Sherlock Social Media nom d'utilisateur Hunter aide-mémoire
Overview
Sherlock is a powerful Outil OSINT that hunts down social media accounts by nom d'utilisateur across 400+ social networks. It's designed to find nom d'utilisateurs across a large number of social networks very quickly, making it an essential tool for digital investigations, background checks, and cybersecurity research. Sherlock uses a combination of HTTP requests and response analysis to determine if a nom d'utilisateur exists on various platforms.
⚠️ Legal Notice: Only use Sherlock for legitimate OSINT investigations, authorized security testing, or personal research. Respect platform terms of service and applicable privacy laws.
Installation
Python pip Installation
# Install via pip
pip3 install sherlock-project
# Verify Installation
sherlock --help
# Alternative: Install from GitHub
pip3 install git+https://github.com/sherlock-project/sherlock.git
# Install with all dependencies
pip3 install sherlock-project[all]
Docker Installation
# Pull official Docker image
docker pull sherlockproject/sherlock
# Run with Docker
docker run --rm -t sherlockproject/sherlock nom d'utilisateur
# Run with output directory
docker run --rm -t -v $(pwd)/results:/opt/sherlock/results sherlockproject/sherlock nom d'utilisateur
# Build from source
git clone https://github.com/sherlock-project/sherlock.git
cd sherlock
docker build -t sherlock .
Manual Installation
# Clone repository
git clone https://github.com/sherlock-project/sherlock.git
cd sherlock
# Install dependencies
pip3 install -r requirements.txt
# Run directly
python3 sherlock nom d'utilisateur
# Make executable
chmod +x sherlock
./sherlock nom d'utilisateur
Virtual Environment Setup
# Create virtual environment
python3 -m venv sherlock-env
source sherlock-env/bin/activate
# Install Sherlock
pip install sherlock-project
# Verify Installation
sherlock --version
Basic utilisation
commande Line Interface
# Basic nom d'utilisateur search
sherlock nom d'utilisateur
# Search multiple nom d'utilisateurs
sherlock user1 user2 user3
# Search with output to file
sherlock nom d'utilisateur --output results.txt
# Search with CSV output
sherlock nom d'utilisateur --csv
# Search with JSON output
sherlock nom d'utilisateur --json results.json
# Verbose output
sherlock nom d'utilisateur --verbose
# Print only found results
sherlock nom d'utilisateur --print-found
Advanced Search options
# Search specific sites only
sherlock nom d'utilisateur --site GitHub --site Twitter
# Exclude specific sites
sherlock nom d'utilisateur --exclude Instagram --exclude Facebook
# Use proxy
sherlock nom d'utilisateur --proxy http://proxy:8080
# Set custom timeout
sherlock nom d'utilisateur --timeout 10
# Disable SSL verification
sherlock nom d'utilisateur --no-ssl-verify
# Use Tor proxy
sherlock nom d'utilisateur --tor
# Foldering output by nom d'utilisateur
sherlock nom d'utilisateur --folderoutput results/
Site-Specific Searches
Popular Social Media Platforms
# Search major social networks
sherlock nom d'utilisateur --site Twitter --site Instagram --site Facebook --site LinkedIn
# Search professional networks
sherlock nom d'utilisateur --site LinkedIn --site GitHub --site GitLab --site Behance
# Search gaming platforms
sherlock nom d'utilisateur --site Steam --site Twitch --site Discord --site Xbox
# Search dating platforms
sherlock nom d'utilisateur --site Tinder --site Bumble --site Match
# Search forums and communities
sherlock nom d'utilisateur --site Reddit --site HackerNews --site StackOverflow
Technology and Development Platforms
# Developer platforms
sherlock nom d'utilisateur --site GitHub --site GitLab --site Bitbucket --site SourceForge
# Tech communities
sherlock nom d'utilisateur --site StackOverflow --site HackerNews --site DeviantArt
