On August 10, 2025, soxoj pushed version 0.5.0 of Maigret to PyPI, bringing the username-investigation tool to its most capable state since the project forked from Sherlock in 2021. By the time Michael Bazzell's IntelTechniques team updated their OSINT virtual machine on April 4, 2026 — modifying user.sh, linux.txt, and install.sh to reflect Maigret's new dependency requirements and recommending a fresh VM rebuild — the OSINT community had already recognised that this release closed the long-standing reliability gaps that had made the tool intermittently frustrating for professional use.
For investigators who had been juggling Sherlock and WhatsMyName alongside Maigret to compensate for each tool's blind spots, 0.5.0 changes the calculation. This article walks through exactly what changed, why Maigret's recursive investigation model outclasses a flat parallel-checker, and how to get it running cleanly on either a pip install or a Docker deployment.
The Release That Changed the Stack
Maigret is named after Georges Simenon's fictional detective, and the comparison to Sherlock — named after a different fictional investigator — is deliberate. Where Sherlock checks whether a username exists on a list of platforms and stops there, Maigret reads the resulting profiles and follows every lead they contain. That architectural difference is the source of its advantage, and version 0.5.0 is the first release that makes it dependable enough to anchor a professional username-investigation workflow.
The release delivered four categories of improvement: a complete overhaul of Mastodon detection to eliminate the federated false-positive problem that had plagued earlier versions, a migration of site ranking from the long-defunct Alexa Top to the actively-maintained Majestic Million dataset, a set of execution-engine changes that dramatically reduce noise during bulk runs, and the addition of POST request support for sites whose login flows had become inaccessible via GET-based probes.
Recursive Search: The Architecture That Separates Maigret
Understanding why Maigret matters requires understanding what it actually does once it locates an account. When Maigret confirms a hit on a platform, it does not stop at logging the result. By default, using what the documentation calls recursive search, it fetches the located profile page and parses it for cross-platform identifiers: links to other social media accounts, alternative usernames embedded in the page text, user ID strings, and any other extractable handles. Each of those extracted identifiers becomes the seed for a new search across Maigret's database of over 3,000 sites.
A concrete investigation chain shows the depth this creates. Suppose you start with a single username, kx_foto. Maigret runs that string against its default pool of 500 sites, ranked by Majestic Million traffic data. It confirms accounts on Instagram, Flickr, and DeviantArt. It then fetches each of those three profiles and extracts linked identifiers: the Instagram bio links to a portfolio site where the username kxfoto appears in the URL path, and the Flickr profile page contains a linked personal site signed with the contact alias k.fischer. Maigret now launches two additional search chains — one for kxfoto and one for k.fischer — each again running across 3,000 sites. By the time the run completes, the investigator has not a list of accounts but an alias graph: the original username, the variants it connects to, the platforms each variant appears on, and all harvested profile metadata including display names, biographies, follower counts, and any location strings the platforms expose.
This recursive chaining is on by default and disabled with the --no-recursion flag when a flat single-pass result is sufficient. The --parse <URL> option lets you feed an arbitrary profile URL as a starting point — useful when you already have a profile and need to expand outward from it rather than starting from a username. Results land in HTML and PDF reports by default; the --md flag produces a Markdown report structured for AI analysis, with a summary of aggregated personal data followed by per-account sections listing the profile URL, site tags, and every extracted field.
What 0.5.0 Fixed
The most consequential reliability fix in 0.5.0 addresses the federated social web. Mastodon instances had become a persistent source of false positives: because each Mastodon instance is a separately-hosted server, Maigret's earlier response-matching logic was triggering false hits on instances where the requested username did not exist but the generic error page returned an HTTP 200 status. Version 0.5.0 added proper per-instance regex validation for Mastodon checks, so a result is only reported as found when the instance's profile page structure confirms an actual account rather than a soft-redirect to the home page or a 404 disguised behind a 200 response code. The v0.5.0 release discussion on GitHub specifically credits this fix as one of the primary motivations for the version bump.
