CrossLinked
CrossLinked is a LinkedIn enumeration tool that uses search engine scraping to collect valid employee names from an organization. This technique provides accurate results without the use of API keys, credentials, or accessing LinkedIn directly!
Sponsors
🚩 Consider sponsoring this project to ensure the latest improvements, have your company logo listed here, and get priority support - visit github.com/sponsors/m8sec
Install
Install the last stable release from PyPi:
pip3 install crosslinked
Or, install the most recent code from GitHub:
git clone https://github.com/m8sec/crosslinked
cd crosslinked
python3 setup.py installPrerequisite
CrossLinked assumes the organization's account naming convention has already been identified. This is required for execution and should be added to the CMD args based on your expected output. See the Naming Format and Example Usage sections below:
Naming Format
{f}.{last} = j.smith
{first.{last} = john.smith
CMP\{first}{l} = CMP\johns
{f}{last}@company.com = [email protected]
Still Stuck? Metadata is always a good place to check for hidden information such as account naming convention. see PyMeta for more.
Search
By default, CrossLinked will use google and bing search engines to identify employees of the target organization. After execution, two files (names.txt & names.csv) will appear in the current directory, unless modified in the CMD args.
- names.txt - List of unique user accounts in the specified format.
- names.csv - Raw search data. See the
Parsesection below for more.
Example Usage
python3 crosslinked.py -f '{first}.{last}@domain.com' company_namepython3 crosslinked.py -f 'domain\{f}{last}' -t 15 -j 2 company_nameNote: For best results, use the company name as it appears on LinkedIn
"Target Company"not the domain name.
Screenshots
Parse
Account naming convention changed after execution and now your hitting CAPTCHA requests? No Problem!
CrossLinked v0.2.0 now includes a names.csv output file, which stores all scraping data including: first name, last name, job title, and url. This can be ingested and parsed to reformat user accounts as needed.
Example Usage
python3 crosslinked.py -f '{f}{last}@domain.com' names.csv
Screenshots
Additional Options
Proxy Rotation
The latest version of CrossLinked provides proxy support to rotate source addresses. Users can input a single proxy with --proxy 127.0.0.1:8080 or use multiple via --proxy-file proxies.txt.
> cat proxies.txt
127.0.0.1:8080
socks4://111.111.111.111
socks5://222.222.222.222
> python3 crosslinked.py --proxy-file proxies.txt -f '{first}.{last}@company.com' -t 10 "Company"Note:
HTTP/Sproxies can be added by IP:Port notation. However, socks proxies will require asocks4://orsocks5://prefix.
Usage
positional arguments:
company_name Target company name
optional arguments:
-h, --help show help message and exit
-t TIMEOUT Max timeout per search (Default=15)
-j JITTER Jitter between requests (Default=1)
Search arguments:
--search ENGINE Search Engine (Default='google,bing')
Output arguments:
-f NFORMAT Format names, ex: 'domain\{f}{last}', '{first}.{last}@domain.com'
-o OUTFILE Change name of output file (omit_extension)
Proxy arguments:
--proxy PROXY Proxy requests (IP:Port)
--proxy-file PROXY Load proxies from file for rotation
Contribute
Contribute to the project by:
- Like and share the tool!
- Create an issue to report any problems or, better yet, initiate a PR.
- Reach out with any potential features or improvements @m8sec.