Skip to main content

sherlock

Sherlock is a powerful discovery tool integrated into Canva workflows that allows users to uncover social media accounts associated with usernames across various platforms. Its primary purpose is to enrich security assessments by gathering publicly available information, aiding in the identification of potential targets during reconnaissance phases.

Ideal Use Cases & Fit

Sherlock excels in scenarios requiring the identification of social media presence based on specific usernames. It's particularly effective for:

  • Reconnaissance during penetration testing to gather information on potential targets.
  • OSINT (Open Source Intelligence) analysis where understanding an individual's or organization's social media footprint is critical.
  • Situations where anonymity is essential, leveraging proxy support for requests.

However, it may not be suitable for real-time monitoring or scenarios requiring extensive data on less common platforms.

Value in Workflows

Incorporating Sherlock into security workflows adds significant value by automating the collection of social media information upfront. This tool is typically positioned during the early reconnaissance stages, enabling security teams to obtain relevant data that can inform subsequent analysis or attack simulations. The insights gathered can also assist in enhancing individual or organizational security posture.

Input Data

Sherlock requires a newline-separated list of usernames as its input. This data should be structured in a specific format to ensure successful processing.

Example:

johndoe
janesmith
user123

Configuration

  • timeout: Controls the time (in seconds) that Sherlock waits for a response to requests; useful for adjusting performance based on network conditions.
  • proxy: Defines the proxy settings to route requests through a specific proxy, enhancing anonymity during requests.
  • nsfw: Enables or disables the inclusion of sites that may contain not safe for work (NSFW) content.
  • site: Allows users to limit the analysis to specific platforms, targeting the search effectively according to needs.
  • no-color: Disables colored output, which may be preferred in certain processing environments to ensure compatibility. Updated: 2026-02-10