Gmail OSINT — Extracting information from a Gmail address and protecting yourself!
In this article we are going to talk about, the information that you can extract from a Gmail (Google email) address (because most people use email by google).
We already know that extracting information from a target is called OSINT (Open source intelligence), today we will learn what is passive and active recon.
When you try to gather info on a target without directly interacting it is called passive recon or passive OSINT, but when you interact with the target to get info, it is called active recon or active OSINT.
Information that you can get on the internet from passive recon is always less in quantity and quality as compared to active recon, but active recon puts you at risk since you are interacting with the target and the owner can reverse it back to you and you can be identified.
Let’s move on to Gmail OSINT now.
Gmail OSINT is very powerful and scary because if someone has your Gmail address, he can get a lot of information that you probably don’t want everyone to know.
We are going to use a tool called GHunt for information-gathering purposes.
Question: What type of recon do you think this is? Active/Passive. (Answer in comment)
GHunt is a modulable OSINT tool designed to evolve over the years and incorporates many techniques to investigate Google accounts or objects.
It currently has email, document, YouTube, and Gaia modules. It is available on GitHub. Here is the link: “GHunt”
Installing GHunt
Update — In the past few weeks, an updated version of GHunt was launched, so I published an article about the updated version too. The updated version is much easier to install and use. Here is the link:
Let’s install GHunt, I would suggest you to install it on Google cloud platform, because it already has docker and git pre-installed and it will be much safer rather than installing it on our base system as it is disposable, and did I told you, it’s free and easy.
Go to ‘Google Cloud Console’, and click on “Console” on the upper right corner.
Agree and continue to go to the next page.
Click on the terminal icon in the upper right corner.
Now, a terminal will appear, like this. There you go, you have just deployed a Linux machine on Google cloud. Let’s install GHunt here.
Now, in that terminal, clone the GitHub repository by using this command, type, and enter.
git clone https://github.com/mxrch/GHunt.git
Go to that directory by using:
cd GHuntNow, list all the files in the directory by using:
ls
Before, using the program, we need to install all the programs that is required. For that type and enter:
python3 -m pip install -r requirements.txt
After the installation, you will get something like this:
Remember, we cloned GHunt repository to install all the requirements.txt programs now by using the command below we will pull the docker image of GHunt, which will help us with Gmail OSINT.
Now, type the following command, to pull the docker image.
docker run -v ghunt-resources:/usr/src/app/resources -ti ghcr.io/mxrch/ghunt check_and_gen.pyAfter this, it will show you something like this:
Now we need to get the cookies which is required for it to run. Let’s get the cookies then. All you need to do is click on the link below to install the extension for your browser, which will get you the respective cookies:
- Firefox: Link to the extension
- Chrome: Link to the extension
- Microsoft Edge: Link to the extension
I am currently using Firefox, so I will click on the first link, it will redirect you here:
Install it by clicking on the link. It will show up like this:
Now, get back to your Google Cloud Console terminal and enter ‘2’ to select “[2] (Companion) Paste base64-encoded cookies”
Next, go to the extension and select Method 2 (based64), and then the cookies will be copied to your clipboard automatically, now paste it onto your cloud terminal and press enter. After, that you can simply use these commands to search about information of a particular email and so on…
python3 ghunt.py email larry@google.com
I would also suggest you to go through the official github page of GHunt program. It is also very helpful. You may ask what information can I get after all that? So, here is the list.
What can GHunt find? Here is the List!
Email module:
Owner's name
Gaia ID
Last time the profile was edited
Profile picture (+ detect custom picture)
If the account is a Hangouts Bot
Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.)
Possible YouTube channel
Possible other usernames
Google Maps reviews (M)
Possible physical location (M)
Events from Google Calendar ©
Organizations (work & education) (A)
Contact emails (A)
Contact phones (A)
Addresses (A)
Document module:
Owner's name
Owner's Gaia ID
Owner's profile picture (+ detect custom picture)
Creation date
Last time the document was edited
Public permissions
Your permissions
YouTube module:
Owner's Gaia ID (through Way back Machine)
Detect if the email is visible
Country
Description
Total views
Joined date
Primary links (social networks)
All info accessible by the Gaia module
Gaia module:
Owner's name
Profile picture (+ detect custom picture)
Possible YouTube channel
Possible other usernames
Google Maps reviews (M)
Possible physical location (M)
Organizations (work & education) (A)
Contact emails (A)
Contact phones (A)
Addresses (A)Now that we know, exposing your google mail address can be carelessly stupid, the question arises; how can you protect yourself from this? The simple answer is you can’t. If you use the internet, there is no way to be completely anonymous, but yes you can hide your information in such a way that no one can ever get to it by using some tools.
The first step toward anonymity is using an encrypted mail. But don’t just throw away your Gmail, you should keep it as Google mail is quite handy, but not as encrypted.
For encrypted mail service use Proton mail, they offer very strict security, and they are free. It is available on almost all devices.
The next step is, try to use a VPN (a virtual private network) when you go to websites, you don’t trust. For now, I am leaving you here! We will talk more about anonymity in my upcoming articles.
Be safe and be secure because winter is coming… :)
