Sherlock Social Media Benutzername Hunter Cheat Blatt¶
Überblick¶
Sherlock ist ein leistungsfähiges OSINT-Tool, das Social Media-Konten durch Benutzernamen in 400+ sozialen Netzwerken niederjagt. Es ist entworfen, um Benutzernamen in einer Vielzahl von sozialen Netzwerken sehr schnell zu finden, so dass es ein wesentliches Werkzeug für digitale Untersuchungen, Hintergrundprüfungen und Cybersicherheitsforschung. Sherlock verwendet eine Kombination von HTTP-Anfragen und Antwortanalysen, um festzustellen, ob ein Benutzername auf verschiedenen Plattformen existiert.
ZEIT Rechtshinweis: Verwenden Sie Sherlock nur für legitime OSINT-Untersuchungen, berechtigte Sicherheitstests oder persönliche Forschung. Respektieren Sie die Nutzungsbedingungen der Plattform und die geltenden Datenschutzgesetze.
Installation¶
Python Pip Installation¶
```bash
Install via pip¶
pip3 install sherlock-project
Verify installation¶
sherlock --help
Alternative: Install from GitHub¶
pip3 install git+https://github.com/sherlock-project/sherlock.git
Install with all dependencies¶
pip3 install sherlock-project[all] ```_
Docker Installation¶
```bash
Pull official Docker image¶
docker pull sherlockproject/sherlock
Run with Docker¶
docker run --rm -t sherlockproject/sherlock username
Run with output directory¶
docker run --rm -t -v $(pwd)/results:/opt/sherlock/results sherlockproject/sherlock username
Build from source¶
git clone https://github.com/sherlock-project/sherlock.git cd sherlock docker build -t sherlock . ```_
Manuelle Installation¶
```bash
Clone repository¶
git clone https://github.com/sherlock-project/sherlock.git cd sherlock
Install dependencies¶
pip3 install -r requirements.txt
Run directly¶
python3 sherlock username
Make executable¶
chmod +x sherlock ./sherlock username ```_
Virtual Environment Setup¶
```bash
Create virtual environment¶
python3 -m venv sherlock-env source sherlock-env/bin/activate
Install Sherlock¶
pip install sherlock-project
Verify installation¶
sherlock --version ```_
Basisnutzung¶
Kommandozeilenschnittstelle¶
```bash
Basic username search¶
sherlock username
Search multiple usernames¶
sherlock user1 user2 user3
Search with output to file¶
sherlock username --output results.txt
Search with CSV output¶
sherlock username --csv
Search with JSON output¶
sherlock username --json results.json
Verbose output¶
sherlock username --verbose
Print only found results¶
sherlock username --print-found ```_
Erweiterte Suchoptionen¶
```bash
Search specific sites only¶
sherlock username --site GitHub --site Twitter
Exclude specific sites¶
sherlock username --exclude Instagram --exclude Facebook
Use proxy¶
sherlock username --proxy http://proxy:8080
Set custom timeout¶
sherlock username --timeout 10
Disable SSL verification¶
sherlock username --no-ssl-verify
Use Tor proxy¶
sherlock username --tor
Foldering output by username¶
sherlock username --folderoutput results/ ```_
Site-Specific Searchs¶
Beliebte Social Media Plattformen¶
```bash
Search major social networks¶
sherlock username --site Twitter --site Instagram --site Facebook --site LinkedIn
Search professional networks¶
sherlock username --site LinkedIn --site GitHub --site GitLab --site Behance
Search gaming platforms¶
sherlock username --site Steam --site Twitch --site Discord --site Xbox
Search dating platforms¶
sherlock username --site Tinder --site Bumble --site Match
Search forums and communities¶
sherlock username --site Reddit --site HackerNews --site StackOverflow ```_
Technologie- und Entwicklungsplattformen¶
```bash
Developer platforms¶
sherlock username --site GitHub --site GitLab --site Bitbucket --site SourceForge
Tech communities¶
sherlock username --site StackOverflow --site HackerNews --site DeviantArt