# Code sharing platforms
sherlock nom d'utilisateur --site Pastebin --site Gist --site CodePen
# documentation platforms
sherlock nom d'utilisateur --site GitBook --site Notion --site Confluence
Content and Media Platforms
# Video platforms
sherlock nom d'utilisateur --site YouTube --site Vimeo --site TikTok --site Dailymotion
# Photo platforms
sherlock nom d'utilisateur --site Instagram --site Flickr --site 500px --site Imgur
# Blogging platforms
sherlock nom d'utilisateur --site Medium --site WordPress --site Blogger --site Tumblr
# Music platforms
sherlock nom d'utilisateur --site Spotify --site SoundCloud --site Bandcamp
Output Formats and Analysis
Text Output
# Basic text output
sherlock nom d'utilisateur > results.txt
# Verbose text output
sherlock nom d'utilisateur --verbose > detailed_results.txt
# Only found accounts
sherlock nom d'utilisateur --print-found > found_accounts.txt
# With timestamps
sherlock nom d'utilisateur --verbose|tee "results_$(date +%Y%m%d_%H%M%S).txt"
Structured Data Output
# CSV format
sherlock nom d'utilisateur --csv --output results.csv
# JSON format
sherlock nom d'utilisateur --json results.json
# Both CSV and JSON
sherlock nom d'utilisateur --csv --json results.json --output results.csv
# Folder output (organized by nom d'utilisateur)
sherlock user1 user2 --folderoutput investigation_results/
Custom Output processusing
#!/usr/bin/env python3
# sherlock-output-processusor.py
import json
import csv
import sys
from datetime import datetime
def processus_sherlock_json(json_file):
"""processus Sherlock JSON output"""
try:
with open(json_file, 'r') as f:
data = json.load(f)
results = []
for nom d'utilisateur, sites in data.items():
for site, info in sites.items():
if info.get('status') == 'Claimed':
results.append(\\\\{
'nom d'utilisateur': nom d'utilisateur,
'site': site,
'url': info.get('url_user', ''),
'response_time': info.get('response_time_s', 0),
'status': info.get('status', '')
\\\\})
return results
except Exception as e:
print(f"Error processusing JSON: \\\\{e\\\\}")
return []
def generate_summary_report(results):
"""Generate summary report from results"""
if not results:
return "No results to processus"
# Count by platform
platform_counts = \\\\{\\\\}
for result in results:
platform = result['site']
platform_counts[platform] = platform_counts.get(platform, 0) + 1
# Generate report
report = f"""
Sherlock Investigation Summary
Generated: \\\\{datetime.now().strftime('%Y-%m-%d %H:%M:%S')\\\\}
Total Accounts Found: \\\\{len(results)\\\\}
Unique Platforms: \\\\{len(platform_counts)\\\\}
Platform Distribution:
"""
for platform, count in sorted(platform_counts.items(), clé=lambda x: x[1], reverse=True):
report += f" \\\\{platform\\\\}: \\\\{count\\\\}\n"
report += "\nDetailed Results:\n"
for result in results:
report += f" \\\\{result['site']\\\\}: \\\\{result['url']\\\\}\n"
return report
def export_to_csv(results, filename):
"""Export results to CSV"""
if not results:
return
with open(filename, 'w', newline='') as csvfile:
fieldnames = ['nom d'utilisateur', 'site', 'url', 'response_time', 'status']
writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
writer.writeheader()
for result in results:
writer.writerow(result)
def main():
if len(sys.argv) != 2:
print("utilisation: python3 sherlock-output-processusor.py <sherlock_json_file>")
sys.exit(1)
json_file = sys.argv[1]
results = processus_sherlock_json(json_file)
if results:
# Generate summary
summary = generate_summary_report(results)
print(summary)
# Save summary to file
with open('sherlock_summary.txt', 'w') as f:
f.write(summary)
# Export to CSV
export_to_csv(results, 'sherlock_results.csv')
print(f"\nSummary saved to: sherlock_summary.txt")
print(f"CSV export saved to: sherlock_results.csv")
else:
print("No valid results found in JSON file")
if __name__ == "__main__":
