Kali Linux

Crosslinked : LinkedIn Enumeration Tool

CrossLinked is a LinkedIn enumeration tool that uses search engine scraping to collect valid employee names from an organization. This technique provides accurate results without the use of API keys, credentials, or accessing LinkedIn directly!

Install

Install the last stable release from PyPi:

pip3 install crosslinked

Or, install the most recent code from GitHub:

git clone https://github.com/m8sec/crosslinked
cd crosslinked
python3 setup install

Prerequisite

CrossLinked assumes the organization’s account naming convention has already been identified. This is required for execution and should be added to the CMD args based on your expected output. See the Naming Format and Example Usage sections below:

Naming Format

{f}.{last} = j.smith
{first.{last} = john.smith
CMP{first}{l} = CMP\johns
{f}{last}@company.com = jsmith@company.com

Search

By default, CrossLinked will use google and bing search engines to identify employees of the target organization. After execution, two files (names.txt & names.csv) will appear in the current directory, unless modified in the CMD args.

  • names.txt – List of unique user accounts in the specified format.
  • names.csv – Raw search data. See the Parse section below for more.

Example Usage

python3 crosslinked.py -f ‘{first}.{last}@domain.com’ company_name

python3 crosslinked.py -f ‘domain{f}{last}’ -t 15 -j 2 company_name

Parse

Account naming convention changed after execution and now your hitting CAPTCHA requests? No Problem!

CrossLinked v0.2.0 now includes a names.csv output file, which stores all scraping data including: first namelast namejob title, and url. This can be ingested and parsed to reformat user accounts as needed.

Example Usage

python3 crosslinked.py -f ‘{f}{last}@domain.com’ names.csv

Additional Options

Proxy Rotation

The latest version of CrossLinked provides proxy support to rotate source addresses. Users can input a single proxy with --proxy 127.0.0.1:8080 or use multiple via --proxy-file proxies.txt.

cat proxies.txt
127.0.0.1:8080
socks4://111.111.111.111
socks5://222.222.222.222
python3 crosslinked.py –proxy-file proxies.txt -f ‘{first}.{last}@company.com’ -t 10 “Company”

Usage

positional arguments:
company_name Target company name
optional arguments:
-h, –help show help message and exit
-t TIMEOUT Max timeout per search (Default=15)
-j JITTER Jitter between requests (Default=1)
Search arguments:
–search ENGINE Search Engine (Default=’google,bing’)
Output arguments:
-f NFORMAT Format names, ex: ‘domain{f}{last}’, ‘{first}.{last}@domain.com’
-o OUTFILE Change name of output file (omit_extension)
Proxy arguments:
–proxy PROXY Proxy requests (IP:Port)
–proxy-file PROXY Load proxies from file for rotation

R K

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

1 week ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

1 week ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

2 weeks ago