• This repository has been archived on 30/Apr/2023
  • Stars
    star
    941
  • Rank 48,574 (Top 1.0 %)
  • Language
    Python
  • License
    MIT License
  • Created over 6 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

LinkedIn Recon Tool

Sponsor Open Source Tooling

Disclaimer

  • The project is to be used for educational and testing purposes only.

Authors

Contributors:

  • Leesoh
  • harshil-shah004

Installation

git clone https://github.com/vysecurity/LinkedInt
cd LinkedInt
pip install -r requirements.txt

Change Log

[v1.1 01-05-2021]

Fixes:

  • Temporary fix for location field missing

[v1.1 27-03-2021]

Fixes:

  • Fixed the authentication flow
  • Fixed hunter API demo key - removed

Additions:

  • Added better looking missing image value for the profiles with no photo.
  • Embedded all images into the HTML file to allow for offline viewing.
  • Added credits

[v0.1 BETA 12-07-2017]

Additions:

  • UI Updates
  • Constrain to company filters
  • Addition of Hunter for e-mail prediction

Usage

  1. Put in LinkedIn credentials in LinkedInt.cfg
  2. Put Hunter.io API key in LinkedInt.cfg
  3. Run LinkedInt.py and follow instructions (example below).

Example

Using General Motors as the target as they have a bug bounty program.

โ–ˆโ–ˆโ•—     โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ•—   โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ•—   โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—
โ–ˆโ–ˆโ•‘     โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•”โ•โ•โ•โ•โ•โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•‘โ•šโ•โ•โ–ˆโ–ˆโ•”โ•โ•โ•
โ–ˆโ–ˆโ•‘     โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ• โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘
โ–ˆโ–ˆโ•‘     โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ•šโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•”โ•โ•โ•  โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ•šโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘
โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘
โ•šโ•โ•โ•โ•โ•โ•โ•โ•šโ•โ•โ•šโ•โ•  โ•šโ•โ•โ•โ•โ•šโ•โ•  โ•šโ•โ•โ•šโ•โ•โ•โ•โ•โ•โ•โ•šโ•โ•โ•โ•โ•โ• โ•šโ•โ•โ•šโ•โ•  โ•šโ•โ•โ•โ•   โ•šโ•โ•

Providing you with Linkedin Intelligence
Author: Vincent Yiu (@vysec, @vysecurity)
Original version by @DisK0nn3cT
[*] Enter search Keywords (use quotes for more precise results)
"General Motors"

[*] Enter filename for output (exclude file extension)
generalmotors

[*] Filter by Company? (Y/N):
Y

[*] Specify a Company ID (Provide ID or leave blank to automate):


[*] Enter e-mail domain suffix (eg. contoso.com):
gm.com

[*] Select a prefix for e-mail generation (auto,full,firstlast,firstmlast,flast,first.last,fmlast):
auto

[*] Automatically using Hunter IO to determine best Prefix
[!] {first}.{last}
[+] Found first.last prefix

Output (HTML):

Output HTML Report

More Repositories

1

RedTips

Red Team Tips as posted by @vysecurity on Twitter
1,015
star
2

DomLink

A tool to link a domain with registered organisation names and emails, to other domains.
Python
781
star
3

DomainFrontingLists

A list of Domain Frontable Domains by CDN
532
star
4

morphHTA

morphHTA - Morphing Cobalt Strike's evil.HTA
Python
500
star
5

ANGRYPUPPY

Bloodhound Attack Path Automation in CobaltStrike
PowerShell
307
star
6

IPFuscator

IPFuscator - A tool to automatically generate alternative IP representations
Python
238
star
7

Aggressor-VYSEC

PowerShell
195
star
8

CVE-2017-8759

CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.
174
star
9

ps1-toolkit

Obfuscated Penetration Testing PowerShell scripts
PowerShell
123
star
10

genHTA

Generates anti-sandbox analysis HTA files without payloads
Python
114
star
11

CVE-2018-4878

Aggressor Script to launch IE driveby for CVE-2018-4878
88
star
12

checkO365

checkO365 is a tool to check if a target domain is using O365
Python
84
star
13

CobaltSplunk

Splunk Dashboard for CobaltStrike logs
Python
83
star
14

ATT-CK_Analysis

Repository for my ATT&CK analysis research.
Python
70
star
15

FSharp-Shellcode

F# Implementation to spawn shellcode
F#
45
star
16

Invoke-ProcessScan

Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.
PowerShell
42
star
17

AzureAppC2

A script that can be deployed to Azure App for C2 / Proxy / Redirector
Python
27
star
18

basicAuth

Basic Auth Phish page
PHP
25
star
19

ShellcodeConversion

A collection of shell code conversion scripts that I have written over time for repetitive tasks
Python
18
star
20

RDPInception

A script to attack users who are RDPing into a machine and recurse this attack. For security testers and attack simulations.
Batchfile
18
star
21

Office365TenantsList

Office365 Tenants List
16
star
22

WindfarmDynamite-CNA

CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe
15
star
23

EmpireAMSI

PowerShell
13
star
24

DoH-Servers

DNS over HTTPS Servers
12
star
25

BadIP

Bad Security Vendor IPs
Shell
10
star
26

wepwnise

A generator to weaponize Macro payloads that can evade EMET and utilises native VB migration.
Python
9
star
27

PWNDB

Parse PWNDB
Python
8
star
28

autovpn

Easily connect to a VPN in a country of your choice
Go
7
star
29

CloudServiceLists

Tenants list for each cloud service.
6
star
30

CVE-2020-0796

CVE-2020-0796 - Working PoC - 20200313
6
star
31

vysecurity

6
star
32

PacketParser

A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
Python
5
star
33

SCTPersistence

Create COM Objects backed by Scripts, not DLLs
JavaScript
5
star
34

nuclei-templates-notags

5
star
35

CVE-2021-40444

3
star
36

DriverVulnCheck

Takes Bruteratel `drivers` output and checks it against loldrivers.io
Python
3
star
37

Linkedin_Connect_NEWUI

A Python Script that controls Selenium to automate the process of connecting on LinkedIn
Python
2
star
38

malleable-profiles

2
star
39

IIS_exploit

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
Python
2
star
40

test-conf

1
star
41

Archive

Archive
1
star
42

vysecurity.github.io

HTML
1
star
43

DomainFrontingProxies

A list of Domain Fronting Proxies that are known to permit or break Domain Fronting
1
star
44

HOLYWATER

1
star
45

nextjs-blog-theme

1
star