GHunt is an OSINT tool to extract information from any Google Account using an email.
It can currently extract:
- Owner’s name
- The last time the profile was edited
- Google ID
- If the account is a Hangouts Bot
- Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.)
- Possible YouTube channel
- Possible other usernames
- Public Photos
- Phone models
- Phone firmwares
- Installed software
- Google Maps reviews
- Possible physical location
Installation
Docker
You can build the Docker image with:
docker build –build-arg UID=$(id -u ${USER}) –build-arg GID=$(id -g ${USER}) -t ghunt .
Any of the scripts can be invoked through:
docker run -v $(pwd)/resources:/usr/src/app/resources -ti ghunt check_and_gen.py
docker run -v $(pwd)/resources:/usr/src/app/resources -ti ghunt hunt.py <email_address>
Manual installation
- Make sure you have Python 3.6.1+ installed. (I developed it with Python 3.8.1)
- These Python modules are required (we’ll install them later):
geopy
httpx
selenium-wire
selenium
imagehash
pillow
python-dateutil
chromedriver_autoinstaller1. Chromedriver & Google Chrome
This project uses Selenium and automatically downloads the correct driver for your Chrome version.
So just make sure to have Google Chrome installed.
2. Requirements
In the GHunt folder, run:
python -m pip install -r requirements.txt
Adapt the command to your operating system if needed.
Usage
For the first run and sometimes after, you’ll need to check the validity of your cookies.
To do this, run check_and_gen.py.
If you don’t have cookies stored (ex: first launch), you will be asked for the 4 required cookies. If they are valid, it will generate the Authentication token and the Google Docs & Hangouts tokens.
Then, you can run the tool like this:
I suggest you make an empty account just for this or use an account where you never login because depending on your browser/location, re-logging in into the Google Account used for the cookies can deauthorize them.