Code sharing platforms¶
sherlock username --site Pastebin --site Gist --site CodePen
Documentation platforms¶
sherlock username --site GitBook --site Notion --site Confluence ```_
Inhalt und Medienplattformen¶
```bash
Video platforms¶
sherlock username --site YouTube --site Vimeo --site TikTok --site Dailymotion
Photo platforms¶
sherlock username --site Instagram --site Flickr --site 500px --site Imgur
Blogging platforms¶
sherlock username --site Medium --site WordPress --site Blogger --site Tumblr
Music platforms¶
sherlock username --site Spotify --site SoundCloud --site Bandcamp ```_
Ausgabeformate und Analyse¶
Textausgabe¶
```bash
Basic text output¶
sherlock username > results.txt
Verbose text output¶
sherlock username --verbose > detailed_results.txt
Only found accounts¶
sherlock username --print-found > found_accounts.txt
With timestamps¶
sherlock username --verbose|tee "results_$(date +%Y%m%d_%H%M%S).txt" ```_
Strukturierte Datenausgabe¶
```bash
CSV format¶
sherlock username --csv --output results.csv
JSON format¶
sherlock username --json results.json
Both CSV and JSON¶
sherlock username --csv --json results.json --output results.csv
Folder output (organized by username)¶
sherlock user1 user2 --folderoutput investigation_results/ ```_
Benutzerdefinierte Ausgabeverarbeitung¶
```python
!/usr/bin/env python3¶
sherlock-output-processor.py¶
import json import csv import sys from datetime import datetime
def process_sherlock_json(json_file): """Process Sherlock JSON output""" try: with open(json_file, 'r') as f: data = json.load(f)
results = []
for username, sites in data.items():
for site, info in sites.items():
if info.get('status') == 'Claimed':
results.append(\\\\{
'username': username,
'site': site,
'url': info.get('url_user', ''),
'response_time': info.get('response_time_s', 0),
'status': info.get('status', '')
\\\\})
return results
except Exception as e:
print(f"Error processing JSON: \\\\{e\\\\}")
return []
def generate_summary_report(results): """Generate summary report from results""" if not results: return "No results to process"
# Count by platform
platform_counts = \\\\{\\\\}
for result in results:
platform = result['site']
platform_counts[platform] = platform_counts.get(platform, 0) + 1
# Generate report
report = f"""
Sherlock Investigation Summary Generated: \\{datetime.now().strftime('%Y-%m-%d %H:%M:%S')\\}
Total Accounts Found: \\{len(results)\\} Unique Platforms: \\{len(platform_counts)\\}
Platform Distribution: """
for platform, count in sorted(platform_counts.items(), key=lambda x: x[1], reverse=True):
report += f" \\\\{platform\\\\}: \\\\{count\\\\}\n"
report += "\nDetailed Results:\n"
for result in results:
report += f" \\\\{result['site']\\\\}: \\\\{result['url']\\\\}\n"
return report
def export_to_csv(results, filename): """Export results to CSV""" if not results: return
with open(filename, 'w', newline='') as csvfile:
fieldnames = ['username', 'site', 'url', 'response_time', 'status']
writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
writer.writeheader()
for result in results:
writer.writerow(result)
def main():
if len(sys.argv) != 2:
print("Usage: python3 sherlock-output-processor.py
json_file = sys.argv[1]
results = process_sherlock_json(json_file)
if results:
# Generate summary
summary = generate_summary_report(results)
print(summary)
# Save summary to file
with open('sherlock_summary.txt', 'w') as f:
f.write(summary)
# Export to CSV
export_to_csv(results, 'sherlock_results.csv')
print(f"\nSummary saved to: sherlock_summary.txt")
print(f"CSV export saved to: sherlock_results.csv")
else:
print("No valid results found in JSON file")
if name == "main": main() ```_
Automatisierung und Stapelverarbeitung¶
Batch Username Untersuchung¶
```bash
