Sherlock Social Media nombre de usuario Hunter hoja de trucos
Overview
Sherlock is a powerful Herramienta OSINT that hunts down social media accounts by nombre de usuario across 400+ social networks. It's designed to find nombre de usuarios across a large number of social networks very quickly, making it an essential tool for digital investigations, background checks, and cybersecurity research. Sherlock uses a combination of HTTP requests and response analysis to determine if a nombre de usuario exists on various platforms.
⚠️ Legal Notice: Only use Sherlock for legitimate OSINT investigations, authorized security testing, or personal research. Respect platform terms of servicio and applicable privacy laws.
instalación
Python pip instalación
# Install via pip
pip3 install sherlock-project
# Verify instalación
sherlock --help
# Alternative: Install from GitHub
pip3 install git+https://github.com/sherlock-project/sherlock.git
# Install with all dependencies
pip3 install sherlock-project[all]
Docker instalación
# Pull official Docker image
docker pull sherlockproject/sherlock
# Run with Docker
docker run --rm -t sherlockproject/sherlock nombre de usuario
# Run with output directory
docker run --rm -t -v $(pwd)/results:/opt/sherlock/results sherlockproject/sherlock nombre de usuario
# Build from source
git clone https://github.com/sherlock-project/sherlock.git
cd sherlock
docker build -t sherlock .
Manual instalación
# Clone repository
git clone https://github.com/sherlock-project/sherlock.git
cd sherlock
# Install dependencies
pip3 install -r requirements.txt
# Run directly
python3 sherlock nombre de usuario
# Make executable
chmod +x sherlock
./sherlock nombre de usuario
Virtual Environment Setup
# Create virtual environment
python3 -m venv sherlock-env
source sherlock-env/bin/activate
# Install Sherlock
pip install sherlock-project
# Verify instalación
sherlock --version
Basic uso
comando Line Interface
# Basic nombre de usuario search
sherlock nombre de usuario
# Search multiple nombre de usuarios
sherlock user1 user2 user3
# Search with output to file
sherlock nombre de usuario --output results.txt
# Search with CSV output
sherlock nombre de usuario --csv
# Search with JSON output
sherlock nombre de usuario --json results.json
# Verbose output
sherlock nombre de usuario --verbose
# Print only found results
sherlock nombre de usuario --print-found
Advanced Search opcións
# Search specific sites only
sherlock nombre de usuario --site GitHub --site Twitter
# Exclude specific sites
sherlock nombre de usuario --exclude Instagram --exclude Facebook
# Use proxy
sherlock nombre de usuario --proxy http://proxy:8080
# Set custom timeout
sherlock nombre de usuario --timeout 10
# Disable SSL verification
sherlock nombre de usuario --no-ssl-verify
# Use Tor proxy
sherlock nombre de usuario --tor
# Foldering output by nombre de usuario
sherlock nombre de usuario --folderoutput results/
Site-Specific Searches
Popular Social Media Platforms
# Search major social networks
sherlock nombre de usuario --site Twitter --site Instagram --site Facebook --site LinkedIn
# Search professional networks
sherlock nombre de usuario --site LinkedIn --site GitHub --site GitLab --site Behance
# Search gaming platforms
sherlock nombre de usuario --site Steam --site Twitch --site Discord --site Xbox
# Search dating platforms
sherlock nombre de usuario --site Tinder --site Bumble --site Match
# Search forums and communities
sherlock nombre de usuario --site Reddit --site HackerNews --site StackOverflow
Technology and Development Platforms
# Developer platforms
sherlock nombre de usuario --site GitHub --site GitLab --site Bitbucket --site SourceForge
# Tech communities
sherlock nombre de usuario --site StackOverflow --site HackerNews --site DeviantArt
