Informasi merupakan sesuatu hal yang sangat sensitif dalam dunia ceyber secuity. Semakin banyak informasi yang di dapatkan si attacker, maka semakin mudah di pergunakan untuk hal-hal yang tidak semestinya.
Ada banyak tool yang bisa di gunakan untuk mengumpulkan informasi data pribadi yang akan di jadikan sebagai target, salah satunya yatu tool sherlock.
ktui langkah-lagkah di bawah ini untuk dapat menggunakan tool ini.
$ git clone https://github,com/sherlock-project/sherlock.git
$ cd sherlock/
$ python3 -m pip install -r requirements.txt
$ python3 sherlock.py --helpOutput yang di hasilkan.
sherlock -h
usage: sherlock [-h] [--version] [--verbose] [--folderoutput FOLDEROUTPUT]
[--output OUTPUT] [--tor] [--unique-tor] [--csv]
[--site SITE_NAME] [--proxy PROXY_URL] [--json JSON_FILE]
[--timeout TIMEOUT] [--print-all] [--print-found] [--no-color]
[--browse] [--local]
USERNAMES [USERNAMES ...]
Sherlock: Find Usernames Across Social Networks (Version 0.14.0)
positional arguments:
USERNAMES One or more usernames to check with social networks.
optional arguments:
-h, --help show this help message and exit
--version Display version information and dependencies.
--verbose, -v, -d, --debug
Display extra debugging information and metrics.
--folderoutput FOLDEROUTPUT, -fo FOLDEROUTPUT
If using multiple usernames, the output of the results
will be saved to this folder.
--output OUTPUT, -o OUTPUT
If using single username, the output of the result
will be saved to this file.
--tor, -t Make requests over Tor; increases runtime; requires
Tor to be installed and in system path.
--unique-tor, -u Make requests over Tor with new Tor circuit after each
request; increases runtime; requires Tor to be
installed and in system path.
--csv Create Comma-Separated Values (CSV) File.
--site SITE_NAME Limit analysis to just the listed sites. Add multiple
options to specify more than one site.
--proxy PROXY_URL, -p PROXY_URL
Make requests over a proxy. e.g.
socks5://127.0.0.1:1080
--json JSON_FILE, -j JSON_FILE
Load data from a JSON file or an online, valid, JSON
file.
--timeout TIMEOUT Time (in seconds) to wait for response to requests.
Default timeout is infinity. A longer timeout will be
more likely to get results from slow sites. On the
other hand, this may cause a long delay to gather all
results.
--print-all Output sites where the username was not found.
--print-found Output sites where the username was found.
--no-color Don't color terminal output
--browse, -b Browse to all results on default browser.
--local, -l Force the use of the local data.json file.
Nah di sini kita akan mencari situs yang mengandung hidayatcode. Perintah yang akan kita gunakan seperti berikut.
sherlock --print-found hidayatcodeLalu kita akan mendapatkan output dari situs website hidayatcode.com, contohnya terlihat seperti di bawahi ni.
[*] Checking username hidayatcode on:
[+] About.me: https://about.me/hidayatcode
[+] AllMyLinks: https://allmylinks.com/hidayatcode
[+] AskFM: https://ask.fm/hidayatcode
[+] Coil: https://coil.com/u/hidayatcode
[+] Facebook: https://www.facebook.com/hidayatcode
[+] Fiverr: https://www.fiverr.com/hidayatcode
[+] GitHub: https://www.github.com/hidayatcode
[+] GitHub Support Community: https://github.community/u/hidayatcode/summary
[+] Gravatar: http://en.gravatar.com/hidayatcode
[+] GuruShots: https://gurushots.com/hidayatcode/photos
Jika di klik dari salah satu maka akan mengarah pada situs yang berinisisal hidayatcode. Selain dapat mencari dengan menggunakan satu nama, kamu juga dapat mencoba mencari dengan dua nama.
$ python3 sherlock.py --parameter/arguments NAMA1 NAMA2