Looking for the latest version? Download gloodin_v0.2.tar.gz (17.5 kB)
Home / gloodin_v0.2
Name Modified Size Downloads / Week Status
Parent folder
Totals: 2 Items   22.1 kB 2
gloodin_v0.2.tar.gz 2011-06-11 17.5 kB 11 weekly downloads
README 2011-05-06 4.6 kB 11 weekly downloads
gloodin_v0.2: gloodin quite simply uses unique search techniques to maximize the number of potential usernames that can be harvested from linkedin using google's cache and a given target organization name. As automated crawling is contrary to google's TOS, this tool is provided for research purposes only. Using this could really tick off google and get you shunned. Please don't cry to me if this happens. #################################################### Copyright (C) 2011 Dennis Antunes This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/> Contact: Dennis Antunes blog: http://securityjuggernaut.blogspot.com twitter: @antunesdennis email: stratmofo at gmail dot com #################################################### gloodin_v0.2 #################################################### REQUIRES: python 2.x and the lxml package #################################################### USAGE: ./gloodin_v0.2.py -t <target> [options] Options: -h, --help show this help message and exit -t "TARGET", --target="TARGET" MANDATORY target organization enclosed in quotes -f FORMAT, --format=FORMAT Select output format (default first <space> last): fl (first last) fdl (first dot last (default)) fil (first initial last) fidl (first initial dot last) lfi (last first initial) -o OUTFILE, --output=OUTFILE Select output file name (default is gloodin_<target>) -a APPEND, --append=APPEND Select text to append to results, i.e. email address -p PREPEND, --prepend=PREPEND Select text to prepend to results #################################################### WHAT IT IS: gloodin is a python script that makes a large number of google queries along with the modifier "site:linkedin.com" to harvest thousands of potential employee names, going far beyond what a typical manual search would allow. It achieves this by repeatedly searching for some very common first names, last names and titles, later stripping these out to grab all the rest. These names/terms are easily configurable by editing the included searchterms.txt, which is read in at run time. #################################################### WHY: To demonstrate how easy it is to harvest potential user names via social media, to underscore how important strong passwords are and to stress the overall need for two-factor authentication, etc. #################################################### TIPS: Some ways to improve the default searchterms.txt might be: add in the 10,20,30... most common Russian, Spanish, Portuguese, <insert language of choice> names; research the target organization and add in some of their common position names, etc. Potential is limitless really. Just keep in mind you will eventually hit a limit as far as the query string is concerned. I've heard a 4K limit, but no one really knows for sure as google may impose their own as well. If you find out, please let me know... Again, this tool is for research purposes only. You risk getting shunned by google for using it. Do this inside of a corporate environment and you may also get punched in the face. #################################################### DISCLAIMER: The special sauce here is the approach to searching. I am not a coder by trade so admittedly, this code could be a whole lot better. Any suggestions for improvement would be greatly welcomed. #################################################### INSPIRATION: Heavily inspired by Reconnoiter: http://sourceforge.net/projects/reconnoiter/ Thank you Jason Wood! #################################################### TO DO: LOTS!!! Support unicode Break sections into functions so they can be easily reused Fetcher Parser Uniquer Mangler Spammer (email address appender) Add in request/result limiting features
Source: README, updated 2011-05-06