Hunt Down Social Media Accounts by Usernames Using Sherlock [Tutorial]

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

during an OSINT investigation discovering a person the screen name can lead to a lot of information today we'll check out a tool called Sherlock that hunts down user accounts across a vast variety of websites on this episode a cyber weapons lab [Music] [Applause] [Music] during an O cent investigation our goal is to stick together as many potentially disconnected clues as possible into one coherent picture now Sherlock does this by allowing us take a single piece of information a username and expand it into as many different connected accounts as it can find now this can come with their own clues and details like photos audio video and other accounts that might be connected and involve a little bit less security than the ones we should initially find so Sherlock is an amazing tool for being able to expand an investigation into other accounts that we otherwise would have no hope of finding now Sherlock can also be used to generate a list of possible accounts based on someone's name and then run doubt when rundown which ones might actually be connected to your target in order to use it you'll just need to have Python 3 installed which is cross-platform and should be able to be run on any computer you're using if you have any questions on how to install this you can check out the null byte link in the description which has a lot of different troubleshooting in case you run into any errors once you have Python set up then we're ready to begin to get started with Sherlock you can navigate to the github page here at github comm slash Sherlock project slash Sherlock if you scroll down you can see the documentation is pretty straightforward and we'll just need to clone the github repository CD into the directory and then do a pip 3 install of requirements text so let's go ahead and first do the git clone and in my case it already exists and then we'll CD into Sherlock and then LS and we can see all the various things that have been loaded most importantly the setup so here back in the installation you can see the correct syntax is PIP 3 install tuck our requirements text and we can go ahead and run this and it should go ahead and install all the library libraries that are required for all the various websites that Sherlock will be reaching out to in order to see whether or not a user account exists so here you can see the general usage is Python 3 Sherlock PI and then just the username that we're looking for and we can do some more interesting things like do it through tor or maybe output to the JSON file but for now we're gonna be straight pretty straightforward and just going after a couple examples as though we were doing an OSINT investigation and so to start turning over some clues and seeing what we can learn alright so let's get started and now that we are in the folder and we also have Sherlock installed we can go ahead and run from our example Python 3 Sherlock dot pi and then we just insert a user name so who are we going to look up first alright so I did a little bit of thinking and based on some feedback from our production assistant we're going to go first with Neil Breen Neil Breen is a visionary some say legendary producer of videos that have been a great inspiration to our production assistant Nick so we're going to go ahead and run it first and see what kind of information we can pull up on neoprene so Sherlock will go ahead and go to all these different Oh some of these are crunchyroll they're all these social media and other sorts of websites that have accounts and it will check to see whether or not a user account exists that matches exactly the one that you've input now typically somebody will have a favorite screening that they use all over the internet so this tool is particularly effective at gathering all these into one place so that we can check them out one by one and see if there's any clues that could help us better identify who this person is so we can already see that there's some information that might not be authentic to this person I am led to understood that this person is popular on the internet so this 9gag account is probably probably not them but if we go back to some other stuff that's a little bit older we can begin to find some things it could be helpful in understanding this person so let's go ahead and check out this is an older gentleman so maybe eBay might be a good place to start now taking this URL let's go ahead and navigate to one that we found while the scan completes and we'll see whether or not we can find some useful information here we can see this account was created 2014 and I guess this guy got more popular last year so this is probably authentic and we can see some reviews of products that this person looks like they bought now if we scroll down we can see he'll bring like cat food he likes this wig he does not like this blow necklace and we can see some other things he's decorated to house with or that he is generally interested in which could be really interesting depending on what that person is actually buying now unlike services like Amazon where you just kind of buy things directly this actually allows you to see all the different things that this person has bought and then left reviews on directly from their screen name so that allows us to quickly find it from this tool rather than having to dig through a bunch of different various like things through their user profile or maybe dig through I don't know something else so as we go through it looks like wow there's a lot of stuff and the scan is now done so if we type LS again we should see a new Neal Breen dot text and we can just nano Neal Breen dot text to get a list of all the stuff that we found all right so some of these things are probably people that have jumped on the bandwagon of this guy's name in particular I don't think that github.com / Neal Breen I don't know that Neal Breen is a big developer I could be wrong I don't know but some of