Beyond Mastodon, 0.5.0 disabled a curated set of sites with documented false-positive records. It added POST request support for sites whose check endpoints had migrated away from GET-accessible URLs — a category that had grown substantially as more platforms added CSRF protection or moved profile lookups to authenticated API calls. The ranking migration from Alexa to Majestic Million means the 500-site default pool now reflects current traffic rather than a snapshot frozen in 2022, when Alexa shut down. On the execution side, retries were reduced to zero by default, eliminating the phantom results that appeared when a temporarily-overloaded site returned a success code on a retry that happened to coincide with a real hit. The previously-broken --no-progressbar flag was restored, allowing clean log output in non-interactive pipelines and CI environments where a progress bar had been corrupting stdout.
The IntelTechniques OSINT VM update on April 4, 2026 documented the real-world effect of these changes. Bazzell's team modified the VM's user.sh provisioning script to match Maigret's updated operational parameters and explicitly recommended a fresh VM build to restore full functionality to several tools that had broken in the previous environment — Maigret among them.
Maigret Against Sherlock and WhatsMyName
The competitive landscape for username-OSINT tooling has been stable for several years, and the three dominant tools occupy genuinely different positions. In his analysis post "What's wrong with namecheckers?", soxoj examined namechk.com, whatsmyname.app, Sherlock, and Snoop, and identified the core problem: most username-checking tools were built for marketing use cases — brand-squatting detection, handle availability — not OSINT use cases. Marketing tools can afford ambiguous positives because the user verifies each manually. An investigator needs confident results because each one drives a line of operational effort.
ToolSite coverageRecursive searchFalse positive controlReport formats Maigret 0.5.03,000+Yes, on by defaultPer-site check types, active maintenance, disabled known-bad sitesHTML, PDF, XMind, Markdown Sherlock~400NoCommunity-maintained, moderateCSV, plain text WhatsMyName~640NoCategory-reviewed, openly auditable JSON datasetWeb UI, raw JSONSherlock is the right choice when you need a fast, dependency-light single-pass check and your downstream workflow handles false-positive review. Its ~400-site database is well-maintained, it produces CSV output that integrates cleanly into spreadsheets and other tooling, and its install is a single pip command with no further configuration. WhatsMyName excels at categorised quick checks — you can filter to social, gaming, forums, or e-commerce — and its openly published JSON dataset is used by several other tools as a substrate, making it straightforward to audit every detection rule. Neither tool follows a profile page or generates a graph of connected aliases.
Maigret is the right choice when the investigation is the point: when you need to know not just whether a username exists on a set of platforms, but what network of identities it connects to and what those identities reveal about the person behind them. No equivalent to its recursive parser exists in Sherlock or WhatsMyName. For the kind of methodical identity-mapping that OSINT investigations actually require, the three-tool comparison is less "which tool is best" and more "use Maigret as your investigation engine and cross-check edge cases with the others."
Installing Maigret
The cleanest install path is via pip. On any system with Python 3.7 or later, pip3 install maigret pulls the current release from PyPI. The basic invocation is maigret <username>, which runs against the 500-site default with recursion enabled. Adding -a or --all-sites expands the run to all 3,000+ sites at the cost of a longer runtime. You can narrow scope with --tags photo,jp to restrict to photography sites serving Japanese audiences, or cut noise with --exclude-tags dating,porn. Reports are written to the current directory; --folderoutput /path/to/reports redirects all output to a specified folder.
For containerised deployments or environments where Python dependency conflicts are a concern, the official Docker image is available at docker pull soxoj/maigret. The standard invocation mounts a local output directory: docker run --rm -v $(pwd)/reports:/app/reports soxoj/maigret <username>. This is the deployment path IntelTechniques uses in the OSINT VM, and it cleanly sidesteps the Python environment conflicts that caused the breakage the April 2026 VM update was fixing. Full installation and configuration documentation is maintained on ReadTheDocs, including source-build instructions and notes on proxy and Tor routing for dark-web username checks.
Where Maigret Sits in the Stack
The argument for running all three tools in parallel — that their site databases overlap imperfectly and union coverage is better than any single tool — still holds for thorough investigations. But the question of which tool anchors the workflow has a clearer answer after 0.5.0. With Mastodon false positives resolved, site ranking updated to current traffic data, and the execution engine stabilised, Maigret now delivers both the coverage and the investigative depth that the tool always promised but couldn't reliably deliver. Sherlock and WhatsMyName remain valuable as cross-checks and for fast-turnaround queries where recursive graph-building is not the requirement. But for the kind of alias-tracing work that puts a complete picture of a subject's online presence on the table, Maigret 0.5.0 is now the tool you run first and trust most.