0

  • No products in the cart.

  • LOGIN
  • Home
  • Blog
  • Blackbird - An OSINT tool to search for accounts by username in social networks

Blackbird - An OSINT tool to search for accounts by username in social networks

(2,110 views)

The Lockheed SR-71 "Blackbird" is a long-range, high-altitude, Mach 3+ strategic reconnaissance aircraft developed and manufactured by the American aerospace company Lockheed Corporation.

https://github.com/p1ngul1n0/blackbird

Disclaimer

This or previous program is for educational purposes ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that me (P1ngul1n0) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not P1ngul1n0's responsibility.

Setup

Clone the repository

git clone https://github.com/p1ngul1n0/blackbird
cd blackbird

Install requirements

pip install -r requirements.txt

Usage

Search by username

python blackbird.py -u username

Run WebServer

python blackbird.py --web

Access http://127.0.0.1:5000 on the browser

Read results file

python blackbird.py -f username.json

List supportted sites

python blackbird.py --list-sites

Export Report

The results can be exported as a PDF Report.

Metadata Extraction

When possible Blackbird will extract the user's metadata, bringing data such as name, bio, location and profile picture.

Random UserAgent

Each time Blackbird does a username search it will use a random UserAgent from a list of 1000 UserAgents to prevent blocking.

Supersonic speed 🚀

Blackbird sends async HTTP requests, allowing a lot more speed when discovering user accounts.

JSON Template

Blackbird uses JSON as a template to store and read data.

The data.json file store all sites that blackbird verify.

Params

  • app - Site name
  • url
  • valid - Python expression that returns True when user exists
  • id - Unique numeric ID
  • method - HTTP method
  • json - JSON body POST (needs to be escaped, use this 👉 https://codebeautify.org/json-escape-unescape)
  • {username} - Username place (URL or Body)
  • response.status - HTTP response status
  • responseContent - Raw response body
  • soup - Beautifulsoup parsed response body
  • jsonData - JSON response body
  • metadada - a list of objects to be scraped

Examples

GET

    {
      "app": "ExampleAPP1",
      "url": "https://www.example.com/{username}",
      "valid": "response.status == 200",
      "id": 1,
      "method": "GET"
    }

POST JSON

    {
      "app": "ExampleAPP2",
      "url": "https://www.example.com/user",
      "valid": "jsonData['message']['found'] == True",
      "json": "{{\"type\": \"username\",\"input\": \"{username}\"}}",
      "id": 2,
      "method": "POST"
    }

GET with Metadata extraction

    {
      "app": "Twitter",
      "id": 3,
      "method": "GET",
      "url": "https://nitter.net/{username}",
      "valid": "response.status == 200",
      "metadata": [
        {
          "type": "generic-data",
          "key": "Name",
          "value": "soup.find('a', class_='profile-card-fullname')['title']"
        },
        {
          "type": "generic-data",
          "key": "Bio",
          "value": "soup.find('div',class_='profile-bio').string"
        },
        {
          "type": "generic-data",
          "key": "Site",
          "value": "soup.find('div',class_='profile-website').text.strip('\\t\\r\\n')"
        },
        {
          "type": "generic-data",
          "key": "Member since",
          "value": "soup.find('div',class_='profile-joindate').find('span')['title']"
        },
        {
          "type": "image",
          "key": "picture",
          "value": "'https://nitter.net'+soup.find('a', class_='profile-card-avatar')['href']"
        },
        {
          "type": "location",
          "key": "location",
          "value": "soup.select_one('.profile-location:nth-of-type(2)').text.strip('\\t\\r\\n')"
        }
      ]
    }

If you have any suggestion of a site to be included in the search, make a pull request following the template.

Planned features

  • Implement Flask Web Server to optimize UX
  • Export results in PDF
  • Export results in CSV
  • Reach at least 300 sites until August 2022
  • Implement metadata extraction
  • Deploy on Cloud

Contact

Feel free to contact me on Twitter

July 12, 2022

Author

Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

2 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Thrasher
Thrasher
10 months ago

Well, I tried to edit my comment but it wouldn’t allow me.

I very very very stupidly forgot to type python3

Ignore my previous comment.

1
Reply
Thrasher
Thrasher
10 months ago

Does not seem to be compatible with python 3.10

Last edited 10 months ago by Thrasher
0
Reply
Get unlimited access

Become an Instructor

Become a Reviewer

Writing on Hakin9

LOOKING for a JOB in IT security?

New Edition

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023