Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

social-analyzer

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

social-analyzer

API, CLI & Web App for analyzing & finding a person's profile across 300+ social media websites (Detections are updated regularly)

  • 0.45
  • PyPI
  • Socket score

Maintainers
1

.. image:: https://raw.githubusercontent.com/qeeqbox/social-analyzer/main/readme/socialanalyzerlogo_.png

Social-Analyzer - API, CLI & Web App for analyzing & finding a person's profile across social media websites. It includes different string analysis and detection modules, you can choose which combination of modules to use during the investigation process.

The detection modules utilize a rating mechanism based on different detection techniques, which produces a rate value that starts from 0 to 100 (No-Maybe-Yes). This module intended to have less false positive, and it's documented in this Wiki <https://github.com/qeeqbox/social-analyzer/wiki>_ link

The analysis and public extracted information from this OSINT tool could help in investigating profiles related to suspicious or malicious activities such as cyberbullying <https://en.wikipedia.org/wiki/Wikipedia:Cyberbullying>, cybergrooming <https://de.wikipedia.org/wiki/Cyber-Grooming>, cyberstalking <https://en.wikipedia.org/wiki/Cyberstalking>, and spreading misinformation <https://en.wikipedia.org/wiki/Misinformation>.

This project is "currently used by some law enforcement agencies in countries where resources are limited".

Social Analyzer is in a league of its own and is a very impressive tool that I thoroughly recommend for Digital Investigators and OSINT practitioners - by Joseph Jones, Founder of Strategy Nord, Unita Insight and OS2INT <https://os2int.com/toolbox/investigating-usernames-with-social-analyzer>_.

So·cial Me·di·a

Websites and applications that enable users to create and share content or to participate in social networking - Oxford Dictionary

Security Testing

.. code:: bash

-------------------------------------              ---------------------------------
|        Security Testing           |              |        Social-Analyzer        |
-------------------------------------              ---------------------------------
|   Passive Information Gathering   |     <-->     |   Find Social Media Profiles  |
|                                   |              |                               |
|    Active Information Gathering   |     <-->     |    Post Analysis Activities   |
-------------------------------------              ---------------------------------

Find Profile CLI (Fast)

.. image:: https://raw.githubusercontent.com/qeeqbox/social-analyzer/main/readme/cli.gif

Features

  • String & name analysis (Permutations and Combinations)
  • Find profile using multiple techniques (HTTPS library & Webdriver)
  • Multi layers detections (OCR, normal, advanced & special)
  • Visualized profile information using Ixora (Metadata & Patterns)
  • Metadata & Patterns extraction (Added from Qeeqbox osint project)
  • Force-directed Graph for Metadata (Needs ExtractPatterns)
  • Search by top ranking, or by country (Alexa Ranking)
  • Profiles stats and static info (Category country)
  • Auto-flirtation to unnecessary output
  • Search engine lookup (Google API - optional)
  • Custom search queries (Google API & DuckDuckGo API - optional)
  • Profile screenshot, title, info and website description
  • Find name origins, name similarity & common words by language
  • Custom user-agent, proxy, timeout & implicit wait
  • Python CLI & NodeJS CLI (limited to FindUserProfilesFast option)
  • Grid option for faster checking (limited to docker-compose)
  • Dump logs to folder or terminal (prettified)
  • Adjust finding\getting profile workers (default 15)
  • Re-checking option for failed profiles
  • Filter profiles by good, maybe, and bad
  • Save the analysis as JSON file
  • Simplified web interface and CLI

Running Example (Simple)

.. code:: bash

pip3 install social-analyzer
python3 -m social-analyzer --username "johndoe" --metadata --top 100

Running Example (Custom)

.. code:: bash

#install social-analyzer
pip3 install social-analyzer

#specific websites
python3 -m social-analyzer --username "johndoe" --websites "youtube pinterest tumblr"

#specific websites with metadata and extraction
python3 -m social-analyzer --username "johndoe" --websites "youtube pinterest tumblr" --metadata --extract --trim

#all websites with metadata, extraction, filter all profiles with all status
python3 -m social-analyzer --username "johndoe" --websites "all" --metadata --extract --trim --filter "all" --profile "all"

#Screenshot detected profiles
python3 -m social-analyzer --username "johndoe" --websites "cart" --logs --screenshots

Running Example (as object)

.. code:: bash

from importlib import import_module
SocialAnalyzer = import_module("social-analyzer").SocialAnalyzer()
results = SocialAnalyzer.run_as_object(username="johndoe",silent=True)
print(results)

Running Example (as object with specific websites, metadata and extraction)