!/bin/bash¶
sherlock-batch-investigation.sh¶
USERNAMES_FILE="\(1" OUTPUT_DIR="\)2"
if [ $# -ne 2 ]; then
echo "Usage: $0
if [ ! -f "$USERNAMES_FILE" ]; then echo "Error: Usernames file not found: $USERNAMES_FILE" exit 1 fi
Create output directory¶
mkdir -p "$OUTPUT_DIR"
echo "Starting batch Sherlock investigation" echo "Usernames file: $USERNAMES_FILE" echo "Output directory: $OUTPUT_DIR" echo "=================================="
Process each username¶
while IFS= read -r username; do # Skip empty lines and comments | | if [[ -z "\(username" | | "\)username" =~ ^#.* ]]; then | | continue fi
echo "Investigating username: $username"
# Create individual output files
TEXT_OUTPUT="$OUTPUT_DIR/$\\\\{username\\\\}_results.txt"
JSON_OUTPUT="$OUTPUT_DIR/$\\\\{username\\\\}_results.json"
CSV_OUTPUT="$OUTPUT_DIR/$\\\\{username\\\\}_results.csv"
# Run Sherlock with multiple output formats
sherlock "$username" \
--output "$TEXT_OUTPUT" \
--json "$JSON_OUTPUT" \
--csv \
--timeout 15 \
--print-found \
--verbose
# Move CSV file to proper location
if [ -f "$\\\\{username\\\\}.csv" ]; then
mv "$\\\\{username\\\\}.csv" "$CSV_OUTPUT"
fi
echo "Results saved for $username"
echo " Text: $TEXT_OUTPUT"
echo " JSON: $JSON_OUTPUT"
echo " CSV: $CSV_OUTPUT"
echo ""
# Add delay to avoid rate limiting
sleep 2
done < "$USERNAMES_FILE"
echo "Batch investigation completed" echo "Results saved in: $OUTPUT_DIR"
Generate combined summary¶
echo "Generating combined summary..." python3 << 'PYTHON_SCRIPT' import os import json import sys from collections import defaultdict
output_dir = sys.argv[1] if len(sys.argv) > 1 else "investigation_results"
all_results = defaultdict(list) total_accounts = 0
Process all JSON files¶
for filename in os.listdir(output_dir): if filename.endswith('_results.json'): username = filename.replace('_results.json', '') filepath = os.path.join(output_dir, filename)
try:
with open(filepath, 'r') as f:
data = json.load(f)
for site, info in data.get(username, \\\\{\\\\}).items():
if info.get('status') == 'Claimed':
all_results[username].append(\\\\{
'site': site,
'url': info.get('url_user', ''),
'response_time': info.get('response_time_s', 0)
\\\\})
total_accounts += 1
except Exception as e:
print(f"Error processing \\\\{filename\\\\}: \\\\{e\\\\}")
Generate summary report¶
summary_file = os.path.join(output_dir, 'investigation_summary.txt') with open(summary_file, 'w') as f: f.write("Sherlock Batch Investigation Summary\n") f.write("===================================\n\n") f.write(f"Total usernames investigated: \\{len(all_results)\\}\n") f.write(f"Total accounts found: \\{total_accounts\\}\n\n")
for username, accounts in all_results.items():
f.write(f"Username: \\\\{username\\\\}\n")
f.write(f"Accounts found: \\\\{len(accounts)\\\\}\n")
for account in accounts:
f.write(f" \\\\{account['site']\\\\}: \\\\{account['url']\\\\}\n")
f.write("\n")
print(f"Combined summary saved to: \\{summary_file\\}") PYTHON_SCRIPT "$OUTPUT_DIR" ```_
Automatisierte Überwachung Script¶
```python
!/usr/bin/env python3¶
sherlock-monitor.py¶
import subprocess import json import time import smtplib from email.mime.text import MimeText from email.mime.multipart import MimeMultipart from datetime import datetime import os
class SherlockMonitor: def init(self, config_file="monitor_config.json"): self.config = self.load_config(config_file) self.previous_results = \\{\\} self.load_previous_results()
def load_config(self, config_file):
"""Load monitoring configuration"""
default_config = \\\\{
"usernames": [],
"check_interval": 3600, # 1 hour
"email_notifications": False,
"email_config": \\\\{
"smtp_server": "smtp.gmail.com",
"smtp_port": 587,
"username": "",
"password": "",
"to_email": ""
\\\\},
