gloodin Files

gloodin_v0.2: gloodin quite simply uses unique search techniques to maximize the number of potential usernames that can be harvested
from linkedin using google's cache and a given target organization name. As automated crawling is contrary to google's TOS, this tool is provided for research purposes only.
Using this could really tick off google and get you shunned. Please don't cry to me if this happens. 

####################################################

Copyright (C) 2011  Dennis Antunes

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>

Contact: Dennis Antunes
	 blog: http://securityjuggernaut.blogspot.com
	 twitter: @antunesdennis
	 email: stratmofo at gmail dot com

####################################################

gloodin_v0.2

####################################################

REQUIRES: python 2.x and the lxml package

####################################################

USAGE: ./gloodin_v0.2.py -t <target> [options]

Options:
  -h, --help            show this help message and exit
  -t "TARGET", --target="TARGET"
                        MANDATORY target organization enclosed in quotes
  -f FORMAT, --format=FORMAT
                        Select output format (default first <space> last): fl
                        (first last) fdl (first dot last (default)) fil (first
                        initial last) fidl (first initial dot last) lfi (last
                        first initial)
  -o OUTFILE, --output=OUTFILE
                        Select output file name (default is gloodin_<target>)
  -a APPEND, --append=APPEND
                        Select text to append to results, i.e. email address
  -p PREPEND, --prepend=PREPEND
                        Select text to prepend to results

####################################################

WHAT IT IS: gloodin is a python script that makes a large number of google queries along with the modifier "site:linkedin.com" to harvest thousands of potential employee names,
            going far beyond what a typical manual search would allow. 
            It achieves this by repeatedly searching for some very common first names, last names and titles, later stripping these out to grab all the rest.
            These names/terms are easily configurable by editing the included searchterms.txt, which is read in at run time.

####################################################

WHY: To demonstrate how easy it is to harvest potential user names via social media, to underscore how important strong passwords are and to stress the overall need for two-factor authentication, etc. 

####################################################

TIPS: Some ways to improve the default searchterms.txt might be: add in the 10,20,30... most common Russian, Spanish, Portuguese, <insert language of choice> names;
      research the target organization and add in some of their common position names, etc. Potential is limitless really.
	  Just keep in mind you will eventually hit a limit as far as the query string is concerned.
	  I've heard a 4K limit, but no one really knows for sure as google may impose their own as well. If you find out, please let me know...

Again, this tool is for research purposes only. You risk getting shunned by google for using it. Do this inside of a corporate environment and you may also get punched in the face.

####################################################

DISCLAIMER: The special sauce here is the approach to searching. I am not a coder by trade so admittedly, this code could be a whole lot better. 
            Any suggestions for improvement would be greatly welcomed.

####################################################

INSPIRATION: Heavily inspired by Reconnoiter: http://sourceforge.net/projects/reconnoiter/
Thank you Jason Wood!

####################################################

TO DO: LOTS!!!

Support unicode

Break sections into functions so they can be easily reused
   Fetcher
   Parser
   Uniquer
   Mangler
   Spammer (email address appender)
Add in request/result limiting features