these other things like for example venmo could be very interesting now by default venmo payments are public meaning while this particular person might not yield any information this is still something that could allow us to see who they're paying and who exactly is kind of in this person's circle of influence now I'm sorry Christopher Proctor I'm sure you didn't mean to show up on our show but you shouldn't have stolen Neal Greene's name if you didn't want to appear in searches for him so in this case it didn't lead to any information but in a lot of cases I've seen a lot of venmo payments that can teach us a little bit about who the person is interacting with and especially payments are sensitive because they could lead to business information or some other things like identifying members of a company now I'm gonna not spend too much more time on Neal Breen because I think you get the general understanding but any one of these could lead to more information and for a typical person who is celebrity or famous on I guess 9gag and reddit then you could really learn a lot of information about that particular individual now let's pick somebody else and we're gonna pick John McAfee let's see what we can find just using Sherlock to understand maybe which accounts could be tied to him specifically and which ones are probably not legitimately from him so if we go back up to our command all we really need to do is substitute out the other screening we want to look for an official John McAfee and this should get to work finding as many different accounts as we can tie to this particular name now already we're seeing some pretty some pretty promising stuff we can see there's an Instagram account Google+ I think has been shut down now but we have an L oh we have a blogspot that sounds great let's check this out and see if we have any content so back in our browser window unfortunately it looks like this is being redirected somewhere else which is very sad but maybe this new website could actually lead to information if we were actually doing some OSINT of course we could just do provided this as nope it's not done in a new window we could just do who is that and then find out you know exactly who registered it whether or not this was tied to mr. McAfee and we can see the organization is micronesia investment and Development Corporation I'm not gonna touch that I don't know what that's about but either way this is a really interesting tool for being able to pull together these things so we can track down these leads one by one and figure out which ones might lead to more information and which ones might be kind of a dead end now obviously something like trading view or other things that could lead to information about finances this is all really interesting because for a pen tester or somebody that's looking for vulnerabilities it gives a lot of hope here we go it gives a lot of information about a person's personal life the things they engage in the interest they have and generally kind of what they're interested in that gives us a level of understanding of them that may be a typical investigation might not immediately overturn now of course there are a couple four types of false positives it will come up with this and the most common is course a misattribution where somebody is either using that screen name but not actually that person or otherwise if it's a celebrity or someone who's more popular you might get a lot of copycats that generally interfere with your results now the way that this is written you generally will see a better reliability than some other tools that just check to see whether or not that exists but in general this is a great tool for being able to determine whether or not a user's screen name exists all over the internet or if maybe it's concentrated in a couple of different sites now here we finally finished and we've already just by checking a couple of these seen that we've found some different accounts that the person's putting out media from so if you type Alice again we can see there should now be a official official mcafee so if we nano official McAfee we have a short list of all the 12 websites we were able to find so if you have a screen name for an individual this is probably one of the best ways you can quickly check to see where you might be able to dig up more information and maybe take the next step in your own investigation during an OSINT investigation the value of tools like sherlock is to pull in lots of different tools from even a single hit if we find an account that has a photo we can reverse image search it and potentially find other accounts that are linked and if you find a description we can look for specific instances of the exact same words to find where the person might have copied and pasted the same description of themselves all these things taken together can lead to a dramatic image of a person that might be a little bit more intimate than we would be able to get if we otherwise were just gathering information from just random clues so a username can't a really bridge the gap when it comes to understanding a person who they hang out with and which accounts they have accessible for gathering further clues that's all we have for this episode of cyber weapons lab if you have any questions on setting up sherlock you can check out the article linked in the description and if you have any ideas for future episodes you can send me a message on twitter because i'd love to hear from you we'll see you next time

Info

Channel: Null Byte

Views: 1,998,471

Rating: undefined out of 5

Keywords: wht, wonderhowto, nullbyte, null byte, hack, hacking, hacker, hacks, hackers, how to hack, howto, how to, tutorial, guide, cyber weapon, cyber weapons, cyber, Sherlock, github, McAfee, Neil Breen, OSINT, OSINT Investigations, Open Source Intelligence, Usernames, social, social media, social account, account, screenname, screen name, username, user name, alias

Id: HrqYGTK8-bo

Channel Id: undefined

Length: 11min 43sec (703 seconds)

Published: Tue Jul 09 2019