# Code sharing platforms
sherlock nombre de usuario --site Pastebin --site Gist --site CodePen
# documentación platforms
sherlock nombre de usuario --site GitBook --site Notion --site Confluence
Content and Media Platforms
# Video platforms
sherlock nombre de usuario --site YouTube --site Vimeo --site TikTok --site Dailymotion
# Photo platforms
sherlock nombre de usuario --site Instagram --site Flickr --site 500px --site Imgur
# Blogging platforms
sherlock nombre de usuario --site Medium --site WordPress --site Blogger --site Tumblr
# Music platforms
sherlock nombre de usuario --site Spotify --site SoundCloud --site Bandcamp
Output Formats and Analysis
Text Output
# Basic text output
sherlock nombre de usuario > results.txt
# Verbose text output
sherlock nombre de usuario --verbose > detailed_results.txt
# Only found accounts
sherlock nombre de usuario --print-found > found_accounts.txt
# With timestamps
sherlock nombre de usuario --verbose|tee "results_$(date +%Y%m%d_%H%M%S).txt"
Structured Data Output
# CSV format
sherlock nombre de usuario --csv --output results.csv
# JSON format
sherlock nombre de usuario --json results.json
# Both CSV and JSON
sherlock nombre de usuario --csv --json results.json --output results.csv
# Folder output (organized by nombre de usuario)
sherlock user1 user2 --folderoutput investigation_results/
Custom Output procesoing
#!/usr/bin/env python3
# sherlock-output-procesoor.py
impuerto json
impuerto csv
impuerto sys
from datetime impuerto datetime
def proceso_sherlock_json(json_file):
"""proceso Sherlock JSON output"""
try:
with open(json_file, 'r') as f:
data = json.load(f)
results = []
for nombre de usuario, sites in data.items():
for site, info in sites.items():
if info.get('status') == 'Claimed':
results.append(\\\\{
'nombre de usuario': nombre de usuario,
'site': site,
'url': info.get('url_user', ''),
'response_time': info.get('response_time_s', 0),
'status': info.get('status', '')
\\\\})
return results
except Exception as e:
print(f"Error procesoing JSON: \\\\{e\\\\}")
return []
def generate_summary_repuerto(results):
"""Generate summary repuerto from results"""
if not results:
return "No results to proceso"
# Count by platform
platform_counts = \\\\{\\\\}
for result in results:
platform = result['site']
platform_counts[platform] = platform_counts.get(platform, 0) + 1
# Generate repuerto
repuerto = f"""
Sherlock Investigation Summary
Generated: \\\\{datetime.now().strftime('%Y-%m-%d %H:%M:%S')\\\\}
Total Accounts Found: \\\\{len(results)\\\\}
Unique Platforms: \\\\{len(platform_counts)\\\\}
Platform Distribution:
"""
for platform, count in sorted(platform_counts.items(), clave=lambda x: x[1], reverse=True):
repuerto += f" \\\\{platform\\\\}: \\\\{count\\\\}\n"
repuerto += "\nDetailed Results:\n"
for result in results:
repuerto += f" \\\\{result['site']\\\\}: \\\\{result['url']\\\\}\n"
return repuerto
def expuerto_to_csv(results, filename):
"""Expuerto results to CSV"""
if not results:
return
with open(filename, 'w', newline='') as csvfile:
fieldnames = ['nombre de usuario', 'site', 'url', 'response_time', 'status']
writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
writer.writeheader()
for result in results:
writer.writerow(result)
def main():
if len(sys.argv) != 2:
print("uso: python3 sherlock-output-procesoor.py <sherlock_json_file>")
sys.exit(1)
json_file = sys.argv[1]
results = proceso_sherlock_json(json_file)
if results:
# Generate summary
summary = generate_summary_repuerto(results)
print(summary)
# Save summary to file
with open('sherlock_summary.txt', 'w') as f:
f.write(summary)
# Expuerto to CSV
expuerto_to_csv(results, 'sherlock_results.csv')
print(f"\nSummary saved to: sherlock_summary.txt")
print(f"CSV expuerto saved to: sherlock_results.csv")
else:
print("No valid results found in JSON file")
if __name__ == "__main__":
