CrossLinked : LinkedIn Enumeration Tool To Extract Valid Employee Names

CrossLinked is a LinkedIn enumeration tool that uses search engine scraping to collect valid employee names from a target organization. This technique provides accurate results without the use of API keys, credentials, or even accessing the site directly. Formats can then be applied in the command line arguments to turn these names into email addresses, domain accounts, and more.

For a full breakdown of the tool and example output, checkout:
https://m8r0wn.com/posts/2021/01/crosslinked.html

Setup

git clone https://github.com/m8r0wn/crosslinked
cd crosslinked
pip3 install -r requirements.txt

Examples

Results are written to a ‘names.txt’ file in the current directory unless specified in the command line arguments. See the Usage section for additional options.

python3 crosslinked.py -f ‘{first}.{last}@domain.com’ company_name
python3 crosslinked.py -f ‘domain{f}{last}’ -t 45 -j 1 company_name

Usage

positional arguments:
company_name Target company name

optional arguments:
-h, –help show this help message and exit
-t TIMEOUT Max timeout per search (Default=20, 0=None)
-j JITTER Jitter between requests (Default=0)
-v Show names and titles recovered after enumeration

Search arguments:
-H HEADER Add Header (‘name1=value1;name2=value2;’)
–search ENGINE Search Engine (Default=’google,bing’)
–safe Only parse names with company in title (Reduces false positives)

Output arguments:
-f NFORMAT Format names, ex: ‘domain{f}{last}’, ‘{first}.{last}@domain.com’
-o OUTFILE Change name of output file (default=names.txt

Proxy arguments:
–proxy PROXY Proxy requests (IP:Port)
–proxy-file PROXY Load proxies from file for rotation

Proxy Support

The latest version of CrossLinked provides proxy support through the Taser library. Users can mask their traffic with a single proxy by adding --proxy 127.0.0.1:8080 to the command line arguments, or use --proxy-file proxies.txt for rotating source addresses.

http/https proxies can be added in IP:PORT notation, while SOCKS requires a socks4:// or socks5:// prefix.

Download
R K

Share
Published by
R K
Tags: CrossLinkedEmployeeEmployee NamesEnumeration Tool
4 years ago

Recent Posts

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

3 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago