When gathering our target internet activity on the internet, Sherlock is a great tool we can easily use to collect opensource intelligence (data that are produced from publicly available information). The downside of open-source intelligence, whilst can be used by security professionals, so does threat actors. With a single clue, such as username/email, we can obtain information like transactions, family members and other account created by our target.
In this tutorial we need Kali Linux, Python 3 and pip to install the dependencies and run Sherlock.
Step 1: Clone the Sherlock Project
Open up your terminal and clone the project by pasting the following clone command.
# clone the repo
$ git clone https://github.com/sherlock-project/sherlock.git
# change the working directory to sherlock
$ cd sherlock
Step 2: Install dependencies.
Install Sherlock dependencies using Pip3.
# install the requirements
$ pip3 install -r requirements.txt
Step 3: Gathering opensource intelligence
To start OSCINT, type the following command. You will see the list of URLs the user is associated to.
python3 sherlock.py user123
Step 4: Viewing results
If you list all the files, you will notice a “user123.txt” exist. Open if by using the nano command.
#List all the files in list format, reverse, time in the current directory
$ ls -lrt
$sudo nano user123.txt
For more options, you can open sherlock help using this command.
$ python3 sherlock.py --help
usage: sherlock.py [-h] [--version] [--verbose] [--rank]
[--folderoutput FOLDEROUTPUT] [--output OUTPUT] [--tor]
[--unique-tor] [--csv] [--site SITE_NAME]
[--proxy PROXY_URL] [--json JSON_FILE]
USERNAMES [USERNAMES ...]
Sherlock: Find Usernames Across Social Networks (Version 0.6.5)
USERNAMES One or more usernames to check with social networks.
-h, --help show this help message and exit
--version Display version information and dependencies.
--verbose, -v, -d, --debug
Display extra debugging information and metrics.
--rank, -r Present websites ordered by their Alexa.com global
rank in popularity.
--folderoutput FOLDEROUTPUT, -fo FOLDEROUTPUT
If using multiple usernames, the output of the results
will be saved at this folder.
--output OUTPUT, -o OUTPUT
If using single username, the output of the result
will be saved at this file.
--tor, -t Make requests over TOR; increases runtime; requires
TOR to be installed and in system path.
--unique-tor, -u Make requests over TOR with new TOR circuit after each
request; increases runtime; requires TOR to be
installed and in system path.
--csv Create Comma-Separated Values (CSV) File.
--site SITE_NAME Limit analysis to just the listed sites. Add multiple
options to specify more than one site.
--proxy PROXY_URL, -p PROXY_URL
Make requests over a proxy. e.g.
--json JSON_FILE, -j JSON_FILE
Load data from a JSON file or an online, valid, JSON
Prints only found messages. Errors, and invalid
username errors will not appear.
To share awareness, please share this post by clicking the social media icons below 🙂