main()
Automation and Batch procesoing
Batch nombre de usuario Investigation
#!/bin/bash
# sherlock-batch-investigation.sh
nombre de usuarioS_FILE="$1"
OUTPUT_DIR="$2"
if [ $# -ne 2 ]; then
echo "uso: $0 <nombre de usuarios_file> <output_directory>"
echo "ejemplo: $0 nombre de usuarios.txt investigation_results/"
exit 1
fi
if [ ! -f "$nombre de usuarioS_FILE" ]; then
echo "Error: nombre de usuarios file not found: $nombre de usuarioS_FILE"
exit 1
fi
# Create output directory
mkdir -p "$OUTPUT_DIR"
echo "Starting batch Sherlock investigation"
echo "nombre de usuarios file: $nombre de usuarioS_FILE"
echo "Output directory: $OUTPUT_DIR"
echo "=================================="
# proceso each nombre de usuario
while IFS= read -r nombre de usuario; do
# Skip empty lines and comments
| if [[ -z "$nombre de usuario" | | "$nombre de usuario" =~ ^#.* ]]; then |
continue
fi
echo "Investigating nombre de usuario: $nombre de usuario"
# Create individual output files
TEXT_OUTPUT="$OUTPUT_DIR/$\\\\{nombre de usuario\\\\}_results.txt"
JSON_OUTPUT="$OUTPUT_DIR/$\\\\{nombre de usuario\\\\}_results.json"
CSV_OUTPUT="$OUTPUT_DIR/$\\\\{nombre de usuario\\\\}_results.csv"
# Run Sherlock with multiple output formats
sherlock "$nombre de usuario" \
--output "$TEXT_OUTPUT" \
--json "$JSON_OUTPUT" \
--csv \
--timeout 15 \
--print-found \
--verbose
# Move CSV file to proper location
if [ -f "$\\\\{nombre de usuario\\\\}.csv" ]; then
mv "$\\\\{nombre de usuario\\\\}.csv" "$CSV_OUTPUT"
fi
echo "Results saved for $nombre de usuario"
echo " Text: $TEXT_OUTPUT"
echo " JSON: $JSON_OUTPUT"
echo " CSV: $CSV_OUTPUT"
echo ""
# Add delay to avoid rate limiting
sleep 2
done < "$nombre de usuarioS_FILE"
echo "Batch investigation completed"
echo "Results saved in: $OUTPUT_DIR"
# Generate combined summary
echo "Generating combined summary..."
python3 << 'PYTHON_SCRIPT'
impuerto os
impuerto json
impuerto sys
from collections impuerto defaultdict
output_dir = sys.argv[1] if len(sys.argv) > 1 else "investigation_results"
all_results = defaultdict(list)
total_accounts = 0
# proceso all JSON files
for filename in os.listdir(output_dir):
if filename.endswith('_results.json'):
nombre de usuario = filename.replace('_results.json', '')
filepath = os.path.join(output_dir, filename)
try:
with open(filepath, 'r') as f:
data = json.load(f)
for site, info in data.get(nombre de usuario, \\\\{\\\\}).items():
if info.get('status') == 'Claimed':
all_results[nombre de usuario].append(\\\\{
'site': site,
'url': info.get('url_user', ''),
'response_time': info.get('response_time_s', 0)
\\\\})
total_accounts += 1
except Exception as e:
print(f"Error procesoing \\\\{filename\\\\}: \\\\{e\\\\}")
# Generate summary repuerto
summary_file = os.path.join(output_dir, 'investigation_summary.txt')
with open(summary_file, 'w') as f:
f.write("Sherlock Batch Investigation Summary\n")
f.write("===================================\n\n")
f.write(f"Total nombre de usuarios investigated: \\\\{len(all_results)\\\\}\n")
f.write(f"Total accounts found: \\\\{total_accounts\\\\}\n\n")
for nombre de usuario, accounts in all_results.items():
f.write(f"nombre de usuario: \\\\{nombre de usuario\\\\}\n")
f.write(f"Accounts found: \\\\{len(accounts)\\\\}\n")
for account in accounts:
f.write(f" \\\\{account['site']\\\\}: \\\\{account['url']\\\\}\n")
f.write("\n")
print(f"Combined summary saved to: \\\\{summary_file\\\\}")
PYTHON_SCRIPT "$OUTPUT_DIR"
Automated Monitoring Script
#!/usr/bin/env python3
# sherlock-monitor.py
impuerto subproceso
impuerto json
impuerto time
impuerto smtplib
from email.mime.text impuerto MimeText
from email.mime.multipart impuerto MimeMultipart
from datetime impuerto datetime
impuerto os
class SherlockMonitor:
def __init__(self, config_file="monitor_config.json"):
self.config = self.load_config(config_file)