main()
Automation and Batch processusing
Batch nom d'utilisateur Investigation
#!/bin/bash
# sherlock-batch-investigation.sh
nom d'utilisateurS_FILE="$1"
OUTPUT_DIR="$2"
if [ $# -ne 2 ]; then
echo "utilisation: $0 <nom d'utilisateurs_file> <output_directory>"
echo "exemple: $0 nom d'utilisateurs.txt investigation_results/"
exit 1
fi
if [ ! -f "$nom d'utilisateurS_FILE" ]; then
echo "Error: nom d'utilisateurs file not found: $nom d'utilisateurS_FILE"
exit 1
fi
# Create output directory
mkdir -p "$OUTPUT_DIR"
echo "Starting batch Sherlock investigation"
echo "nom d'utilisateurs file: $nom d'utilisateurS_FILE"
echo "Output directory: $OUTPUT_DIR"
echo "=================================="
# processus each nom d'utilisateur
while IFS= read -r nom d'utilisateur; do
# Skip empty lines and comments
| if [[ -z "$nom d'utilisateur" | | "$nom d'utilisateur" =~ ^#.* ]]; then |
continue
fi
echo "Investigating nom d'utilisateur: $nom d'utilisateur"
# Create individual output files
TEXT_OUTPUT="$OUTPUT_DIR/$\\\\{nom d'utilisateur\\\\}_results.txt"
JSON_OUTPUT="$OUTPUT_DIR/$\\\\{nom d'utilisateur\\\\}_results.json"
CSV_OUTPUT="$OUTPUT_DIR/$\\\\{nom d'utilisateur\\\\}_results.csv"
# Run Sherlock with multiple output formats
sherlock "$nom d'utilisateur" \
--output "$TEXT_OUTPUT" \
--json "$JSON_OUTPUT" \
--csv \
--timeout 15 \
--print-found \
--verbose
# Move CSV file to proper location
if [ -f "$\\\\{nom d'utilisateur\\\\}.csv" ]; then
mv "$\\\\{nom d'utilisateur\\\\}.csv" "$CSV_OUTPUT"
fi
echo "Results saved for $nom d'utilisateur"
echo " Text: $TEXT_OUTPUT"
echo " JSON: $JSON_OUTPUT"
echo " CSV: $CSV_OUTPUT"
echo ""
# Add delay to avoid rate limiting
sleep 2
done < "$nom d'utilisateurS_FILE"
echo "Batch investigation completed"
echo "Results saved in: $OUTPUT_DIR"
# Generate combined summary
echo "Generating combined summary..."
python3 << 'PYTHON_SCRIPT'
import os
import json
import sys
from collections import defaultdict
output_dir = sys.argv[1] if len(sys.argv) > 1 else "investigation_results"
all_results = defaultdict(list)
total_accounts = 0
# processus all JSON files
for filename in os.listdir(output_dir):
if filename.endswith('_results.json'):
nom d'utilisateur = filename.replace('_results.json', '')
filepath = os.path.join(output_dir, filename)
try:
with open(filepath, 'r') as f:
data = json.load(f)
for site, info in data.get(nom d'utilisateur, \\\\{\\\\}).items():
if info.get('status') == 'Claimed':
all_results[nom d'utilisateur].append(\\\\{
'site': site,
'url': info.get('url_user', ''),
'response_time': info.get('response_time_s', 0)
\\\\})
total_accounts += 1
except Exception as e:
print(f"Error processusing \\\\{filename\\\\}: \\\\{e\\\\}")
# Generate summary report
summary_file = os.path.join(output_dir, 'investigation_summary.txt')
with open(summary_file, 'w') as f:
f.write("Sherlock Batch Investigation Summary\n")
f.write("===================================\n\n")
f.write(f"Total nom d'utilisateurs investigated: \\\\{len(all_results)\\\\}\n")
f.write(f"Total accounts found: \\\\{total_accounts\\\\}\n\n")
for nom d'utilisateur, accounts in all_results.items():
f.write(f"nom d'utilisateur: \\\\{nom d'utilisateur\\\\}\n")
f.write(f"Accounts found: \\\\{len(accounts)\\\\}\n")
for account in accounts:
f.write(f" \\\\{account['site']\\\\}: \\\\{account['url']\\\\}\n")
f.write("\n")
print(f"Combined summary saved to: \\\\{summary_file\\\\}")
PYTHON_SCRIPT "$OUTPUT_DIR"
Automated Monitoring Script
#!/usr/bin/env python3
# sherlock-monitor.py
import subprocessus
import json
import time
import smtplib
from email.mime.text import MimeText
from email.mime.multipart import MimeMultipart
from datetime import datetime
import os
class SherlockMonitor:
def __init__(self, config_file="monitor_config.json"):
self.config = self.load_config(config_file)
