merge: phase 12 resolve conflicts

.planning/phases/12-osint_iot_cloud_storage/12-02-SUMMARY.md

@@ -0,0 +1,103 @@
+---
+phase: 12-osint_iot_cloud_storage
+plan: 02
+subsystem: recon
+tags: [fofa, netlas, binaryedge, iot, osint, httptest]
+
+requires:
+  - phase: 09-osint-infrastructure
+    provides: LimiterRegistry, shared Client retry/backoff HTTP
+  - phase: 10-osint-code-hosting
+    provides: ReconSource interface pattern, BuildQueries, keywordIndex helpers
+provides:
+  - FOFASource implementing recon.ReconSource for FOFA internet search
+  - NetlasSource implementing recon.ReconSource for Netlas intelligence API
+  - BinaryEdgeSource implementing recon.ReconSource for BinaryEdge data API
+affects: [12-osint_iot_cloud_storage, cmd/recon]
+
+tech-stack:
+  added: []
+  patterns: [base64-encoded query params for FOFA, X-API-Key header auth for Netlas, X-Key header auth for BinaryEdge]
+
+key-files:
+  created:
+    - pkg/recon/sources/fofa.go
+    - pkg/recon/sources/fofa_test.go
+    - pkg/recon/sources/netlas.go
+    - pkg/recon/sources/netlas_test.go
+    - pkg/recon/sources/binaryedge.go
+    - pkg/recon/sources/binaryedge_test.go
+  modified: []
+
+key-decisions:
+  - "FOFA uses base64-encoded qbase64 param with email+key auth in query string"
+  - "Netlas uses X-API-Key header; BinaryEdge uses X-Key header for auth"
+  - "All three sources use bare keyword queries (default formatQuery path)"
+
+patterns-established:
+  - "IoT scanner source pattern: struct with APIKey/BaseURL/Registry/Limiters + lazy client init"
+
+requirements-completed: [RECON-IOT-04, RECON-IOT-05, RECON-IOT-06]
+
+duration: 2min
+completed: 2026-04-06
+---
+
+# Phase 12 Plan 02: FOFA, Netlas, BinaryEdge Sources Summary
+
+**Three IoT/device scanner recon sources (FOFA, Netlas, BinaryEdge) with httptest-based unit tests covering sweep, auth, and cancellation**
+
+## Performance
+
+- **Duration:** 2 min
+- **Started:** 2026-04-06T09:22:18Z
+- **Completed:** 2026-04-06T09:24:22Z
+- **Tasks:** 2
+- **Files modified:** 6
+
+## Accomplishments
+- FOFASource searches FOFA API with base64-encoded queries and email+key authentication
+- NetlasSource searches Netlas API with X-API-Key header authentication
+- BinaryEdgeSource searches BinaryEdge API with X-Key header authentication
+- All three sources follow established Phase 10 pattern with shared Client, LimiterRegistry, BuildQueries
+
+## Task Commits
+
+Each task was committed atomically:
+
+1. **Task 1: Implement FOFASource, NetlasSource, BinaryEdgeSource** - `270bbbf` (feat)
+2. **Task 2: Unit tests for FOFA, Netlas, BinaryEdge sources** - `d6c35f4` (test)
+
+## Files Created/Modified
+- `pkg/recon/sources/fofa.go` - FOFASource with base64 query encoding and dual-credential auth
+- `pkg/recon/sources/fofa_test.go` - httptest tests for FOFA sweep, credentials, cancellation
+- `pkg/recon/sources/netlas.go` - NetlasSource with X-API-Key header auth
+- `pkg/recon/sources/netlas_test.go` - httptest tests for Netlas sweep, credentials, cancellation
+- `pkg/recon/sources/binaryedge.go` - BinaryEdgeSource with X-Key header auth
+- `pkg/recon/sources/binaryedge_test.go` - httptest tests for BinaryEdge sweep, credentials, cancellation
+
+## Decisions Made
+- FOFA uses base64-encoded qbase64 query parameter (matching FOFA API spec) with email+key in query string
+- Netlas uses X-API-Key header; BinaryEdge uses X-Key header (matching their respective API specs)
+- All three use bare keyword queries via default formatQuery path (no source-specific query formatting needed)
+
+## Deviations from Plan
+
+None - plan executed exactly as written.
+
+## Issues Encountered
+None
+
+## Known Stubs
+None
+
+## User Setup Required
+None - no external service configuration required.
+
+## Next Phase Readiness
+- Three IoT scanner sources ready for RegisterAll wiring
+- FOFA requires email + API key; Netlas and BinaryEdge require API key only
+
+---
+*Phase: 12-osint_iot_cloud_storage*
+*Completed: 2026-04-06*