self.previous_results = \\\\{\\\\}
self.load_previous_results()
def load_config(self, config_file):
"""Load monitoring configuración"""
default_config = \\\\{
"nombre de usuarios": [],
"check_interval": 3600, # 1 hour
"email_notifications": False,
"email_config": \\\\{
"smtp_server": "smtp.gmail.com",
"smtp_puerto": 587,
"nombre de usuario": "",
"contraseña": "",
"to_email": ""
\\\\},
"output_directory": "monitoring_results"
\\\\}
try:
with open(config_file, 'r') as f:
config = json.load(f)
# Merge with defaults
for clave, value in default_config.items():
if clave not in config:
config[clave] = value
return config
except FileNotFoundError:
print(f"Config file not found, creating default: \\\\{config_file\\\\}")
with open(config_file, 'w') as f:
json.dump(default_config, f, indent=2)
return default_config
def load_previous_results(self):
"""Load previous monitoring results"""
results_file = os.path.join(self.config["output_directory"], "previous_results.json")
try:
with open(results_file, 'r') as f:
self.previous_results = json.load(f)
except FileNotFoundError:
self.previous_results = \\\\{\\\\}
def save_results(self, results):
"""Save current results"""
os.makedirs(self.config["output_directory"], exist_ok=True)
results_file = os.path.join(self.config["output_directory"], "previous_results.json")
with open(results_file, 'w') as f:
json.dump(results, f, indent=2)
self.previous_results = results
def run_sherlock(self, nombre de usuario):
"""Run Sherlock for a specific nombre de usuario"""
output_file = os.path.join(self.config["output_directory"], f"\\\\{nombre de usuario\\\\}_latest.json")
try:
cmd = [
"sherlock", nombre de usuario,
"--json", output_file,
"--timeout", "15",
"--print-found"
]
result = subproceso.run(cmd, capture_output=True, text=True, timeout=300)
if result.returncode == 0 and os.path.exists(output_file):
with open(output_file, 'r') as f:
return json.load(f)
else:
print(f"Sherlock failed for \\\\{nombre de usuario\\\\}: \\\\{result.stderr\\\\}")
return None
except Exception as e:
print(f"Error running Sherlock for \\\\{nombre de usuario\\\\}: \\\\{e\\\\}")
return None
def compare_results(self, nombre de usuario, current_results, previous_results):
"""Compare current and previous results"""
changes = \\\\{
"new_accounts": [],
"removed_accounts": [],
"nombre de usuario": nombre de usuario,
"timestamp": datetime.now().isoformat()
\\\\}
current_sites = set()
previous_sites = set()
# Extract claimed accounts
if nombre de usuario in current_results:
for site, info in current_results[nombre de usuario].items():
if info.get('status') == 'Claimed':
current_sites.add(site)
if nombre de usuario in previous_results:
for site, info in previous_results[nombre de usuario].items():
if info.get('status') == 'Claimed':
previous_sites.add(site)
# Find changes
changes["new_accounts"] = list(current_sites - previous_sites)
changes["removed_accounts"] = list(previous_sites - current_sites)
return changes
def send_notification(self, changes):
"""Send email notification about changes"""
if not self.config["email_notifications"]:
return
if not changes["new_accounts"] and not changes["removed_accounts"]:
return
try:
msg = MimeMultipart()
msg['From'] = self.config["email_config"]["nombre de usuario"]
msg['To'] = self.config["email_config"]["to_email"]
msg['Subject'] = f"Sherlock Monitor Alert - \\\\{changes['nombre de usuario']\\\\}"
body = f"""
Sherlock monitoring detected changes for nombre de usuario: \\\\{changes['nombre de usuario']\\\\}
Timestamp: \\\\{changes['timestamp']\\\\}
New accounts found: \\\\{len(changes['new_accounts'])\\\\}
\\\\{chr(10).join(changes['new_accounts'])\\\\}
Removed accounts: \\\\{len(changes['removed_accounts'])\\\\}
\\\\{chr(10).join(changes['removed_accounts'])\\\\}
This is an automated message from Sherlock Monitor.
"""
msg.attach(MimeText(body, 'plain'))
server = smtplib.SMTP(
self.config["email_config"]["smtp_server"],
self.config["email_config"]["smtp_puerto"]
)
server.starttls()
server.login(
self.config["email_config"]["nombre de usuario"],
self.config["email_config"]["contraseña"]
)
text = msg.as_string()
server.sendmail(
self.config["email_config"]["nombre de usuario"],
self.config["email_config"]["to_email"],
text
)
server.quit()
print(f"Notification sent for \\\\{changes['nombre de usuario']\\\\}")
except Exception as e:
print(f"Failed to send notification: \\\\{e\\\\}")
def monitor_nombre de usuarios(self):
"""Monitor all configured nombre de usuarios"""
print(f"Starting Sherlock monitoring at \\\\{datetime.now()\\\\}")
print(f"Monitoring \\\\{len(self.config['nombre de usuarios'])\\\\} nombre de usuarios")
current_results = \\\\{\\\\}
all_changes = []
for nombre de usuario in self.config["nombre de usuarios"]:
print(f"Checking nombre de usuario: \\\\{nombre de usuario\\\\}")
# Run Sherlock
results = self.run_sherlock(nombre de usuario)
if results:
current_results.update(results)
# Compare with previous results
changes = self.compare_results(nombre de usuario, results, self.previous_results)
if changes["new_accounts"] or changes["removed_accounts"]:
print(f"Changes detected for \\\\{nombre de usuario\\\\}:")
print(f" New accounts: \\\\{changes['new_accounts']\\\\}")
print(f" Removed accounts: \\\\{changes['removed_accounts']\\\\}")
all_changes.append(changes)
self.send_notification(changes)
else:
print(f"No changes for \\\\{nombre de usuario\\\\}")
# Delay between checks
time.sleep(5)
# Save current results
self.save_results(current_results)
# Save change log
if all_changes:
change_log_file = os.path.join(
self.config["output_directory"],
f"changes_\\\\{datetime.now().strftime('%Y%m%d_%H%M%S')\\\\}.json"
)
with open(change_log_file, 'w') as f:
json.dump(all_changes, f, indent=2)
print(f"Change log saved: \\\\{change_log_file\\\\}")
print(f"Monitoring cycle completed at \\\\{datetime.now()\\\\}")
def run_continuous_monitoring(self):
"""Run continuous monitoring with configured interval"""
print("Starting continuous Sherlock monitoring")
print(f"Check interval: \\\\{self.config['check_interval']\\\\} seconds")
while True:
try:
self.monitor_nombre de usuarios()
print(f"Sleeping for \\\\{self.config['check_interval']\\\\} seconds...")
time.sleep(self.config["check_interval"])
except claveboardInterrupt:
print("\nMonitoring stopped by user")
break
except Exception as e:
print(f"Error in monitoring cycle: \\\\{e\\\\}")
time.sleep(60) # Wait 1 minute before retrying
def main():
impuerto sys
if len(sys.argv) > 1 and sys.argv[1] == "--continuous":
monitor = SherlockMonitor()
monitor.run_continuous_monitoring()
else:
monitor = SherlockMonitor()
monitor.monitor_nombre de usuarios()
if __name__ == "__main__":
main()
Integration with Other Herramienta OSINTs
Maltego Integration
#!/usr/bin/env python3
# sherlock-maltego-integration.py
impuerto json
impuerto csv
impuerto xml.etree.ElementTree as ET
from datetime impuerto datetime
def sherlock_to_maltego(sherlock_json, output_file="maltego_impuerto.csv"):
"""Convert Sherlock results to Maltego CSV format"""
try:
with open(sherlock_json, 'r') as f:
data = json.load(f)
maltego_data = []
for nombre de usuario, sites in data.items():
# Add nombre de usuario entity
maltego_data.append(\\\\{
'Entity Type': 'maltego.nombre de usuario',
'Entity Value': nombre de usuario,
'Additional Fields': '',
'Notes': f'Investigated with Sherlock on \\\\{datetime.now().strftime("%Y-%m-%d")\\\\}'
\\\\})
for site, info in sites.items():
if info.get('status') == 'Claimed':
# Add website entity
maltego_data.append(\\\\{
'Entity Type': 'maltego.Website',
'Entity Value': info.get('url_user', ''),
'Additional Fields': f'Platform=\\\\{site\\\\}',
'Notes': f'nombre de usuario: \\\\{nombre de usuario\\\\}, Response time: \\\\{info.get("response_time_s", 0)\\\\}s'
\\\\})
# Write to CSV
with open(output_file, 'w', newline='') as csvfile:
fieldnames = ['Entity Type', 'Entity Value', 'Additional Fields', 'Notes']
writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
writer.writeheader()
for row in maltego_data:
writer.writerow(row)
print(f"Maltego impuerto file created: \\\\{output_file\\\\}")
return output_file
