This repository has the unified data required to perform user and username enumeration on various websites.
Content is in a JSON file and can easily be used in other projects such as the ones below:
Download
git clone https://github.com/WebBreacher/WhatsMyName.git
Usage
$ python ./web_accounts_list_checker.py -u sdfsfsdfsdfs
- 161 sites found in file.
- Found user at http://www.break.com/user/sdfsfsdfsdfs
! ERROR: CONNECTION TIME OUT. Try increasing the timeout delay.
- Found user at https://klout.com/sdfsfsdfsdfs
- Found user at https://social.technet.microsoft.com/profile/sdfsfsdfsdfs/
- Found user at https://www.pinterest.com/sdfsfsdfsdfs/
- Found user at https://www.reddit.com/user/sdfsfsdfsdfs
- Found user at http://scratch.mit.edu/users/sdfsfsdfsdfs/
* Skipping Slashdot - Marked as not valid.
* Skipping SmiteGuru - Marked as not valid.
* Skipping SoundCloud - Marked as not valid.
- Found user at http://steamcommunity.com/id/sdfsfsdfsdfs
- Found user at http://www.tf2items.com/id/sdfsfsdfsdfs/
- Found user at https://twitter.com/sdfsfsdfsdfs
- Found user at http://videolike.org/video/sdfsfsdfsdfs
! ERROR: CONNECTION TIME OUT. Try increasing the timeout delay.
- Found user at http://www.xvideos.com/profiles/sdfsfsdfsdfs
Format
The format of the JSON is simple. There are 3 main elements:
- License – The license for this project and its data
- Authors – The people that have contributed to this project
- Sites – This is the main data
Within the “sites” elements, the format is as follows (with several parameters being optional):
...
{
"name" : "name of the site",
"check_uri" : "URI to check the site with the {account} string replaced by a username",
"pretty_uri" : "if the check_uri is for an API, this OPTIONAL element can show a human-readable page",
"account_existence_code" : "the HTTP response code for a good 'account is there' response",
"account_existence_string" : "the string in the response that we look for for a good response",
"account_missing_string" : "this OPTIONAL string will only be in the response if there is no account found ",
"account_missing_code" : "the HTTP response code for a bad 'account is not there' response",
"known_accounts" : ["a list of user accounts that can be used to test","for user enumeration"],
"allowed_types" : ["these are the types of data and categories of the content"],
"category" : "a category for what the site is mainly used for",
"valid" : "this true or false boolean field is used to enable or disable this site element",
"comments" : ["a list of comments including when this was last verified and outcomes"]
},
...
Copyright (c) 2016, Spotlight Infosec LLC.
Source: https://github.com/WebBreacher/