.. code:: bash

from importlib import import_module
SocialAnalyzer = import_module("social-analyzer").SocialAnalyzer()
results = SocialAnalyzer.run_as_object(username="johndoe", websites="youtube pinterest tumblr", metadata=True, extract=True, silent=True)
print(results)

Help (python3 -m social-analyzer --h)

.. code:: bash

Required Arguments: --username E.g. johndoe, john_doe or johndoe9999

Optional Arguments: --websites A website or websites separated by space E.g. youtube, tiktokor tumblr --mode Analysis mode E.g.fast -> FindUserProfilesFast, slow -> FindUserProfilesSlow or special -> FindUserProfilesSpecial --output Show the output in the following format: json -> json outputfor integration or pretty -> prettify the output --options Show the following when a profile is found: link, rate, titleor text --method find -> show detected profiles, get -> show all profiles regardless detected or not, all -> combine find & get --filter Filter detected profiles by good, maybe or bad, you can do combine them with comma (good,bad) or use all --profiles Filter profiles by detected, unknown or failed, you can do combine them with comma (detected,failed) or use all --countries select websites by country or countries separated by space as: us br ru --top select top websites as 10, 50 etc...[--websites is not needed] --extract Extract profiles, urls & patterns if possible --metadata Extract metadata if possible (pypi QeeqBox OSINT) --trim Trim long strings --gui Reserved for a gui (Not implemented) --cli Reserved for a cli (Not needed)

Listing websites & detections: --list List all available websites

Setting: --headers Headers as dict --logs_dir Change logs directory --timeout Change timeout between each request --silent Disable output to screen

Open in Cloud Shell

.. image:: https://img.shields.io/static/v1?label=%3E_&message=Open%20in%20Cloud%20Shell&color=3267d6&style=flat-square :target: https://ssh.cloud.google.com/cloudshell/editor?cloudshell_git_repo=https://github.com/qeeqbox/social-analyzer&tutorial=README.md

Special Detections

Running Issues

  • Remember that existing profiles show status:good or rate:%100
  • Some websites return blocked or invalid <- this is the intended behavior
  • Use Proxy, VPN, TOR or anything similar for periodic suspicious-profiles checking
  • Do not mix FindUserProfilesFast, with FindUserProfilesSlow and ShowUserProfilesSlow
  • Change the user-agent to most updated one or increase the random time between requests
  • Use the slow mode (Not available in the CLIs) to avoid running into blocking\results issue

Resources

  • DuckDuckGo API, Google API, NodeJS, bootstrap, selectize, jQuery, Wikipedia, font-awesome, selenium-webdriver & tesseract.js
  • Let me know if I missed a reference or resource!

Disclaimer\Notes

  • Make sure to download this tool from GitHub
  • This is a security project (Treat it as a security project)
  • If you want your website to be excluded from this project list, please reach out to me
  • This tool meant to be used locally not as a service (It does not have any type of Access Control)
  • For issues related to modules that end with -private or under the private group, reach out directly to me (do not open an issue on GitHub)

Interviews

  • Console 37 <https://console.substack.com/p/console-37>_

Some News\Articles

  • 5 Open-Source Intelligence (OSINT) GitHub Repositories For Every Security Analyst (Cyber Security) <https://twitter.com/GithubProjects/status/1395205169617547266>_

  • You can use social-analyzer in the BlackArch <https://blackarch.org/>_ penetration testing distribution by installing blackarch-social <https://blackarch.org/social.html>_

Articles

kitploit professionalhackers secnhack meethackers raidforums redpacketsecurity hacking reviews hacking land securityonline skynettools luca-mercatanti pentesttools anonymousmedia ddosi tenochtitlan-sec modernnetsec haktechs haxf4rall hacker-gadgets mrhacker sector035 hackernews

Other projects

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//chameleon.png :target: https://github.com/qeeqbox/chameleon

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//honeypots.png :target: https://github.com/qeeqbox/honeypots

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//analyzer.png :target: https://github.com/qeeqbox/analyzer

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//osint.png :target: https://github.com/qeeqbox/osint

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//url-sandbox.png :target: https://github.com/qeeqbox/url-sandbox

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//mitre-visualizer.png :target: https://github.com/qeeqbox/mitre-visualizer

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//woodpecker.png :target: https://github.com/qeeqbox/woodpecker

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//docker-images.png :target: https://github.com/qeeqbox/docker-images

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//seahorse.png :target: https://github.com/qeeqbox/seahorse

.. image:: https://raw.githubusercontent.com/qeeqbox/.github/main/data//rhino.png :target: https://github.com/qeeqbox/rhino

FAQs


Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc