Crawls the given URL and finds broken social media links that can be hijacked. Broken social links may allow an attacker to conduct phishing attacks. It also can cost a loss of the company's reputation. Broken social media hijack issues are usually accepted on the bug bounty programs.

Currently, it supports Twitter, Facebook, Instagram and Tiktok without any API keys.

More at: https://github.com/utkusen/socialhunter

DEMO

Installation

From Binary

You can download the pre-built binaries from the releases page and run. For example:

wget https://github.com/utkusen/socialhunter/releases/download/v0.1.1/socialhunter_0.1.1_Linux_amd64.tar.gz

tar xzvf socialhunter_0.1.1_Linux_amd64.tar.gz

./socialhunter --help

From Source

Install Go on your system
Run: go get -u github.com/utkusen/socialhunter

Usage

socialhunter requires 2 parameters to run:

-f : Path of the text file that contains URLs line by line. The crawl function is path-aware. For example, if the URL is, it only crawls the pages under /blog the path

-w : The number of workers to run (e.g -w 10). The default value is 5. You can increase or decrease this by testing out the capability of your system.

Donation

Loved the project? You can buy me a coffee

June 3, 2022

Author

Hakin9 TEAM: Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.

Latest Articles

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments

Inline Feedbacks

View all comments

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

socialhunter - crawls the website and finds broken social media links that can be hijacked

DEMO

Installation

From Binary

From Source

Usage

Donation

Author

Latest Articles

Popular Authors

Latest Courses

Hacking Blockchain based APIs (W69)

Penetration testing OWASP Top 10 Vulnerabilities (W68)

IoT Security - the DVID Challenge - NEW EDITION (W67)

https://hakin9.org/wp-content/uploads/2020/01/hakin91-copy-1-1.png