Social Analyzer - API, CLI & Web App for analyzing & finding a person's profile across +800 social media \ websites. It includes different string analysis and detection modules, you can choose which combination of modules to use during the investigation process.
The detection modules utilize a rating mechanism based on different detection techniques, which produces a rate value that starts from 0 to 100 (No-Maybe-Yes). This module intended to have less false positive and it's documented in this Wiki link
The analysis and public extracted information from this OSINT tool could help in investigating profiles related to suspicious or malicious activities such as cyberbullying, cybergrooming, cyberstalking, and spreading misinformation.
This project is "currently used by some law enforcement agencies in countries where resources are limited".
I have been getting many public & private requests to add static websites' info to the detection db, this is being implemented and +400 detections should have that. If you have any -private module, and you are not able to see the static websites' info, download the latest version or email me for details
Websites and applications that enable users to create and share content or to participate in social networking - Oxford Dictionary
------------------------------------- ---------------------------------
| Security Testing | | Social-Analyzer |
------------------------------------- ---------------------------------
| Passive Information Gathering | <--> | Find Social Media Profiles |
| | | |
| Active Information Gathering | <--> | Post Analysis Activities |
------------------------------------- ---------------------------------
Standard localhost WEB APP url: http://0.0.0.0:9005/app.html
- String & name analysis (Permutations and Combinations)
- Find profile using multiple techniques (HTTPS library & Webdriver)
- Multi layers detections (OCR, normal, advanced & special)
- Metadata & Patterns extraction (Added from Qeeqbox osint project)
- Force-directed Graph for Metadata (Needs ExtractPatterns)
- Auto-flirtation to unnecessary output
- Search engine lookup (Google API - optional)
- Custom search queries (Google API & DuckDuckGo API - optional)
- Profile screenshot, title, info and website description
- Find name origins, name similarity & common words by language
- Custom user-agent, proxy, timeout & implicit wait
- Python CLI & NodeJS CLI (limited to FindUserProfilesFast option)
- Grid option for faster checking (limited to docker-compose)
- Dump logs to folder or terminal (prettified)
- Adjust finding\getting profile workers (default 15)
- Re-checking option for failed profiles
- Filter profiles by good, maybe, and bad
- Save the analysis as JSON file
- Simplified web interface and cli
- Facebook (Phone number, name or profile name)
- Gmail (example@gmail.com)
- Google (example@example.com)
sudo apt-get update
#Depedning on your Linux distro, you may or may not need these 2 lines
sudo DEBIAN_FRONTEND=noninteractive apt-get install -y software-properties-common
sudo add-apt-repository ppa:mozillateam/ppa -y
sudo apt-get install -y firefox-esr tesseract-ocr git nodejs npm
git clone https://github.com/qeeqbox/social-analyzer.git
cd social-analyzer
npm install
npm start
sudo apt-get update
sudo apt-get install python3 python3-pip
pip3 install social-analyzer
social-analyzer --username "johndoe" --metadata
#or
python3 -m social-analyzer --username "johndoe" --metadata
sudo apt-get update
sudo apt-get install git python3 python3-pip
git clone https://github.com/qeeqbox/social-analyzer
cd social-analyzer
pip3 install –r requirements.txt
python3 app.py social-analyzer --username "johndoe" --metadata
from importlib import import_module
SocialAnalyzer = import_module("social-analyzer").SocialAnalyzer(silent=True)
results = SocialAnalyzer.run_as_object(username="johndoe",silent=True)
print(results)
- check this wiki for all possible installation methods
- check this wiki for integrating social-analyzer with your OSINT tools, feeds, etc..
Required Arguments:
--username E.g. johndoe, john_doe or johndoe9999
Optional Arguments:
--websites Website or websites separated by space E.g. youtube, tiktok or tumblr
--mode Analysis mode E.g.fast -> FindUserProfilesFast, slow -> FindUserProfilesSlow or special -> FindUserProfilesSpecial
--output Show the output in the following format: json -> json output for integration or pretty -> prettify the output
--options Show the following when a profile is found: link, rate, title or text
--method find -> show detected profiles, get -> show all profiles regardless detected or not, both -> combine find & get
--filter Filter detected profiles by good, maybe or bad, you can do combine them with comma (good,bad) or use all
--profiles Filter profiles by detected, unknown or failed, you can do combine them with comma (detected,failed) or use all
--extract Extract profiles, urls & patterns if possible
--metadata Extract metadata if possible (pypi QeeqBox OSINT)
--trim Trim long strings
Listing websites & detections:
--list List all available websites
Setting:
--headers Headers as dict
--logs_dir Change logs directory
--timeout Change timeout between each request
--silent Disable output to screen
- Remember that existing profiles show
status:good
orrate:%100
- Some websites return
blocked
orinvalid
<- this is the intended behavior - Use Proxy, VPN, TOR or anything similar for periodic suspicious-profiles checking
- Do not mix FindUserProfilesFast, with FindUserProfilesSlow and ShowUserProfilesSlow
- Change the user-agent to most updated one or increase the random time between requests
- Use the slow mode (Not available in the CLIs) to avoid running into blocking\results issue
- Adding the generic websites detections (These need some reviewing, but I will try to add them in 2021)
- DuckDuckGo API, Google API, NodeJS, bootstrap, selectize, jQuery, Wikipedia, font-awesome, selenium-webdriver & tesseract.js
- Let me know if I missed a reference or resource!
- 5 Advance Open-Source Intelligence (OSINT) Tools
- 5 Open-Source Intelligence (OSINT) GitHub Repositories For Every Security Analyst (Cyber Security)
- You can use social-analyzer in the BlackArch penetration testing distribution by installing blackarch-social
- Make sure to download this tool from GitHub
- This is a security project (Treat it as a security project)
- If you want your website to be excluded from this project list, please reach out to me
- This tool meant to be used locally not as a service (It does not have any type of Access Control)
- For issues related to modules that end with -private, reach out directly to me (do not open an issue on GitHub)