except Exception as e:
print(f"Error creating Maltego impuerto: \\\\{e\\\\}")
return None
def create_maltego_transform_config():
"""Create Maltego transform configuración"""
config = """
<?xml version="1.0" encoding="UTF-8"?>
<MaltegoTransform>
<Name>Sherlock nombre de usuario Search</Name>
<UIName>Sherlock nombre de usuario Search</UIName>
<Author>OSINT Investigator</Author>
<Descripción>Search for nombre de usuario across social media platforms using Sherlock</Descripción>
<Version>1.0</Version>
<InputEntity>maltego.nombre de usuario</InputEntity>
<OutputEntity>maltego.Website</OutputEntity>
<TransformSettings>
<Property name="cmdline" type="string">python3 sherlock_transform.py</Property>
<Property name="cmdparms" type="string">%value%</Property>
<Property name="working-directory" type="string">.</Property>
</TransformSettings>
</MaltegoTransform>
"""
with open('sherlock_transform.mtz', 'w') as f:
f.write(config)
print("Maltego transform configuración created: sherlock_transform.mtz")
OSINT Framework Integration
#!/usr/bin/env python3
# osint-framework-sherlock.py
impuerto subproceso
impuerto json
impuerto requests
from datetime impuerto datetime
impuerto os
class OSINTFrameworkIntegration:
def __init__(self):
self.results = \\\\{\\\\}
self.tools_used = []
def run_sherlock(self, nombre de usuario):
"""Run Sherlock investigation"""
print(f"Running Sherlock for: \\\\{nombre de usuario\\\\}")
output_file = f"sherlock_\\\\{nombre de usuario\\\\}.json"
try:
cmd = ["sherlock", nombre de usuario, "--json", output_file, "--timeout", "15"]
result = subproceso.run(cmd, capture_output=True, text=True)
if result.returncode == 0 and os.path.exists(output_file):
with open(output_file, 'r') as f:
sherlock_data = json.load(f)
self.results['sherlock'] = sherlock_data
self.tools_used.append('Sherlock')
return sherlock_data
else:
print(f"Sherlock failed: \\\\{result.stderr\\\\}")
return None
except Exception as e:
print(f"Error running Sherlock: \\\\{e\\\\}")
return None
def run_theharvester(self, domain):
"""Run theHarvester for email enumeración"""
print(f"Running theHarvester for: \\\\{domain\\\\}")
try:
cmd = ["theharvester", "-d", domain, "-l", "100", "-b", "google,bing"]
result = subproceso.run(cmd, capture_output=True, text=True, timeout=300)
if result.returncode == 0:
# Parse theHarvester output
emails = []
hosts = []
for line in result.stdout.split('\n'):
if '@' in line and domain in line:
emails.append(line.strip())
elif domain in line and not '@' in line:
hosts.append(line.strip())
harvester_data = \\\\{
'emails': emails,
'hosts': hosts,
'domain': domain
\\\\}
self.results['theharvester'] = harvester_data
self.tools_used.append('theHarvester')
return harvester_data
except Exception as e:
print(f"Error running theHarvester: \\\\{e\\\\}")
return None
def check_haveibeenpwned(self, email):
"""Check Have I Been Pwned for email"""
print(f"Checking Have I Been Pwned for: \\\\{email\\\\}")
try:
url = f"https://haveibeenpwned.com/api/v3/breachedaccount/\\\\{email\\\\}"
headers = \\\\{
'User-Agent': 'OSINT-Investigation-Tool',
'hibp-api-clave': 'YOUR_API_clave_HERE' # Replace with actual API clave
\\\\}
response = requests.get(url, headers=headers, timeout=10)
if response.status_code == 200:
breaches = response.json()
self.results['haveibeenpwned'] = \\\\{
'email': email,
'breaches': breaches,
'breach_count': len(breaches)
\\\\}
self.tools_used.append('Have I Been Pwned')
return breaches
elif response.status_code == 404:
print(f"No breaches found for \\\\{email\\\\}")
return []
else:
print(f"HIBP API error: \\\\{response.status_code\\\\}")
return None
except Exception as e:
print(f"Error checking Have I Been Pwned: \\\\{e\\\\}")
return None
def comprehensive_investigation(self, objetivo):
"""Run comprehensive OSINT investigation"""
print(f"Starting comprehensive investigation for: \\\\{objetivo\\\\}")
# Determine if objetivo is nombre de usuario, email, or domain
if '@' in objetivo:
# Email investigation
email = objetivo
domain = objetivo.split('@')[1]
nombre de usuario = objetivo.split('@')[0]
# Run investigations
self.run_sherlock(nombre de usuario)
self.run_theharvester(domain)
self.check_haveibeenpwned(email)
elif '.' in objetivo and len(objetivo.split('.')) > 1:
# Domain investigation
domain = objetivo
self.run_theharvester(domain)
# Could also run Sherlock on domain name as nombre de usuario
self.run_sherlock(domain.split('.')[0])
else:
# nombre de usuario investigation
nombre de usuario = objetivo
self.run_sherlock(nombre de usuario)
# Could also check common email patterns
common_domains = ['gmail.com', 'yahoo.com', 'hotmail.com', 'outlook.com']
for domain in common_domains:
email = f"\\\\{nombre de usuario\\\\}@\\\\{domain\\\\}"
self.check_haveibeenpwned(email)
return self.generate_comprehensive_repuerto()
def generate_comprehensive_repuerto(self):
"""Generate comprehensive investigation repuerto"""
repuerto = \\\\{
'investigation_timestamp': datetime.now().isoformat(),
'tools_used': self.tools_used,
'results_summary': \\\\{\\\\},
'detailed_results': self.results,
'recommendations': []
\\\\}
# Summarize results
if 'sherlock' in self.results:
sherlock_accounts = 0
for nombre de usuario, sites in self.results['sherlock'].items():
for site, info in sites.items():
if info.get('status') == 'Claimed':
sherlock_accounts += 1
repuerto['results_summary']['sherlock'] = \\\\{
'accounts_found': sherlock_accounts,
'platforms_checked': len(sites) if 'sites' in locals() else 0
\\\\}
if 'theharvester' in self.results:
harvester_data = self.results['theharvester']
repuerto['results_summary']['theharvester'] = \\\\{
'emails_found': len(harvester_data.get('emails', [])),
'hosts_found': len(harvester_data.get('hosts', []))
\\\\}
if 'haveibeenpwned' in self.results:
hibp_data = self.results['haveibeenpwned']
repuerto['results_summary']['haveibeenpwned'] = \\\\{
'breaches_found': hibp_data.get('breach_count', 0)
\\\\}
# Generate recommendations
if repuerto['results_summary'].get('sherlock', \\\\{\\\\}).get('accounts_found', 0) > 5:
repuerto['recommendations'].append("High social media presence detected - verify account authenticity")
if repuerto['results_summary'].get('haveibeenpwned', \\\\{\\\\}).get('breaches_found', 0) > 0:
repuerto['recommendations'].append("Email found in data breaches - recommend contraseña changes")
# Save repuerto
repuerto_file = f"osint_investigation_\\\\{datetime.now().strftime('%Y%m%d_%H%M%S')\\\\}.json"
with open(repuerto_file, 'w') as f:
json.dump(repuerto, f, indent=2)
print(f"Comprehensive repuerto saved: \\\\{repuerto_file\\\\}")
return repuerto
def main():
impuerto sys
if len(sys.argv) != 2:
print("uso: python3 osint-framework-sherlock.py <objetivo>")
print("objetivo can be: nombre de usuario, email, or domain")
sys.exit(1)
objetivo = sys.argv[1]
investigation = OSINTFrameworkIntegration()
repuerto = investigation.comprehensive_investigation(objetivo)
print("\nInvestigation Summary:")
print("=" * 50)
for tool, summary in repuerto['results_summary'].items():
print(f"\\\\{tool.upper()\\\\}:")
for clave, value in summary.items():
print(f" \\\\{clave\\\\}: \\\\{value\\\\}")
if repuerto['recommendations']:
print("\nRecommendations:")
for rec in repuerto['recommendations']:
print(f" - \\\\{rec\\\\}")
if __name__ == "__main__":
main()
Best Practices and OPSEC
Operational Security
#!/bin/bash
# sherlock-opsec-setup.sh
echo "Sherlock OPSEC configuración"
echo "============================"
# Network security
echo "1. Network Security:"
echo " □ Use VPN or proxy"
echo " □ Rotate IP addresses"
echo " □ Monitor for rate limiting"
echo " □ Use Tor for sensitive investigations"
# Data security
echo -e "\n2. Data Security:"
echo " □ Encrypt investigation results"
echo " □ Use secure file permissions"
echo " □ Regular cleanup of temporary files"
echo " □ Secure storage of findings"
# Legal compliance
echo -e "\n3. Legal Compliance:"
echo " □ Verify investigation autorización"
echo " □ Document methodology"
echo " □ Respect platform terms of servicio"
echo " □ Follow local privacy laws"
# Technical measures
echo -e "\n4. Technical Measures:"
echo " □ Use isolated investigation environment"
echo " □ Monitor system resources"
echo " □ Implement logging"
echo " □ Regular tool updates"
Rate Limiting and Stealth
impuerto time
impuerto random
impuerto subproceso
def stealth_sherlock_search(nombre de usuario, delay_range=(5, 15)):
"""Run Sherlock with stealth measures"""
# Random delay before starting
delay = random.uniform(delay_range[0], delay_range[1])
print(f"Waiting \\\\{delay:.1f\\\\} seconds before search...")
