Kali Linux: Footprinting using GHunt

Today, we are going to discover a new OSINT tool that allows us to gather information about Google accounts. Google is one of the most widely used platforms on the internet today, offering multiple services to users, such as email, online storage, document processing, learning, and more. Users of these services need to have accounts; therefore, for OSINT researchers seeking information about a user’s Google account, the tool GHunt can be used for that purpose.

GHunt can be very helpful for our investigations into Google accounts, as it provides the following information about an account:

1. Details about the account.
2. Detection of the Google services an account is using, which can help us understand the behavior of the account owner.
3. Publicly available data linked to the account.

GHunt is available on GitHub (GHunt Repository), where you can find a complete guide on how to download and use it.

Let’s start by creating a Python virtual environment where we will work, and then activate the environment.

$ python3 -m venv ghunt
$ source ghunt/bin/activate        

After the virtual environment is ready, let’s install the dependencies and GHunt.

$ pip install pipx
$ pipx ensurepath
$ pipx install ghunt        

GHunt is successfully installed. The next step is to configure the browser extension for GHunt activation. We are using Firefox on Kali Linux. Before adding the GHunt Companion extension to the browser, enter this link in the Firefox browser: GHunt Companion Extension.

Synchronize it with GHunt and connect with a Google account.

After connecting, you will have a view. From there, select Method 2 to copy the base64-encoded authentication.

We enter the command ghunt login and a menu will appear and select option 2.

$ ghunt login        

Now, we can paste the base64-encoded authentication that we copied from our browser. After that, we can use GHunt for our footprinting research.

To use GHunt for research, we can use the command ghunt -h, which provides help on how to utilize GHunt.

$ ghunt -h        

Now, let’s launch a research on an email address and see the results. For privacy reasons, I will hide the email address.

$ ghunt email <the email address>        

From the search, GHunt provided us with information about the email address we were investigating. I received the profile picture, a Google map showing the location where the picture was taken, the entity type, and some other details.

Conclusion

This article aimed to introduce another OSINT tool that can assist with footprinting. GHunt is an efficient tool for hunting Google accounts and provides valuable information that can be useful for OSINT users. I invite you to try this tool and enjoy the results. Follow us for more updates and stay tuned!