"output_directory": "monitoring_results"
\\\\}
try:
with open(config_file, 'r') as f:
config = json.load(f)
# Merge with defaults
for key, value in default_config.items():
if key not in config:
config[key] = value
return config
except FileNotFoundError:
print(f"Config file not found, creating default: \\\\{config_file\\\\}")
with open(config_file, 'w') as f:
json.dump(default_config, f, indent=2)
return default_config
def load_previous_results(self):
"""Load previous monitoring results"""
results_file = os.path.join(self.config["output_directory"], "previous_results.json")
try:
with open(results_file, 'r') as f:
self.previous_results = json.load(f)
except FileNotFoundError:
self.previous_results = \\\\{\\\\}
def save_results(self, results):
"""Save current results"""
os.makedirs(self.config["output_directory"], exist_ok=True)
results_file = os.path.join(self.config["output_directory"], "previous_results.json")
with open(results_file, 'w') as f:
json.dump(results, f, indent=2)
self.previous_results = results
def run_sherlock(self, username):
"""Run Sherlock for a specific username"""
output_file = os.path.join(self.config["output_directory"], f"\\\\{username\\\\}_latest.json")
try:
cmd = [
"sherlock", username,
"--json", output_file,
"--timeout", "15",
"--print-found"
]
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
if result.returncode == 0 and os.path.exists(output_file):
with open(output_file, 'r') as f:
return json.load(f)
else:
print(f"Sherlock failed for \\\\{username\\\\}: \\\\{result.stderr\\\\}")
return None
except Exception as e:
print(f"Error running Sherlock for \\\\{username\\\\}: \\\\{e\\\\}")
return None
def compare_results(self, username, current_results, previous_results):
"""Compare current and previous results"""
changes = \\\\{
"new_accounts": [],
"removed_accounts": [],
"username": username,
"timestamp": datetime.now().isoformat()
\\\\}
current_sites = set()
previous_sites = set()
# Extract claimed accounts
if username in current_results:
for site, info in current_results[username].items():
if info.get('status') == 'Claimed':
current_sites.add(site)
if username in previous_results:
for site, info in previous_results[username].items():
if info.get('status') == 'Claimed':
previous_sites.add(site)
# Find changes
changes["new_accounts"] = list(current_sites - previous_sites)
changes["removed_accounts"] = list(previous_sites - current_sites)
return changes
def send_notification(self, changes):
"""Send email notification about changes"""
if not self.config["email_notifications"]:
return
if not changes["new_accounts"] and not changes["removed_accounts"]:
return
try:
msg = MimeMultipart()
msg['From'] = self.config["email_config"]["username"]
msg['To'] = self.config["email_config"]["to_email"]
msg['Subject'] = f"Sherlock Monitor Alert - \\\\{changes['username']\\\\}"
body = f"""
Sherlock monitoring detected changes for username: \\{changes['username']\\} Timestamp: \\{changes['timestamp']\\}
New accounts found: \\{len(changes['new_accounts'])\\} \\{chr(10).join(changes['new_accounts'])\\}
Removed accounts: \\{len(changes['removed_accounts'])\\} \\{chr(10).join(changes['removed_accounts'])\\}
This is an automated message from Sherlock Monitor. """
msg.attach(MimeText(body, 'plain'))
server = smtplib.SMTP(
self.config["email_config"]["smtp_server"],
self.config["email_config"]["smtp_port"]
)
server.starttls()
server.login(
self.config["email_config"]["username"],
self.config["email_config"]["password"]
)
text = msg.as_string()
server.sendmail(
self.config["email_config"]["username"],
self.config["email_config"]["to_email"],
text
)
server.quit()
print(f"Notification sent for \\\\{changes['username']\\\\}")
except Exception as e:
print(f"Failed to send notification: \\\\{e\\\\}")
