Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Castrick is an OSINT (open-source intelligence) lookup tool that supports finding public clues via email addresses, usernames, and phone numbers. It is designed for investigation scenarios around “find clues about anyone.” The service emphasizes that it does not use leaked, breached, or data broker databases, instead aggregating real-time public-source data. It also states that it does not log or store user searches and does not notify the target being searched.
From a cybersecurity perspective, Castrick is closer to a reconnaissance and intelligence-gathering tool than to a firewall, EDR, WAF, or vulnerability scanner. Its “protection” value should be understood as supporting threat intelligence, anti-fraud investigations, account risk checks, and preliminary attribution in security incidents. It is delivered as an online web service, and its plans mention API access, making it potentially suitable for automation workflows. However, the main site does not provide details such as API documentation, rate limits, Webhooks, or SIEM/SOAR integrations.
Pricing is straightforward: Basic is free; Recon is a one-time $12 purchase that includes 30 credits, with 1 credit equal to 1 search; Enterprise supports custom credit volumes but does not disclose pricing. Purchased credits expire after 6 months and are non-refundable. A major point to note is that the website explicitly announces Castrick will shut down on February 7, 2026, which poses a significant risk for enterprise procurement, long-term workflow integration, and data continuity.
Its advantages are a low barrier to entry, coverage of three common identifier types—email, username, and phone number—and clear privacy commitments: no search storage, no account linking, and no notifications to target individuals. The drawbacks are also obvious: it does not disclose specific data sources, country/platform coverage, accuracy metrics, compliance certifications, SLA, audit capabilities, or enterprise permission management. Its terms also state that it does not guarantee the accuracy, completeness, authenticity, quality, or legality of the information, so results should only be treated as leads rather than used directly as conclusive evidence.
Castrick is suitable for OSINT researchers, security analysts, anti-fraud personnel, or small teams conducting lightweight lead verification. It is not suitable as a core enterprise security protection platform. The source text does not provide information on access from China, so network connectivity, payment methods, and availability should all be tested directly. For alternatives, depending on the scenario, consider Maltego, SpiderFoot, Shodan, Have I Been Pwned, or compliant domestic threat intelligence/risk control services in China.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on castrickclues.com official site.
castrickclues.com is an Unknown Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach castrickclues.com directly.