This page explains, in plain language, every free tool on Pigfox: what it does, when you'd reach for it, and exactly how to use it — step by step. No technical background needed.
All of these are what people call OSINT tools. OSINT just means open-source intelligence: finding out things using information that is already public — the kind of thing anyone could look up, gathered in one place and made easy. These tools never break into anything or touch private data; they only read what is already out in the open. Use them responsibly and within the law.
Here's what's covered:
What it is. Imagine someone emails you claiming to be a recruiter at a big company, or an investor, or a hiring manager. TraceCheck helps you answer one simple question: does this person actually exist in public, under the name and role they claim? Real professionals usually leave traces — a company profile, past roles, news mentions. TraceCheck runs a live web search and gives you an advisory footprint-consistency score out of 100, along with the links it found.
When you'd use it. A stranger reaches out with an opportunity that sounds great, and you want a quick gut-check before replying or sharing anything about yourself.
How to use it, step by step:
How to read the result. You'll get a score out of 100, a count of how many signals were found, and a list of evidence links (things like a Wikipedia page, LinkedIn profile, or news articles). A higher score means lots of consistent public presence was found. A low score means very little verifiable footprint turned up — which is a reason to be careful and dig deeper, not proof that the person is a scammer. It's an advisory signal to use alongside your own judgement.
Good to know (limits). You get 3 free checks in a rolling 30-day window. After that you'll see a friendly "paid checks coming soon" message instead of a result.
What it is. Every website lives at a domain (like example.com). Behind that domain is a set of public "phone book" entries called DNS records that say where the site lives and who handles its email. Domain Recon looks those up for you, and also tries to discover the domain's subdomains (like mail.example.com or staging.example.com).
When you'd use it. You're checking out a company, doing a bit of due diligence, or you're simply curious how a website is set up.
How to use it, step by step:
example.com — just the domain, with no http:// and no path after it.How to read the result. You'll see several lists, each explained here in plain terms:
Good to know (limits). The tool is completely passive — it only reads already-published information and never contacts the target's own servers. The subdomain part uses a free public service (crt.sh, a log of website security certificates), which can sometimes be slow or unavailable. If that happens, the DNS records still show and a short note explains that subdomain discovery was skipped.
What it is. When a phone or camera takes a photo, it often tucks hidden details inside the image file — this is called EXIF metadata. It can include the exact GPS location where the photo was taken, the camera or phone model, and the date and time. This tool reads that hidden data and shows it to you.
When you'd use it. You want to know whether a photo reveals where it was taken — for example, to check what one of your own photos might be giving away before you post it, or to understand a picture someone sent you.
How to use it, step by step:
How to read the result. If the photo carries metadata, you'll see it laid out clearly: if there's a location, you get the GPS coordinates plus a map link; you'll also see the camera make and model, the date taken, and technical details like dimensions and orientation. If you instead see "No metadata found," that's completely normal — screenshots and photos saved from social media usually have their metadata stripped away, so there's simply nothing hidden to show.
Good to know (privacy). Your image is never stored. It's read to pull out the metadata during your request and then discarded — nothing is written to disk or a database.
What it is. Fake recruiters are one of the most common job scams — someone poses as a recruiter for a real company to get money or personal details out of you. The Fake Recruiter Check is a focused version of TraceCheck built for exactly this situation: it runs the same public-footprint search (with the role already set to "recruiter") and pairs it with a checklist of warning signs.
When you'd use it. A recruiter messages you out of the blue — maybe with an offer that seems too good to be true — and something feels off.
How to use it, step by step:
Watch for these red flags (any one is worth pausing over; several together is a strong warning):
How to read the result & limits. Just like TraceCheck, the score is an advisory signal — a low score means "verify further," not "definitely a scammer." Use it together with the red-flag checklist above. This tool shares the same 3-free-checks-per-30-days allowance as TraceCheck.
Try the Fake Recruiter Check →
A note on responsible use: these tools only surface information that is already public. Use what you find thoughtfully, respect people's privacy, and stay within the law and any applicable authorization.