Sherlock: An OSINT Tool
Summary
Sherlock is a well-known tool for OSINT (Open-Source Intelligence). You can use this tool to find users across different social media platforms based on their username. This article gives you a brief overview of how to use Sherlock and how it works.
Installation
On Kali Linux, enter these commands in the shell to install:
sudo apt install sherlock
to check installation:
sherlock --version
Usage
Search for a user with sherlock:
sherlock <<username>>
This command will list all pages with the respective URLs to the user’s profile.
Note: I observed that there were some pages where sherlock says that the user exists but the then the link ends up on a user not found page.
To search for multiple usernames at once, use this command:
sherlock <<username>> <<username2>>
Suported Websites
You can check here the supported social media sides: https://sherlockproject.xyz/sites
Functionallity
Sherlocks functionallity is actually pretty simple and straightforward.
You have entries like this, which are specifying the different social media platforms.
Sherlock then iterates through this entries and checks the provided path to the user with the given username. If the pages returns with a statuscode of 200 OK Sherlock will assume that the user exists, whereas 404 Not Found indicates that the user doesn´t exist. Sherlock also offers other mechanisms to check if a user exists.