If you’ve heard the name but are wondering what it means, OSINT stands for open-source intelligence, which refers to any information that can legally be gathered from free, public sources about an individual or organization. In today's article, we will talk about the GHunt tool.
What is GHunt
GHunt is a new open-source tool that allows security teams to explore data created by Google accounts. This tool can extract the account owner’s name and Google ID, YouTube channel, and active Google services, including Photos and Maps. This can also reveal public photos, phone models, make, firmware, and installed software, and potentially, the user’s physical location.
GHunt is an OSINT tool to extract information from any Google Account using an email.
Currently it can extract:
- Owner's name
- Last time the profile was edited
- Google ID
- If the account is a Hangouts Bot
- Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.)
- Possible YouTube channel
- Possible other usernames
- Public photos (P)
- Phones models (P)
- Phones firmwares (P)
- Installed softwares (P)
- Google Maps reviews (M)
- Possible physical location (M)
- Events from Google Calendar (C)
- The features marked with a (P) require the target account to have the default setting of Allow the people you share content with to download your photos and videos on the Google AlbumArchive, or if the target has ever used Picasa linked to their Google account.
- Those marked with a (M) require the Google Maps reviews of the target to be public (they are by default).
- Those marked with a (C) requires user to have Google Calendar set on public (default it is closed)
- Make sure you have Python 3.7+ installed. You can watch the video on how to install python 3 in Windows Operating System (https://www.youtube.com/watch?v=8WZ5xNd-uiM).
- Make sure you have Google Chrome Installed.
- Download Chromedriver from this link and start the service (https://chromedriver.chromium.org/downloads).
- Git clone or Download the GHunt repo from this link (https://github.com/mxrch/GHunt).
- From the GHunt folder run the below command.
- For the first run, and sometimes after, you'll need to check the validity of your cookies.
- To do this, run the below command
- If you don't have cookies stored (ex: first launch), you will be asked for the 4 required cookies. If they are valid, it will generate the Authentication token and the Google Docs & Hangouts tokens.
- Then, you can run the tool like this:
- pip3 install -r requirements.txt
- python3 check_and_gen.py
- python3 hunt.py email@example.com
How to get these 4 cookies?
- Log in to accounts.google.com .
- After that, open the Dev Tools window and navigate to the Storage tab (It's called "Application" on Chrome). If you don't know how to open it, just right-click anywhere and click "Inspect Element".
- Then you'll find every cookie you need, including the 4 ones.
Then we need to paste our required cookies on GHunt tool. The cookies are
That's it, Hope you like this post. Thanks.