def monitor_usernames(self):
"""Monitor all configured usernames"""
print(f"Starting Sherlock monitoring at \\\\{datetime.now()\\\\}")
print(f"Monitoring \\\\{len(self.config['usernames'])\\\\} usernames")
current_results = \\\\{\\\\}
all_changes = []
for username in self.config["usernames"]:
print(f"Checking username: \\\\{username\\\\}")
# Run Sherlock
results = self.run_sherlock(username)
if results:
current_results.update(results)
# Compare with previous results
changes = self.compare_results(username, results, self.previous_results)
if changes["new_accounts"] or changes["removed_accounts"]:
print(f"Changes detected for \\\\{username\\\\}:")
print(f" New accounts: \\\\{changes['new_accounts']\\\\}")
print(f" Removed accounts: \\\\{changes['removed_accounts']\\\\}")
all_changes.append(changes)
self.send_notification(changes)
else:
print(f"No changes for \\\\{username\\\\}")
# Delay between checks
time.sleep(5)
# Save current results
self.save_results(current_results)
# Save change log
if all_changes:
change_log_file = os.path.join(
self.config["output_directory"],
f"changes_\\\\{datetime.now().strftime('%Y%m%d_%H%M%S')\\\\}.json"
)
with open(change_log_file, 'w') as f:
json.dump(all_changes, f, indent=2)
print(f"Change log saved: \\\\{change_log_file\\\\}")
print(f"Monitoring cycle completed at \\\\{datetime.now()\\\\}")
def run_continuous_monitoring(self):
"""Run continuous monitoring with configured interval"""
print("Starting continuous Sherlock monitoring")
print(f"Check interval: \\\\{self.config['check_interval']\\\\} seconds")
while True:
try:
self.monitor_usernames()
print(f"Sleeping for \\\\{self.config['check_interval']\\\\} seconds...")
time.sleep(self.config["check_interval"])
except KeyboardInterrupt:
print("\nMonitoring stopped by user")
break
except Exception as e:
print(f"Error in monitoring cycle: \\\\{e\\\\}")
time.sleep(60) # Wait 1 minute before retrying
def main(): import sys
if len(sys.argv) > 1 and sys.argv[1] == "--continuous":
monitor = SherlockMonitor()
monitor.run_continuous_monitoring()
else:
monitor = SherlockMonitor()
monitor.monitor_usernames()
if name == "main": main() ```_
Integration mit anderen OSINT Tools¶
Integration von Maltego¶
```python
!/usr/bin/env python3¶
sherlock-maltego-integration.py¶
import json import csv import xml.etree.ElementTree as ET from datetime import datetime
def sherlock_to_maltego(sherlock_json, output_file="maltego_import.csv"): """Convert Sherlock results to Maltego CSV format"""
try:
with open(sherlock_json, 'r') as f:
data = json.load(f)
maltego_data = []
for username, sites in data.items():
# Add username entity
maltego_data.append(\\\\{
'Entity Type': 'maltego.Username',
'Entity Value': username,
'Additional Fields': '',
'Notes': f'Investigated with Sherlock on \\\\{datetime.now().strftime("%Y-%m-%d")\\\\}'
\\\\})
for site, info in sites.items():
if info.get('status') == 'Claimed':
# Add website entity
maltego_data.append(\\\\{
'Entity Type': 'maltego.Website',
'Entity Value': info.get('url_user', ''),
'Additional Fields': f'Platform=\\\\{site\\\\}',
'Notes': f'Username: \\\\{username\\\\}, Response time: \\\\{info.get("response_time_s", 0)\\\\}s'
\\\\})
# Write to CSV
with open(output_file, 'w', newline='') as csvfile:
fieldnames = ['Entity Type', 'Entity Value', 'Additional Fields', 'Notes']
writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
writer.writeheader()
for row in maltego_data:
writer.writerow(row)
print(f"Maltego import file created: \\\\{output_file\\\\}")
return output_file
except Exception as e:
print(f"Error creating Maltego import: \\\\{e\\\\}")
return None
def create_maltego_transform_config(): """Create Maltego transform configuration""" config = """
