Hi @crokkon, I understand all of your concerns. I also advise nobody to trust a website with their private keys unless it is offered by Steemit Inc.
I can do SteemConnect for withdraw vesting routes, and removal of posting authority. But that won't be enough because with active and/or owner authority those can be re-added in a matter of seconds.
I just want to help the victim of hacking/scam to reset their account authorities as I failed to help them the first time when they posted their key. I know it not wise to trust a dude on the Internet but I am doing whatever I can. I do not keep logs of usage, not even errors.
Looks like my hands are tied at least for now but thank you for commenting.
.
Hi @crokkon, thank you for the suggestion. Though the code is very easy to write, but I do not want to share it publicly as anybody with very little technical knowledge can change 2-3 lines of the code and make a phishing site out of it and run from a free hosting provider.
But if you or anybody trusted by the community want to check the code, I am willing to share. :)