aeondave/sherlock
offensive-tools/osint/sherlock/SKILL.md
Auth/lab ref: Hunt username presence across 400+ social networks and output found profile URLs.
$ install --global
skillsauthnpx skillsauth add aeondave/malskill sherlockInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 8, 2026, 3:57 AM159.4s2 files scanned
SKILL.md
- name:
- sherlock
- description:
- Auth/lab ref: Hunt username presence across 400+ social networks and output found profile URLs.
- license:
- MIT
- compatibility:
- Python 3; Linux/macOS/Windows.
- author:
- AeonDave
- version:
- 1.1
Sherlock
Username hunter across 400+ social platforms.
Quick Start
pip install sherlock-project
# Search single username
sherlock username
# Search multiple usernames
sherlock user1 user2 user3
# Output to file
sherlock username --output results.txt
# JSON output
sherlock username --json
Core Flags
| Flag | Purpose |
|------|---------|
| --timeout N | Per-site timeout (default: 60s) |
| --print-found | Only show found accounts |
| --print-all | Show all (including not found) |
| --output FILE | Save results |
| --json | JSON format |
| --site NAME | Search specific site only |
| --csv | CSV output |
| -x XLSX | Excel output |
Common Workflows
Hunt username from breach data:
sherlock johndoe_83 --print-found --output johndoe_found.txt
Multiple username variants:
sherlock "john.doe" johndoe john_doe jdoe --print-found
Targeted site lookup:
sherlock johndoe --site twitter --site github --site linkedin
From breach data — test common variations at once:
sherlock john.doe johndoe john_doe j.doe jdoe83 --print-found --timeout 10
Username Variation Strategy
Given a real name "John Doe" or email [email protected]:
johndoe, john.doe, john_doe, jdoe, j.doe, johndoe83, jdoe83
firstname+lastname, firstnamelastname, last.first
Add: year of birth, numbers 1/2/_, common suffixes (_real, _official)
vs maigret
| | sherlock | maigret | |--|---------|---------| | Sites | ~400 | 2800+ | | Output | URL list | Full dossier (scraped data) | | Speed | Fast | Slower | | Best for | Quick platform sweep | Deep profile building |
Use sherlock for fast sweep, maigret for deep investigation.
Resources
| File | When to load |
|------|--------------|
| references/username-techniques.md | Username generation, variation tools, pivot strategies, platform-specific tips |
Related Skills
aeondave/vibe-audit-technique
development
VerifiedTrustedCommunity
White-box auditing methodology for AI-generated ('vibe-coded') applications. Focuses on modern stack misconfigurations (Supabase, Next.js, Vercel).
4SKILL.mdUpdated Jun 12, 2026
aeondave/source-review-technique
development
VerifiedTrustedCommunity
Hybrid AI/Deterministic SAST methodology for discovering zero-day vulnerabilities in source code. Orchestrates structural search with AI-driven data flow and sink validation.
4SKILL.mdUpdated Jun 12, 2026
aeondave/hardware-technique
development
VerifiedTrustedCommunity
Auth assessment: hardware/embedded methodology; UART/JTAG/SWD/SPI/I2C, firmware extraction, boot/debug paths, embedded OS evidence.
4SKILL.mdUpdated Jun 12, 2026
aeondave/container-technique
devops
VerifiedTrustedCommunity
Container methodology: Identifying containerization limits, Docker/K8s misconfigurations, and executing escapes to the host node.
4SKILL.mdUpdated Jun 12, 2026