with open('sherlock_transform.mtz', 'w') as f:
f.write(config)
print("Maltego transform configuration created: sherlock_transform.mtz")
```_
OSINT Framework Integration¶
```python
!/usr/bin/env python3¶
osint-framework-sherlock.py¶
import subprocess import json import requests from datetime import datetime import os
class OSINTFrameworkIntegration: def init(self): self.results = \\{\\} self.tools_used = []
def run_sherlock(self, username):
"""Run Sherlock investigation"""
print(f"Running Sherlock for: \\\\{username\\\\}")
output_file = f"sherlock_\\\\{username\\\\}.json"
try:
cmd = ["sherlock", username, "--json", output_file, "--timeout", "15"]
result = subprocess.run(cmd, capture_output=True, text=True)
if result.returncode == 0 and os.path.exists(output_file):
with open(output_file, 'r') as f:
sherlock_data = json.load(f)
self.results['sherlock'] = sherlock_data
self.tools_used.append('Sherlock')
return sherlock_data
else:
print(f"Sherlock failed: \\\\{result.stderr\\\\}")
return None
except Exception as e:
print(f"Error running Sherlock: \\\\{e\\\\}")
return None
def run_theharvester(self, domain):
"""Run theHarvester for email enumeration"""
print(f"Running theHarvester for: \\\\{domain\\\\}")
try:
cmd = ["theharvester", "-d", domain, "-l", "100", "-b", "google,bing"]
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
if result.returncode == 0:
# Parse theHarvester output
emails = []
hosts = []
for line in result.stdout.split('\n'):
if '@' in line and domain in line:
emails.append(line.strip())
elif domain in line and not '@' in line:
hosts.append(line.strip())
harvester_data = \\\\{
'emails': emails,
'hosts': hosts,
'domain': domain
\\\\}
self.results['theharvester'] = harvester_data
self.tools_used.append('theHarvester')
return harvester_data
except Exception as e:
print(f"Error running theHarvester: \\\\{e\\\\}")
return None
def check_haveibeenpwned(self, email):
"""Check Have I Been Pwned for email"""
print(f"Checking Have I Been Pwned for: \\\\{email\\\\}")
try:
url = f"https://haveibeenpwned.com/api/v3/breachedaccount/\\\\{email\\\\}"
headers = \\\\{
'User-Agent': 'OSINT-Investigation-Tool',
'hibp-api-key': 'YOUR_API_KEY_HERE' # Replace with actual API key
\\\\}
response = requests.get(url, headers=headers, timeout=10)
if response.status_code == 200:
breaches = response.json()
self.results['haveibeenpwned'] = \\\\{
'email': email,
'breaches': breaches,
'breach_count': len(breaches)
\\\\}
self.tools_used.append('Have I Been Pwned')
return breaches
elif response.status_code == 404:
print(f"No breaches found for \\\\{email\\\\}")
return []
else:
print(f"HIBP API error: \\\\{response.status_code\\\\}")
return None
except Exception as e:
print(f"Error checking Have I Been Pwned: \\\\{e\\\\}")
return None
def comprehensive_investigation(self, target):
"""Run comprehensive OSINT investigation"""
print(f"Starting comprehensive investigation for: \\\\{target\\\\}")
# Determine if target is username, email, or domain
if '@' in target:
# Email investigation
email = target
domain = target.split('@')[1]
username = target.split('@')[0]
# Run investigations
self.run_sherlock(username)
self.run_theharvester(domain)
self.check_haveibeenpwned(email)
elif '.' in target and len(target.split('.')) > 1:
# Domain investigation
domain = target
self.run_theharvester(domain)
# Could also run Sherlock on domain name as username
self.run_sherlock(domain.split('.')[0])
else:
# Username investigation
username = target
self.run_sherlock(username)
# Could also check common email patterns
common_domains = ['gmail.com', 'yahoo.com', 'hotmail.com', 'outlook.com']
for domain in common_domains:
email = f"\\\\{username\\\\}@\\\\{domain\\\\}"
self.check_haveibeenpwned(email)
