Blackbird - An OSINT tool to search for accounts by username in social networks

The Lockheed SR-71 "Blackbird" is a long-range, high-altitude, Mach 3+ strategic reconnaissance aircraft developed and manufactured by the American aerospace company Lockheed Corporation.

https://github.com/p1ngul1n0/blackbird

Disclaimer

This or previous program is for educational purposes ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that me (P1ngul1n0) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not P1ngul1n0's responsibility.

Setup

Clone the repository

git clone https://github.com/p1ngul1n0/blackbird
cd blackbird

Install requirements

pip install -r requirements.txt

Usage

Search by username

python blackbird.py -u username

Run WebServer

python blackbird.py --web

Access http://127.0.0.1:5000 on the browser

Read results file

python blackbird.py -f username.json

List supportted sites

python blackbird.py --list-sites

Export Report

The results can be exported as a PDF Report.

Metadata Extraction

When possible Blackbird will extract the user's metadata, bringing data such as name, bio, location and profile picture.

Random UserAgent

Each time Blackbird does a username search it will use a random UserAgent from a list of 1000 UserAgents to prevent blocking.

Supersonic speed 🚀

Blackbird sends async HTTP requests, allowing a lot more speed when discovering user accounts.

JSON Template

Blackbird uses JSON as a template to store and read data.

The data.json file store all sites that blackbird verify.

Params

  • app - Site name
  • url
  • valid - Python expression that returns True when user exists
  • id - Unique numeric ID
  • method - HTTP method
  • json - JSON body POST (needs to be escaped, use this 👉 https://codebeautify.org/json-escape-unescape)
  • {username} - Username place (URL or Body)
  • response.status - HTTP response status
  • responseContent - Raw response body
  • soup - Beautifulsoup parsed response body
  • jsonData - JSON response body
  • metadada - a list of objects to be scraped

Examples

GET

    {
      "app": "ExampleAPP1",
      "url": "https://www.example.com/{username}",
      "valid": "response.status == 200",
      "id": 1,
      "method": "GET"
    }

POST JSON

    {
      "app": "ExampleAPP2",
      "url": "https://www.example.com/user",
      "valid": "jsonData['message']['found'] == True",
      "json": "{{\"type\": \"username\",\"input\": \"{username}\"}}",
      "id": 2,
      "method": "POST"
    }

GET with Metadata extraction

    {
      "app": "Twitter",
      "id": 3,
      "method": "GET",
      "url": "https://nitter.net/{username}",
      "valid": "response.status == 200",
      "metadata": [
        {
          "type": "generic-data",
          "key": "Name",
          "value": "soup.find('a', class_='profile-card-fullname')['title']"
        },
        {
          "type": "generic-data",
          "key": "Bio",
          "value": "soup.find('div',class_='profile-bio').string"
        },
        {
          "type": "generic-data",
          "key": "Site",
          "value": "soup.find('div',class_='profile-website').text.strip('\\t\\r\\n')"
        },
        {
          "type": "generic-data",
          "key": "Member since",
          "value": "soup.find('div',class_='profile-joindate').find('span')['title']"
        },
        {
          "type": "image",
          "key": "picture",
          "value": "'https://nitter.net'+soup.find('a', class_='profile-card-avatar')['href']"
        },
        {
          "type": "location",
          "key": "location",
          "value": "soup.select_one('.profile-location:nth-of-type(2)').text.strip('\\t\\r\\n')"
        }
      ]
    }

If you have any suggestion of a site to be included in the search, make a pull request following the template.

Planned features

  • Implement Flask Web Server to optimize UX
  • Export results in PDF
  • Export results in CSV
  • Reach at least 300 sites until August 2022
  • Implement metadata extraction
  • Deploy on Cloud

Contact

Feel free to contact me on Twitter

July 12, 2022
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

2 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Thrasher
Thrasher
1 month ago

Well, I tried to edit my comment but it wouldn’t allow me.

I very very very stupidly forgot to type python3

Ignore my previous comment.

Thrasher
Thrasher
1 month ago

Does not seem to be compatible with python 3.10

Last edited 1 month ago by Thrasher
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013
GET A FREE EDITION!
Join our newsletter and receive for FREE, our premium edition “Brute Force and Supply Chain Attacks”
x