CrotDalam
CROT DALAM is a Python CLI that performs OSINT on TikTok without any API keys. It drives a real Chromium browser (via Playwright) to search public TikTok pages by keyword, extracts video metadata, applies scam/phishing risk heuristics (EN/ID), and exports JSONL + CSV (optionally screenshots for evidence).
Install / Use
/learn @Masriyan/CrotDalamREADME
📋 Table of Contents
- ✨ Features
- 🚀 Quick Start
- 🖥️ GUI Dashboard
- ⚡ CLI Usage
- 🛡️ Anti-Detection
- 🔎 Risk Analysis
- 📊 Architecture
- 🧠 How It Works
- 📁 Output Files
- ⚙️ Configuration
- 🤝 Contributing
- 📄 License
✨ Features
<table> <tr> <td width="50%">🎯 Core Capabilities
- No API Keys Required — Scrapes public TikTok pages
- Keyword-Based Search — Multiple keywords per scan
- Video Metadata Extraction — Full metrics & engagement
- User Profile Analysis — Deep profile reconnaissance
- Comment Collection — With sentiment analysis
🛡️ Protection & Stealth
- Human-Like Behavior — Bezier mouse movements
- Fingerprint Rotation — Viewport, timezone, WebGL
- Proxy Pool Support — Rotating proxy management
- Session Persistence — Cookie reuse across runs
- Adaptive Rate Limiting — Smart request throttling
📊 Analysis & Detection
- Multi-Language Risk Scoring — 6 languages supported
- Entity Extraction — Phones, wallets, emails, URLs
- Sentiment Analysis — Comment mood detection
- Network Mapping — Hashtag & mention graphs
- Custom Risk Terms — Add your own indicators
📦 Output & Evidence
- Modern Web GUI — Real-time dashboard
- Multiple Export Formats — JSONL, CSV, HTML
- Screenshot Capture — Full-page evidence
- Video Downloads — Via yt-dlp integration
- Web Archive — Archive.today snapshots
🚀 Quick Start
Prerequisites
- Python 3.10+
- Chromium (installed via Playwright)
Installation
# Clone the repository
git clone https://github.com/Masriyan/CrotDalam.git
cd CrotDalam
# Install dependencies
pip install -r requirements.txt
# Install Playwright browsers
playwright install chromium
# (Optional) Install yt-dlp for video downloads
pip install yt-dlp
First Run
# CLI Mode - Quick search
python -m crot_dalam.cli search "undian berhadiah" --mode quick --limit 10
# GUI Mode - Launch dashboard
python -m crot_dalam.cli gui
🖥️ GUI Dashboard
The modern web GUI provides a complete investigation management interface.
Launch the Dashboard
python -m crot_dalam.cli gui --port 5000
Then open http://localhost:5000 in your browser.
Dashboard Features
┌─────────────────────────────────────────────────────────────────┐
│ 🔍 CROT DALAM Dashboard │
├─────────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ 🚀 New Investigation │ │
│ │ ┌─────────────────────────────────────────────────────┐│ │
│ │ │ Keywords: undian berhadiah, giveaway ▼ ││ │
│ │ └─────────────────────────────────────────────────────┘│ │
│ │ Mode: [Deep ▼] Limit: [60] Locale: [en-US ▼] │ │
│ │ ☑ Anti-Detection ☐ Screenshots ☐ Downloads │ │
│ │ [🔍 Start] │ │
│ └─────────────────────────────────────────────────────────┘ │
│ │
│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ │
│ │ 45 │ │ 12 │ │ 8 │ │ 2m 35s │ │
│ │ Videos │ │ HighRisk │ │ MedRisk │ │ Duration │ │
│ └──────────┘ └──────────┘ └──────────┘ └──────────┘ │
│ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ Video ID │ Description │ Risk │ Engagement │ ...│ │
│ ├───────────┼───────────────────┼──────┼────────────┼────┤ │
│ │ 73829... │ Transfer dulu... │ 8 │ ❤️ 12K │ ...│ │
│ │ 82910... │ Hadiah gratis... │ 5 │ ❤️ 8.2K │ ...│ │
│ └─────────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
Real-Time Updates
The dashboard uses WebSocket for live progress updates:
- Progress bar with percentage
- Live status messages