return self.generate_comprehensive_report()
def generate_comprehensive_report(self):
"""Generate comprehensive investigation report"""
report = \\\\{
'investigation_timestamp': datetime.now().isoformat(),
'tools_used': self.tools_used,
'results_summary': \\\\{\\\\},
'detailed_results': self.results,
'recommendations': []
\\\\}
# Summarize results
if 'sherlock' in self.results:
sherlock_accounts = 0
for username, sites in self.results['sherlock'].items():
for site, info in sites.items():
if info.get('status') == 'Claimed':
sherlock_accounts += 1
report['results_summary']['sherlock'] = \\\\{
'accounts_found': sherlock_accounts,
'platforms_checked': len(sites) if 'sites' in locals() else 0
\\\\}
if 'theharvester' in self.results:
harvester_data = self.results['theharvester']
report['results_summary']['theharvester'] = \\\\{
'emails_found': len(harvester_data.get('emails', [])),
'hosts_found': len(harvester_data.get('hosts', []))
\\\\}
if 'haveibeenpwned' in self.results:
hibp_data = self.results['haveibeenpwned']
report['results_summary']['haveibeenpwned'] = \\\\{
'breaches_found': hibp_data.get('breach_count', 0)
\\\\}
# Generate recommendations
if report['results_summary'].get('sherlock', \\\\{\\\\}).get('accounts_found', 0) > 5:
report['recommendations'].append("High social media presence detected - verify account authenticity")
if report['results_summary'].get('haveibeenpwned', \\\\{\\\\}).get('breaches_found', 0) > 0:
report['recommendations'].append("Email found in data breaches - recommend password changes")
# Save report
report_file = f"osint_investigation_\\\\{datetime.now().strftime('%Y%m%d_%H%M%S')\\\\}.json"
with open(report_file, 'w') as f:
json.dump(report, f, indent=2)
print(f"Comprehensive report saved: \\\\{report_file\\\\}")
return report
def main(): import sys
if len(sys.argv) != 2:
print("Usage: python3 osint-framework-sherlock.py <target>")
print("Target can be: username, email, or domain")
sys.exit(1)
target = sys.argv[1]
investigation = OSINTFrameworkIntegration()
report = investigation.comprehensive_investigation(target)
print("\nInvestigation Summary:")
print("=" * 50)
for tool, summary in report['results_summary'].items():
print(f"\\\\{tool.upper()\\\\}:")
for key, value in summary.items():
print(f" \\\\{key\\\\}: \\\\{value\\\\}")
if report['recommendations']:
print("\nRecommendations:")
for rec in report['recommendations']:
print(f" - \\\\{rec\\\\}")
if name == "main": main() ```_
Best Practices und OPSEC¶
Operationelle Sicherheit¶
```bash
!/bin/bash¶
sherlock-opsec-setup.sh¶
echo "Sherlock OPSEC Configuration" echo "============================"
Network security¶
echo "1. Network Security:" echo " □ Use VPN or proxy" echo " □ Rotate IP addresses" echo " □ Monitor for rate limiting" echo " □ Use Tor for sensitive investigations"
Data security¶
echo -e "\n2. Data Security:" echo " □ Encrypt investigation results" echo " □ Use secure file permissions" echo " □ Regular cleanup of temporary files" echo " □ Secure storage of findings"
Legal compliance¶
echo -e "\n3. Legal Compliance:" echo " □ Verify investigation authorization" echo " □ Document methodology" echo " □ Respect platform terms of service" echo " □ Follow local privacy laws"
Technical measures¶
echo -e "\n4. Technical Measures:" echo " □ Use isolated investigation environment" echo " □ Monitor system resources" echo " □ Implement logging" echo " □ Regular tool updates" ```_
Beschränkung und Stealth¶
```python import time import random import subprocess
def stealth_sherlock_search(username, delay_range=(5, 15)): """Run Sherlock with stealth measures"""
# Random delay before starting
delay = random.uniform(delay_range[0], delay_range[1])
print(f"Waiting \\\\{delay:.1f\\\\} seconds before search...")
