Skip to main content

sherlock

Sherlock is a powerful OSINT tool designed for discovering social media accounts associated with given usernames across various platforms. Within automated security workflows, it aids in efficiently mapping online identities to enhance reconnaissance and threat intelligence processes.

Ideal Use Cases & Fit

This tool excels in situations where security researchers need to identify a user's presence across social media networks rapidly. Typical inputs are newline-separated username lists, allowing users to conduct bulk searches efficiently. Sherlock is particularly effective for gathering intelligence on potential threats or verifying user identities. However, it may not be suitable for scenarios requiring comprehensive data analysis beyond social media account discovery.

Value in Workflows

In security workflows, Sherlock adds significant value during the reconnaissance phase by providing insights into user identities and their associated accounts. Its integration enables security teams to streamline initial investigations and enhance the context around users involved in various incidents. The results can directly inform incident response strategies and further analyses.

Input Data

The tool expects input data in the form of a file containing newline-separated usernames. This input is essential for identifying social media accounts linked to these usernames. An example input format is as follows:

johndoe
janesmith
user123

Configuration

  • timeout: Sets the duration in seconds to wait for responses to requests, allowing for adjustment based on network conditions.

  • proxy: Specifies the proxy through which requests are made, essential for environments requiring proxy configurations.

  • nsfw: A Boolean flag to include searches that may return NSFW (Not Safe For Work) content, useful in certain contexts where such data is pertinent.

  • site: A list parameter that limits the analysis to specific sites, giving users control over the scope of the search.

  • no-color: A flag that controls whether output is color-coded, providing flexibility for environments that may not support colored outputs.