G-HUNT osint tool for extracting information from any Google Account using an email.

Open source tool hunts for active Google IDs, YouTube channels, and other Google-owned services

G-HUNT IMAGE
G-HUNT IMAGE

A new open source tool that helps security researchers to explore data created by Google accounts. G-Hunt lets individuals, or security researchers, analyze a target’s Google footprint based just on an email.The tool was developed by Thomas Hertzog

What Can It Extract Form A Google Account

  • Owner’s name
  • Last time the profile was edited
  • Google ID
  • If the account is a Hangouts Bot
  • Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.)
  • Possible YouTube channel
  • Possible other usernames
  • Google Maps reviews
  • Possible physical location
  • Events from Google Calendar

Docker Installation

docker pull mxrch/ghunt

Manual Installation

  • Make sure you have Python 3.7+ installed. (I developed it with Python 3.8.1)
  • Some Python modules are required which are contained in requirements.txt and will be installed below.

1. Chromedriver & Google Chrome

This project uses Selenium and automatically downloads the correct driver for your Chrome version.

So just make sure to have Google Chrome installed.

2. Requirements

In the GHunt folder, run:

python -m pip install -r requirements.txt

Adapt the command to your operating system if needed.

Usage

For the first run and sometimes after, you’ll need to check the validity of your cookies.
To do this, run check_and_gen.py.
If you don't have cookies stored (ex: first launch), you will be asked for the 5 required cookies. If they are valid, it will generate the Authentication token and the Google Docs & Hangouts tokens.

Then, you can run the tool like this:

python hunt.py myemail@gmail.com

How To Protect yourself

Regarding the collection of metadata from your Google Photos account:

Given that Google shows “X require access” on your Google Account Dashboard, you might imagine that you had to explicitly authorize another account in order for it to access your pictures; but this is not the case.
Any account can access your Album Archive (by default)Here’s how to check and fix the fact that you’re vulnerable (which you most likely are):
Go to https://get.google.com/albumarchive/ while logged in with your Google account. You will be automatically redirected to your correct album-archive URL (https://get.google.com/albumarchive/YOUR-GOOGLE-ID-HERE). After that, click the three dots on the top left corner, and click on setting.On another note, the target account will also be vulnerable if they have ever used Pi casa linked to their Google account in any way, shape or form.

You Can Find All The Info About The Tool Here

And Thank You For Reading.

Infosec

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store