self.previous_results = \\\\{\\\\}
self.load_previous_results()
def load_config(self, config_file):
"""Load monitoring configuration"""
default_config = \\\\{
"nom d'utilisateurs": [],
"check_interval": 3600, # 1 hour
"email_notifications": False,
"email_config": \\\\{
"smtp_server": "smtp.gmail.com",
"smtp_port": 587,
"nom d'utilisateur": "",
"mot de passe": "",
"to_email": ""
\\\\},
"output_directory": "monitoring_results"
\\\\}
try:
with open(config_file, 'r') as f:
config = json.load(f)
# Merge with defaults
for clé, value in default_config.items():
if clé not in config:
config[clé] = value
return config
except FileNotFoundError:
print(f"Config file not found, creating default: \\\\{config_file\\\\}")
with open(config_file, 'w') as f:
json.dump(default_config, f, indent=2)
return default_config
def load_previous_results(self):
"""Load previous monitoring results"""
results_file = os.path.join(self.config["output_directory"], "previous_results.json")
try:
with open(results_file, 'r') as f:
self.previous_results = json.load(f)
except FileNotFoundError:
self.previous_results = \\\\{\\\\}
def save_results(self, results):
"""Save current results"""
os.makedirs(self.config["output_directory"], exist_ok=True)
results_file = os.path.join(self.config["output_directory"], "previous_results.json")
with open(results_file, 'w') as f:
json.dump(results, f, indent=2)
self.previous_results = results
def run_sherlock(self, nom d'utilisateur):
"""Run Sherlock for a specific nom d'utilisateur"""
output_file = os.path.join(self.config["output_directory"], f"\\\\{nom d'utilisateur\\\\}_latest.json")
try:
cmd = [
"sherlock", nom d'utilisateur,
"--json", output_file,
"--timeout", "15",
"--print-found"
]
result = subprocessus.run(cmd, capture_output=True, text=True, timeout=300)
if result.returncode == 0 and os.path.exists(output_file):
with open(output_file, 'r') as f:
return json.load(f)
else:
print(f"Sherlock failed for \\\\{nom d'utilisateur\\\\}: \\\\{result.stderr\\\\}")
return None
except Exception as e:
print(f"Error running Sherlock for \\\\{nom d'utilisateur\\\\}: \\\\{e\\\\}")
return None
def compare_results(self, nom d'utilisateur, current_results, previous_results):
"""Compare current and previous results"""
changes = \\\\{
"new_accounts": [],
"removed_accounts": [],
"nom d'utilisateur": nom d'utilisateur,
"timestamp": datetime.now().isoformat()
\\\\}
current_sites = set()
previous_sites = set()
# Extract claimed accounts
if nom d'utilisateur in current_results:
for site, info in current_results[nom d'utilisateur].items():
if info.get('status') == 'Claimed':
current_sites.add(site)
if nom d'utilisateur in previous_results:
for site, info in previous_results[nom d'utilisateur].items():
if info.get('status') == 'Claimed':
previous_sites.add(site)
# Find changes
changes["new_accounts"] = list(current_sites - previous_sites)
changes["removed_accounts"] = list(previous_sites - current_sites)
return changes
def send_notification(self, changes):
"""Send email notification about changes"""
if not self.config["email_notifications"]:
return
if not changes["new_accounts"] and not changes["removed_accounts"]:
return
try:
msg = MimeMultipart()
msg['From'] = self.config["email_config"]["nom d'utilisateur"]
msg['To'] = self.config["email_config"]["to_email"]
msg['Subject'] = f"Sherlock Monitor Alert - \\\\{changes['nom d'utilisateur']\\\\}"
body = f"""
Sherlock monitoring detected changes for nom d'utilisateur: \\\\{changes['nom d'utilisateur']\\\\}
Timestamp: \\\\{changes['timestamp']\\\\}
New accounts found: \\\\{len(changes['new_accounts'])\\\\}
\\\\{chr(10).join(changes['new_accounts'])\\\\}
Removed accounts: \\\\{len(changes['removed_accounts'])\\\\}
\\\\{chr(10).join(changes['removed_accounts'])\\\\}
This is an automated message from Sherlock Monitor.
