Tag Archives: Social Engineering

Username harvesting from Social Media

I mentioned some command line utilities you can use to extract user names on internet on my previous blog post.

Today I want to discuss one of these tools: Reconioter

Nowadays, everybody wants to be connected. People want to increase their social networking with facebook, myspace, Linkedin, etc.

Reconioter searches Linkedin’s company directories and find possible user names. Its simple syntax as following:

./usernameGen.py query #number of pages

I have installed it on my BackTrack4 and do some testing. For example, we want to learn some user names for Apple employees, then we can run

./usernameGen.py Apple 2
anefkens
arnoldn
nefkensa
dnewell
dustinn
newelld
abologan
anatolb
bologana
pfrancois
paulf
francoisp
bbondy
brennb
bondyb
zbezdan
zsoltb
bezdanz
tinofaith
tobiasi
inofaitht
erami
eduardor
ramie

As you may realize after finding employees names, the program outputs them in some common user name formats: First name last initial, last name first initial, and first initial, last name.

This tool is great for penetration testers who want to demonstrate some intelligence gathering techniques usage.