ```
 
 ## Requirements
@@ -48,16 +47,21 @@ Optional system tools for enhanced results:
 - `dig` (DNS lookups)
 - `whois` (WHOIS queries)
 
+Optional API keys (set in config or environment) for premium results:
+- `HIBP_API_KEY` — HaveIBeenPwned full breach data
+- `LEAKCHECK_API_KEY` — LeakCheck breach lookups
+- `RAPIDAPI_KEY` — BreachDirectory integration
+
 ## Architecture
 
 EireScope follows a three-layer architecture:
 
 ```
-Presentation    Flask-like web UI + D3.js graph visualization
+Presentation    Web UI + D3.js graph visualization
                          |
 Coordination    InvestigationEngine orchestrates modules, aggregates results
                          |
-Execution       Plugin-based OSINT modules (username, email, phone, IP, domain)
+Execution       Plugin-based OSINT modules (7 modules)
 ```
 
 ### Project Structure
@@ -74,12 +78,13 @@ eirescope/
 │   │   └── results.py              # Result aggregation
 │   ├── modules/
 │   │   ├── base.py                 # BaseOSINTModule (plugin interface)
-│   │   ├── username_module.py      # Username search (40+ platforms)
-│   │   ├── email_module.py         # Email enrichment
+│   │   ├── username_module.py      # Username search (200+ platforms)
+│   │   ├── email_module.py         # Email enrichment + 5 breach sources
 │   │   ├── phone_module.py         # Phone number analysis
 │   │   ├── ip_module.py            # IP address recon
 │   │   ├── domain_module.py        # Domain recon
-│   │   └── social_module.py        # Social media discovery
+│   │   ├── social_module.py        # Social media discovery
+│   │   └── irish_cro_module.py     # Irish Companies Office (CRO) lookup
 │   ├── web/
 │   │   ├── app.py                  # HTTP server & routes
 │   │   ├── templates/              # Jinja2 HTML templates
@@ -94,6 +99,18 @@ eirescope/
 │       └── exceptions.py           # Custom exceptions
 ```
 
+## Modules
+
+| Module | Entity Types | Description |
+|--------|-------------|-------------|
+| Username Search | `username` | Check 200+ platforms (social, dev, gaming, forums, etc.) |
+| Email Enrichment | `email` | 5 breach sources, MX validation, Gravatar, disposable detection |
+| Phone Analysis | `phone` | Irish carriers, E.164 format, landline/mobile/VoIP classification |
+| IP Recon | `ip_address` | GeoIP, WHOIS, reverse DNS, proxy/hosting detection |
+| Domain Recon | `domain` | DNS records, WHOIS, SPF/DMARC, subdomain enum via crt.sh |
+| Social Media | `email`, `username` | GitHub API, Gravatar profile + linked accounts |
+| Irish CRO | `company`, `person`, `username`, `domain` | Irish Companies Office open data (CKAN API) |
+
 ## API Endpoints
 
 | Endpoint | Method | Description |
@@ -130,7 +147,6 @@ class MyModule(BaseOSINTModule):
     supported_entity_types = [EntityType.EMAIL]
 
     def execute(self, entity: Entity, investigation: Investigation):
-        # Your OSINT logic here
         new_entity = Entity(
             entity_type=EntityType.SOCIAL_PROFILE,
             value="https://example.com/profile",
@@ -149,11 +165,12 @@ Then register it in `eirescope/core/plugin_manager.py`.
 
 ## Irish-Specific Features
 
+- Irish Companies Registration Office (CRO) company search via CKAN open data API
 - Irish mobile carrier detection (Vodafone, Three, Tesco Mobile)
 - Irish landline area code classification (Dublin, Munster, Leinster, etc.)
 - VoIP number detection (+353 76 range)
 - Premium rate number warnings
-- Boards.ie forum profile checking
+- Boards.ie, Adverts.ie, DoneDeal profile checking
 
 ## Security & Privacy
 
@@ -161,11 +178,10 @@ Then register it in `eirescope/core/plugin_manager.py`.
 - No API keys required for core functionality
 - User-agent rotation to avoid fingerprinting
 - Rate limiting built into HTTP client
-- Reports include legal disclaimers
 
 ## Disclaimer
 
-All data is gathered exclusively from publicly available sources. The accuracy of results depends on the reliability of external data sources. All intelligence should be independently verified before use in legal proceedings.
+All data is gathered exclusively from publicly available sources. The accuracy of results depends on the reliability of external data sources. All intelligence should be independently verified.
 
 ## License
 
@@ -175,8 +191,8 @@ MIT License — See LICENSE file for details.
 
 Contributions welcome. See the project structure above and extend the module system to add new OSINT capabilities. Focus areas:
 
-- Additional social platform checks
-- Irish Companies Office (CRO) integration
-- Blockchain address lookups
-- Enhanced breach database integrations
+- Blockchain address lookups (Bitcoin, Ethereum)
 - Machine learning entity classification
+- Additional Fediverse/Mastodon instance coverage
+- Dark web monitoring integrations
+- Reverse image search