"""
msg.attach(MimeText(body, 'plain'))
server = smtplib.SMTP(
self.config["email_config"]["smtp_server"],
self.config["email_config"]["smtp_port"]
)
server.starttls()
server.login(
self.config["email_config"]["nom d'utilisateur"],
self.config["email_config"]["mot de passe"]
)
text = msg.as_string()
server.sendmail(
self.config["email_config"]["nom d'utilisateur"],
self.config["email_config"]["to_email"],
text
)
server.quit()
print(f"Notification sent for \\\\{changes['nom d'utilisateur']\\\\}")
except Exception as e:
print(f"Failed to send notification: \\\\{e\\\\}")
def monitor_nom d'utilisateurs(self):
"""Monitor all configured nom d'utilisateurs"""
print(f"Starting Sherlock monitoring at \\\\{datetime.now()\\\\}")
print(f"Monitoring \\\\{len(self.config['nom d'utilisateurs'])\\\\} nom d'utilisateurs")
current_results = \\\\{\\\\}
all_changes = []
for nom d'utilisateur in self.config["nom d'utilisateurs"]:
print(f"Checking nom d'utilisateur: \\\\{nom d'utilisateur\\\\}")
# Run Sherlock
results = self.run_sherlock(nom d'utilisateur)
if results:
current_results.update(results)
# Compare with previous results
changes = self.compare_results(nom d'utilisateur, results, self.previous_results)
if changes["new_accounts"] or changes["removed_accounts"]:
print(f"Changes detected for \\\\{nom d'utilisateur\\\\}:")
print(f" New accounts: \\\\{changes['new_accounts']\\\\}")
print(f" Removed accounts: \\\\{changes['removed_accounts']\\\\}")
all_changes.append(changes)
self.send_notification(changes)
else:
print(f"No changes for \\\\{nom d'utilisateur\\\\}")
# Delay between checks
time.sleep(5)
# Save current results
self.save_results(current_results)
# Save change log
if all_changes:
change_log_file = os.path.join(
self.config["output_directory"],
f"changes_\\\\{datetime.now().strftime('%Y%m%d_%H%M%S')\\\\}.json"
)
with open(change_log_file, 'w') as f:
json.dump(all_changes, f, indent=2)
print(f"Change log saved: \\\\{change_log_file\\\\}")
print(f"Monitoring cycle completed at \\\\{datetime.now()\\\\}")
def run_continuous_monitoring(self):
"""Run continuous monitoring with configured interval"""
print("Starting continuous Sherlock monitoring")
print(f"Check interval: \\\\{self.config['check_interval']\\\\} seconds")
while True:
try:
self.monitor_nom d'utilisateurs()
print(f"Sleeping for \\\\{self.config['check_interval']\\\\} seconds...")
time.sleep(self.config["check_interval"])
except cléboardInterrupt:
print("\nMonitoring stopped by user")
break
except Exception as e:
print(f"Error in monitoring cycle: \\\\{e\\\\}")
time.sleep(60) # Wait 1 minute before retrying
def main():
import sys
if len(sys.argv) > 1 and sys.argv[1] == "--continuous":
monitor = SherlockMonitor()
monitor.run_continuous_monitoring()
else:
monitor = SherlockMonitor()
monitor.monitor_nom d'utilisateurs()
if __name__ == "__main__":
main()
Integration with Other Outil OSINTs
Maltego Integration
#!/usr/bin/env python3
# sherlock-maltego-integration.py
import json
import csv
import xml.etree.ElementTree as ET
from datetime import datetime
def sherlock_to_maltego(sherlock_json, output_file="maltego_import.csv"):
"""Convert Sherlock results to Maltego CSV format"""
try:
with open(sherlock_json, 'r') as f:
data = json.load(f)
maltego_data = []
for nom d'utilisateur, sites in data.items():
# Add nom d'utilisateur entity
maltego_data.append(\\\\{
'Entity Type': 'maltego.nom d'utilisateur',
'Entity Value': nom d'utilisateur,
'Additional Fields': '',
'Notes': f'Investigated with Sherlock on \\\\{datetime.now().strftime("%Y-%m-%d")\\\\}'
\\\\})
for site, info in sites.items():
if info.get('status') == 'Claimed':
# Add website entity
maltego_data.append(\\\\{
'Entity Type': 'maltego.Website',
'Entity Value': info.get('url_user', ''),
'Additional Fields': f'Platform=\\\\{site\\\\}',
'Notes': f'nom d'utilisateur: \\\\{nom d'utilisateur\\\\}, Response time: \\\\{info.get("response_time_s", 0)\\\\}s'
\\\\})
# Write to CSV
with open(output_file, 'w', newline='') as csvfile:
fieldnames = ['Entity Type', 'Entity Value', 'Additional Fields', 'Notes']
writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
writer.writeheader()
for row in maltego_data:
writer.writerow(row)
print(f"Maltego import file created: \\\\{output_file\\\\}")