time.sleep(delay)
# Run Sherlock with timeout and limited sites
cmd = [
"sherlock", username,
"--timeout", "20",
"--json", f"\\\\{username\\\\}_stealth.json",
"--print-found"
]
try:
result = subprocess.run(cmd, capture_output=True, text=True, timeout=600)
if result.returncode == 0:
print(f"Stealth search completed for \\\\{username\\\\}")
return True
else:
print(f"Search failed: \\\\{result.stderr\\\\}")
return False
except subprocess.TimeoutExpired:
print("Search timed out")
return False
except Exception as e:
print(f"Error: \\\\{e\\\\}")
return False
def batch_stealth_investigation(usernames, delay_range=(10, 30)): """Run batch investigation with stealth measures""" results = \\{\\}
for i, username in enumerate(usernames):
print(f"Processing \\\\{i+1\\\\}/\\\\{len(usernames)\\\\}: \\\\{username\\\\}")
success = stealth_sherlock_search(username, delay_range)
results[username] = success
# Longer delay between users
if i < len(usernames) - 1:
delay = random.uniform(delay_range[0], delay_range[1])
print(f"Waiting \\\\{delay:.1f\\\\} seconds before next user...")
time.sleep(delay)
return results
```_
Fehlerbehebung¶
Gemeinsame Themen und Lösungen¶
```bash
Issue: No results returned¶
Solution: Check internet connection and site availability¶
sherlock username --verbose
Issue: Timeout errors¶
Solution: Increase timeout value¶
sherlock username --timeout 30
Issue: SSL/TLS errors¶
Solution: Disable SSL verification (use with caution)¶
sherlock username --no-ssl-verify
Issue: Proxy connection errors¶
Solution: Verify proxy configuration¶
sherlock username --proxy http://proxy:8080 --verbose
Issue: JSON output not generated¶
Solution: Check file permissions and disk space¶
sherlock username --json results.json --verbose ```_
Debug und Logging¶
```python import subprocess import logging
Enable debug logging¶
logging.basicConfig(level=logging.DEBUG)
def debug_sherlock_run(username): """Run Sherlock with debug information"""
cmd = ["sherlock", username, "--verbose", "--debug"]
try:
result = subprocess.run(
cmd,
capture_output=True,
text=True,
timeout=300
)
print("STDOUT:")
print(result.stdout)
print("\nSTDERR:")
print(result.stderr)
print(f"\nReturn code: \\\\{result.returncode\\\\}")
return result.returncode == 0
except Exception as e:
print(f"Debug run failed: \\\\{e\\\\}")
return False
```_
Leistungsoptimierung¶
```bash
Use specific sites for faster results¶
sherlock username --site GitHub --site Twitter --site Instagram
Reduce timeout for faster scanning¶
sherlock username --timeout 5
Use multiple processes for batch operations¶
parallel -j 4 sherlock \\{\\} --json \\{\\}.json ::: user1 user2 user3 user4
Monitor system resources¶
htop # Monitor CPU and memory usage during large investigations ```_
Ressourcen¶
- Sherlock GitHub Repository
- (LINK_5_)
- [OSINT Framework](LINK_5 -%20[Social%20Media%20OSINT%20Guide](LINK_5_ -%20Username%20Untersuchungstechniken
--
*Dieses Betrügereiblatt bietet umfassende Anleitung für die Verwendung von Sherlock für Benutzername-Untersuchungen und Social Media OSINT. Stellen Sie immer eine ordnungsgemäße Genehmigung und rechtliche Einhaltung vor der Durchführung von Untersuchungen sicher. *