time.sleep(delay)
# Run Sherlock with timeout and limited sites
cmd = [
"sherlock", nombre de usuario,
"--timeout", "20",
"--json", f"\\\\{nombre de usuario\\\\}_stealth.json",
"--print-found"
]
try:
result = subproceso.run(cmd, capture_output=True, text=True, timeout=600)
if result.returncode == 0:
print(f"Stealth search completed for \\\\{nombre de usuario\\\\}")
return True
else:
print(f"Search failed: \\\\{result.stderr\\\\}")
return False
except subproceso.TimeoutExpired:
print("Search timed out")
return False
except Exception as e:
print(f"Error: \\\\{e\\\\}")
return False
def batch_stealth_investigation(nombre de usuarios, delay_range=(10, 30)):
"""Run batch investigation with stealth measures"""
results = \\\\{\\\\}
for i, nombre de usuario in enumerate(nombre de usuarios):
print(f"procesoing \\\\{i+1\\\\}/\\\\{len(nombre de usuarios)\\\\}: \\\\{nombre de usuario\\\\}")
success = stealth_sherlock_search(nombre de usuario, delay_range)
results[nombre de usuario] = success
# Longer delay between users
if i < len(nombre de usuarios) - 1:
delay = random.uniform(delay_range[0], delay_range[1])
print(f"Waiting \\\\{delay:.1f\\\\} seconds before next user...")
time.sleep(delay)
return results
solución de problemas
Common Issues and Solutions
# Issue: No results returned
# Solution: Check internet conexión and site availability
sherlock nombre de usuario --verbose
# Issue: Timeout errors
# Solution: Increase timeout value
sherlock nombre de usuario --timeout 30
# Issue: SSL/TLS errors
# Solution: Disable SSL verification (use with caution)
sherlock nombre de usuario --no-ssl-verify
# Issue: Proxy conexión errors
# Solution: Verify proxy configuración
sherlock nombre de usuario --proxy http://proxy:8080 --verbose
# Issue: JSON output not generated
# Solution: Check file permissions and disk space
sherlock nombre de usuario --json results.json --verbose
Debug and Logging
impuerto subproceso
impuerto logging
# Enable debug logging
logging.basicConfig(level=logging.DEBUG)
def debug_sherlock_run(nombre de usuario):
"""Run Sherlock with debug information"""
cmd = ["sherlock", nombre de usuario, "--verbose", "--debug"]
try:
result = subproceso.run(
cmd,
capture_output=True,
text=True,
timeout=300
)
print("STDOUT:")
print(result.stdout)
print("\nSTDERR:")
print(result.stderr)
print(f"\nReturn code: \\\\{result.returncode\\\\}")
return result.returncode == 0
except Exception as e:
print(f"Debug run failed: \\\\{e\\\\}")
return False
Performance Optimization
# Use specific sites for faster results
sherlock nombre de usuario --site GitHub --site Twitter --site Instagram
# Reduce timeout for faster scanning
sherlock nombre de usuario --timeout 5
# Use multiple procesoes for batch operations
parallel -j 4 sherlock \\\\{\\\\} --json \\\\{\\\\}.json ::: user1 user2 user3 user4
# Monitor system resources
htop # Monitor CPU and memory uso during large investigations
Resources
- Sherlock GitHub Repository
- Sherlock documentación
- OSINT Framework
- Social Media OSINT Guide
- nombre de usuario Investigation Techniques
This hoja de trucos provides comprehensive guidance for using Sherlock for nombre de usuario investigations and social media OSINT. Always ensure proper autorización and legal compliance before conducting any investigations.