return output_file
except Exception as e:
print(f"Error creating Maltego import: \\\\{e\\\\}")
return None
def create_maltego_transform_config():
"""Create Maltego transform configuration"""
config = """
<?xml version="1.0" encoding="UTF-8"?>
<MaltegoTransform>
<Name>Sherlock nom d'utilisateur Search</Name>
<UIName>Sherlock nom d'utilisateur Search</UIName>
<Author>OSINT Investigator</Author>
<Description>Search for nom d'utilisateur across social media platforms using Sherlock</Description>
<Version>1.0</Version>
<InputEntity>maltego.nom d'utilisateur</InputEntity>
<OutputEntity>maltego.Website</OutputEntity>
<TransformSettings>
<Property name="cmdline" type="string">python3 sherlock_transform.py</Property>
<Property name="cmdparms" type="string">%value%</Property>
<Property name="working-directory" type="string">.</Property>
</TransformSettings>
</MaltegoTransform>
"""
with open('sherlock_transform.mtz', 'w') as f:
f.write(config)
print("Maltego transform configuration created: sherlock_transform.mtz")
OSINT Framework Integration
#!/usr/bin/env python3
# osint-framework-sherlock.py
import subprocessus
import json
import requests
from datetime import datetime
import os
class OSINTFrameworkIntegration:
def __init__(self):
self.results = \\\\{\\\\}
self.tools_used = []
def run_sherlock(self, nom d'utilisateur):
"""Run Sherlock investigation"""
print(f"Running Sherlock for: \\\\{nom d'utilisateur\\\\}")
output_file = f"sherlock_\\\\{nom d'utilisateur\\\\}.json"
try:
cmd = ["sherlock", nom d'utilisateur, "--json", output_file, "--timeout", "15"]
result = subprocessus.run(cmd, capture_output=True, text=True)
if result.returncode == 0 and os.path.exists(output_file):
with open(output_file, 'r') as f:
sherlock_data = json.load(f)
self.results['sherlock'] = sherlock_data
self.tools_used.append('Sherlock')
return sherlock_data
else:
print(f"Sherlock failed: \\\\{result.stderr\\\\}")
return None
except Exception as e:
print(f"Error running Sherlock: \\\\{e\\\\}")
return None
def run_theharvester(self, domain):
"""Run theHarvester for email énumération"""
print(f"Running theHarvester for: \\\\{domain\\\\}")
try:
cmd = ["theharvester", "-d", domain, "-l", "100", "-b", "google,bing"]
result = subprocessus.run(cmd, capture_output=True, text=True, timeout=300)
if result.returncode == 0:
# Parse theHarvester output
emails = []
hôtes = []
for line in result.stdout.split('\n'):
if '@' in line and domain in line:
emails.append(line.strip())
elif domain in line and not '@' in line:
hôtes.append(line.strip())
harvester_data = \\\\{
'emails': emails,
'hôtes': hôtes,
'domain': domain
\\\\}
self.results['theharvester'] = harvester_data
self.tools_used.append('theHarvester')
return harvester_data
except Exception as e:
print(f"Error running theHarvester: \\\\{e\\\\}")
return None
def check_haveibeenpwned(self, email):
"""Check Have I Been Pwned for email"""
print(f"Checking Have I Been Pwned for: \\\\{email\\\\}")
try:
url = f"https://haveibeenpwned.com/api/v3/breachedaccount/\\\\{email\\\\}"
headers = \\\\{
'User-Agent': 'OSINT-Investigation-Tool',
'hibp-api-clé': 'YOUR_API_clé_HERE' # Replace with actual API clé
\\\\}
response = requests.get(url, headers=headers, timeout=10)
if response.status_code == 200:
breaches = response.json()
self.results['haveibeenpwned'] = \\\\{
'email': email,
'breaches': breaches,
'breach_count': len(breaches)
\\\\}
self.tools_used.append('Have I Been Pwned')
return breaches
elif response.status_code == 404:
print(f"No breaches found for \\\\{email\\\\}")
return []
else:
print(f"HIBP API error: \\\\{response.status_code\\\\}")
return None
except Exception as e:
print(f"Error checking Have I Been Pwned: \\\\{e\\\\}")
return None
def comprehensive_investigation(self, cible):
"""Run comprehensive OSINT investigation"""
print(f"Starting comprehensive investigation for: \\\\{cible\\\\}")
# Determine if cible is nom d'utilisateur, email, or domain
if '@' in cible:
# Email investigation
email = cible
domain = cible.split('@')[1]
nom d'utilisateur = cible.split('@')[0]
# Run investigations
self.run_sherlock(nom d'utilisateur)
self.run_theharvester(domain)
self.check_haveibeenpwned(email)
elif '.' in cible and len(cible.split('.')) > 1:
# Domain investigation
domain = cible
