A guide for noobs to start their footprinting journey with sherlock



Footprinting is usually used by hackers and cybersecurity experts to find information about a target(the target being a person, a machine, or a sizeable infrastructural system) and then find information about vulnerabilities to hack into them. 

Sherlock is a tool that will take care of the information gathering part by hunting or parsing across the web to find if a certain username exists on a specific platform(for eg. on Instagram, Pinterest, Twitter, etc.) and gives it out in a neat format along with the account link. 


Now we will get into the technical part of installing and using the tool. You will find most of the steps of the installation process on their Github page. 

First, make sure you have python 3 or higher installed. To check just type "python3 -help" and if you get an error saying you don't have python3 properly installed, this documentation will help with your python3 installation. 

Once you have python3 installed the next step is to make sure you have git installed(again just type git in the terminal and see if any error pops up). 

If you successfully managed to install both of these, you are ready to clone into the sherlock GitHub repository and then bring it to your local machine. To do that type "git clone https://github.com/sherlock-project/sherlock.git"

Once done then you have to change into the sherlock directory with "cd sherlock". After that type in the command "python3 -m pip install -r requirements.txt" and wait till the required files are downloaded. After this, you are ready to run sherlock!

Using sherlock 

To run just type "python3 sherlock {username}" and then the program will neatly display the sites in which the target username has been found along with the link to the account of the user on that site.

There are a lot more optional arguments that you can add to sherlock to customize its functionality to suit your needs, For example, you can add all these results to a CSV file with the argument "--csv", and you can send the requests through tor browser with the -tor command(make sure tor is installed in the system to do this specific argument). To find more arguments and their uses use  "python3 sherlock --help".


The first thing you could do is to search which sites the user has an account on in order to then brute force or guess the password to gain access to the account, or just understand more about the user through his social media habit or patterns which can be further used for social engineering purposes.

So first let us search for all the websites in which the user has been registered and then have it stored in a CSV file. To do this run the following command in the terminal "python3 sherlock {user} --csv". Now after the tool has done its parsing you will find a CSV file with the direct links of all the accounts of the user on various sites.

Now if you want to see all the sites(along with the ones in which the particular user was not found), you could add the "--print-all" attribute. 

If you want to control the amount of time the program waits for the response of the request, you could give the attribute "--timeout {time}".

You can also send the requests to sites through the tor network in order to make the request untraceable. For this use the attribute "--tor".

Specific sites can also be searched to see if the target has an account in them using the attribute "--site {site names}".


Now there are a few things that you should consider while using sherlock:-
Not all sites are supported by sherlock (contribute on their GitHub page to add more sites).
The target may not be using the same username on different sites and the chances of the same username of different people may also be present. Hence false negatives are likely.

But Sherlock is an amazing tool for beginners with a lot less complexity yet proves to be very useful in the cybersecurity space.