- Instant results on completion
⚡ CLI Usage
Basic Search
# Single keyword search
python -m crot_dalam.cli search "crypto giveaway" --limit 50
# Multiple keywords
python -m crot_dalam.cli search "undian" "hadiah gratis" --limit 30 --locale id-ID
# Deep investigation mode
python -m crot_dalam.cli search "transfer dulu" --mode deep --limit 100
Investigation Modes
| Mode | Screenshots | Comments | Downloads | Archive | Pivot |
| ---------- | :---------: | :------: | :-------: | :-----: | :---: |
| quick | ❌ | ❌ | ❌ | ❌ | ❌ |
| moderate | ✅ | 5 | ❌ | ❌ | ❌ |
| deep | ✅ | 15 | ✅ | ✅ | 3 |
| deeper | ✅ | 30 | ✅ | ✅ | 5 |
Full Options
python -m crot_dalam.cli search "keyword" \
--mode deep \
--limit 100 \
--locale id-ID \
--headless \
--screenshot \
--download \
--archive \
--comments 20 \
--pivot-hashtags 5 \
--antidetect \
--aggressive \
--proxy "http://user:pass@host:port" \
--out "out/investigation_001"
Risk Analysis (Standalone)
# Analyze text for risk indicators
python -m crot_dalam.cli analyze "Transfer dulu untuk klaim hadiah undian berhadiah"
# Output:
# Risk Score: 8
# Risk Level: HIGH
# Matches:
# • transfer dulu (financial_scam, indonesian)
# • undian berhadiah (financial_scam, indonesian)
# • hadiah (financial_scam, indonesian)
🛡️ Anti-Detection
CROT DALAM implements comprehensive anti-detection to reduce TikTok bot detection.
Features
flowchart LR
subgraph AntiDetect["🛡️ Anti-Detection System"]
A[Human Delays] --> B[Mouse Curves]
B --> C[Fingerprint Rotation]
C --> D[Proxy Rotation]
D --> E[Session Persistence]
end
User --> AntiDetect --> TikTok
| Feature | Description | | ------------------------ | ---------------------------------------- | | Human Delays | Log-normal distributed timing (0.5-3.0s) | | Bezier Mouse | Natural curved mouse movements | | Natural Scroll | Variable speed with reading pauses | | Fingerprint Rotation | Random viewport, timezone, WebGL, UA | | Proxy Pool | Health-checked rotating proxies | | Session Cookies | Persistent login state |
Configuration
# Standard anti-detection
python -m crot_dalam.cli search "keyword" --antidetect
# Aggressive mode (slower but stealthier)
python -m crot_dalam.cli search "keyword" --antidetect --aggressive
⚠️ Note: Anti-detection reduces but cannot guarantee 100% evasion. TikTok may still detect automated access.
🔎 Risk Analysis
Supported Languages
| Language | Categories | Example Terms | | ------------- | ---------- | ------------------------------------------- | | 🇮🇩 Indonesian | 7 | undian berhadiah, transfer dulu, slot gacor | | 🇺🇸 English | 5 | seed phrase, crypto double, verify wallet | | 🇲🇾 Malay | 2 | hadiah percuma, bayar dahulu | | 🇻🇳 Vietnamese | 2 | trúng thưởng, đầu tư sinh lời | | 🇹🇭 Thai | 2 | ถูกรางวัล, สล็อตเว็บตรง | | 🇵🇭 Filipino | 2 | libre Regalo, bayad muna |
Risk Categories
- Financial Scam — Fake giveaways, lottery scams
- Investment Fraud — Crypto scams, fake ROI promises
- Gambling — Illegal online gambling promotion
- Loan Scam — Predatory lending, fake loans
- Job Scam — Work-from-home fraud
- Contact Urgency — Pressure to contact "admin"
Entity Extraction
The tool automatically extracts:
- 📱 Phone numbers (Indonesian, international)
- 💳 Crypto wallets (BTC, ETH, TRX)
- 📧 Email addresses
- 💬 Telegram/WhatsApp links
- 🔗 Shortened URLs (bit.ly, etc.)
📊 Architecture
Package Structure
CrotDalam/
├── crot_dalam/
│ ├── __init__.py # Package init, version
│ ├── cli.py # Typer CLI commands
│ ├── core/
│ │ ├── antidetect.py # Anti-detection system
│ │ ├── scraper.py # Playwright scraper
│ │ ├── risk_analyzer.py # Multi-language risk detection
│ │ └── exporters.py # JSONL/CSV/HTML export
│ ├── gui/
│ │ ├── app.py # Flask +