self.run_theharvester(domain)
# Could also run Sherlock on domain name as nom d'utilisateur
self.run_sherlock(domain.split('.')[0])
else:
# nom d'utilisateur investigation
nom d'utilisateur = cible
self.run_sherlock(nom d'utilisateur)
# Could also check common email patterns
common_domains = ['gmail.com', 'yahoo.com', 'hotmail.com', 'outlook.com']
for domain in common_domains:
email = f"\\\\{nom d'utilisateur\\\\}@\\\\{domain\\\\}"
self.check_haveibeenpwned(email)
return self.generate_comprehensive_report()
def generate_comprehensive_report(self):
"""Generate comprehensive investigation report"""
report = \\\\{
'investigation_timestamp': datetime.now().isoformat(),
'tools_used': self.tools_used,
'results_summary': \\\\{\\\\},
'detailed_results': self.results,
'recommendations': []
\\\\}
# Summarize results
if 'sherlock' in self.results:
sherlock_accounts = 0
for nom d'utilisateur, sites in self.results['sherlock'].items():
for site, info in sites.items():
if info.get('status') == 'Claimed':
sherlock_accounts += 1
report['results_summary']['sherlock'] = \\\\{
'accounts_found': sherlock_accounts,
'platforms_checked': len(sites) if 'sites' in locals() else 0
\\\\}
if 'theharvester' in self.results:
harvester_data = self.results['theharvester']
report['results_summary']['theharvester'] = \\\\{
'emails_found': len(harvester_data.get('emails', [])),
'hôtes_found': len(harvester_data.get('hôtes', []))
\\\\}
if 'haveibeenpwned' in self.results:
hibp_data = self.results['haveibeenpwned']
report['results_summary']['haveibeenpwned'] = \\\\{
'breaches_found': hibp_data.get('breach_count', 0)
\\\\}
# Generate recommendations
if report['results_summary'].get('sherlock', \\\\{\\\\}).get('accounts_found', 0) > 5:
report['recommendations'].append("High social media presence detected - verify account authenticity")
if report['results_summary'].get('haveibeenpwned', \\\\{\\\\}).get('breaches_found', 0) > 0:
report['recommendations'].append("Email found in data breaches - recommend mot de passe changes")
# Save report
report_file = f"osint_investigation_\\\\{datetime.now().strftime('%Y%m%d_%H%M%S')\\\\}.json"
with open(report_file, 'w') as f:
json.dump(report, f, indent=2)
print(f"Comprehensive report saved: \\\\{report_file\\\\}")
return report
def main():
import sys
if len(sys.argv) != 2:
print("utilisation: python3 osint-framework-sherlock.py <cible>")
print("cible can be: nom d'utilisateur, email, or domain")
sys.exit(1)
cible = sys.argv[1]
investigation = OSINTFrameworkIntegration()
report = investigation.comprehensive_investigation(cible)
print("\nInvestigation Summary:")
print("=" * 50)
for tool, summary in report['results_summary'].items():
print(f"\\\\{tool.upper()\\\\}:")
for clé, value in summary.items():
print(f" \\\\{clé\\\\}: \\\\{value\\\\}")
if report['recommendations']:
print("\nRecommendations:")
for rec in report['recommendations']:
print(f" - \\\\{rec\\\\}")
if __name__ == "__main__":
main()
Best Practices and OPSEC
Operational Security
#!/bin/bash
# sherlock-opsec-setup.sh
echo "Sherlock OPSEC configuration"
echo "============================"
# Network security
echo "1. Network Security:"
echo " □ Use VPN or proxy"
echo " □ Rotate IP addresses"
echo " □ Monitor for rate limiting"
echo " □ Use Tor for sensitive investigations"
# Data security
echo -e "\n2. Data Security:"
echo " □ Encrypt investigation results"
echo " □ Use secure file permissions"
echo " □ Regular cleanup of temporary files"
echo " □ Secure storage of findings"
# Legal compliance
echo -e "\n3. Legal Compliance:"
echo " □ Verify investigation autorisation"
echo " □ Document methodology"
echo " □ Respect platform terms of service"
echo " □ Follow local privacy laws"
# Technical measures
echo -e "\n4. Technical Measures:"
echo " □ Use isolated investigation environment"
echo " □ Monitor system resources"
echo " □ Implement logging"
echo " □ Regular tool updates"
Rate Limiting and Stealth
import time
import random
import subprocessus
def stealth_sherlock_search(nom d'utilisateur, delay_range=(5, 15)):
"""Run Sherlock with stealth measures"""
# Random delay before starting
delay = random.uniform(delay_range[0], delay_range[1])
print(f"Waiting \\\\{delay:.1f\\\\} seconds before search...")
time.sleep(delay)
# Run Sherlock with timeout and limited sites
cmd = [
"sherlock", nom d'utilisateur,
"--timeout", "20",
"--json", f"\\\\{nom d'utilisateur\\\\}_stealth.json",
"--print-found"
]
try:
result = subprocessus.run(cmd, capture_output=True, text=True, timeout=600)
if result.returncode == 0:
print(f"Stealth search completed for \\\\{nom d'utilisateur\\\\}")
return True
else:
print(f"Search failed: \\\\{result.stderr\\\\}")
return False
except subprocessus.TimeoutExpired:
print("Search timed out")
return False
except Exception as e:
print(f"Error: \\\\{e\\\\}")
return False
def batch_stealth_investigation(nom d'utilisateurs, delay_range=(10, 30)):
"""Run batch investigation with stealth measures"""
results = \\\\{\\\\}
for i, nom d'utilisateur in enumerate(nom d'utilisateurs):
print(f"processusing \\\\{i+1\\\\}/\\\\{len(nom d'utilisateurs)\\\\}: \\\\{nom d'utilisateur\\\\}")
success = stealth_sherlock_search(nom d'utilisateur, delay_range)
results[nom d'utilisateur] = success
# Longer delay between users
if i < len(nom d'utilisateurs) - 1:
delay = random.uniform(delay_range[0], delay_range[1])
print(f"Waiting \\\\{delay:.1f\\\\} seconds before next user...")
time.sleep(delay)
return results
dépannage
Common Issues and Solutions
# Issue: No results returned
# Solution: Check internet connexion and site availability
sherlock nom d'utilisateur --verbose
# Issue: Timeout errors
# Solution: Increase timeout value
sherlock nom d'utilisateur --timeout 30
# Issue: SSL/TLS errors
# Solution: Disable SSL verification (use with caution)
sherlock nom d'utilisateur --no-ssl-verify
# Issue: Proxy connexion errors
# Solution: Verify proxy configuration
sherlock nom d'utilisateur --proxy http://proxy:8080 --verbose
# Issue: JSON output not generated
# Solution: Check file permissions and disk space
sherlock nom d'utilisateur --json results.json --verbose
Debug and Logging
import subprocessus
import logging
# Enable debug logging
logging.basicConfig(level=logging.DEBUG)
def debug_sherlock_run(nom d'utilisateur):
"""Run Sherlock with debug information"""
cmd = ["sherlock", nom d'utilisateur, "--verbose", "--debug"]
try:
result = subprocessus.run(
cmd,
capture_output=True,
text=True,
timeout=300
)
print("STDOUT:")
print(result.stdout)
print("\nSTDERR:")
print(result.stderr)
print(f"\nReturn code: \\\\{result.returncode\\\\}")
return result.returncode == 0
except Exception as e:
print(f"Debug run failed: \\\\{e\\\\}")
return False
Performance Optimization
# Use specific sites for faster results
sherlock nom d'utilisateur --site GitHub --site Twitter --site Instagram
# Reduce timeout for faster scanning
sherlock nom d'utilisateur --timeout 5
# Use multiple processuses for batch operations
parallel -j 4 sherlock \\\\{\\\\} --json \\\\{\\\\}.json ::: user1 user2 user3 user4
# Monitor system resources
htop # Monitor CPU and memory utilisation during large investigations
Resources
- Sherlock GitHub Repository
- Sherlock documentation
- OSINT Framework
- Social Media OSINT Guide
- nom d'utilisateur Investigation Techniques
This aide-mémoire provides comprehensive guidance for using Sherlock for nom d'utilisateur investigations and social media OSINT. Always ensure proper autorisation and legal compliance before conducting any investigations.