GHunt OSINT tool helps pen-testers in threat hunting


    A new open-source tool GHunt allows security teams to explore data created by Google accounts. The tool was developed by Thomas Hertzog. GHunt lets individuals, or security experts, analyze a target’s Google “footprint” based just on an email. This open-source intelligence tool can extract the account owner’s name and Google ID, YouTube channel, and active Google services, including Photos and Maps. It can also reveal public photos, phone models, make, firmware, and installed software, and potentially, the user’s physical location.

    Hertzog said, “GHunt is for people curious about the public information generated by their Google activity and what an attacker might extract from it, or people using OSINT in their work, such as in threat hunting. It can be used by white hat and pen testers to test if emails found during a pen test are sensible and can leak other information, but can also be used in threat hunting to identify and track down threats”

    GHunt is one of a growing number of tools that use open-source information to compile data about online users’ identities and activities. Often, the target subjects are unaware of just how much data is available. Although the tool works through free Gmail addresses, Hertzog believes this can still cause issues for businesses, including G Suite (now Google Workspace) users, where employees have used a free address to register for services. 

    “This tool demonstrates the amount and type of information which can be gained from a Google account email address through public interrogation of Google,” said Stuart Morgan, security consultant at F-Secure.

    As an OSINT tool, GHunt could be used for both threat intelligence gathering, and attack simulation and Hertzog plans to continue to further develop the tool, including gathering more information on phone models used with Google accounts and to probe deeper into Google services, including Maps and Picasa.

    Recent Articles

    Weekly Newsletter (25th Apr’ 21 to 1st May’ 21)

      Here’s the Weekly Newsletter from 25th April’ 2021 to 1st May’ 2021: 1. Moolympics #3: Diversity, Equity, and Inclusion through UX - Moolya Software Testing Private...

    OpKey University launched to provide advanced automation testing training

      Opkey announced on 26th April 2021 that the company has launched its own "Opkey University". According to OpKey University, software testing is a critical...

    Cypress 7.2.0 released with New Features and Bugfixes recently released Cypress 7.2.0 version, the new version comes with various bug fixes and new features. Users can now navigate through folders in...

    Moolympics #3: Diversity, Equity, and Inclusion through UX

      Moolya Software Testing Private Limited recently launched Moolympics which is a monthly competition series that covers different skills, values, cultures you bring to the...

    Weekly Newsletter (18th Apr’ 21 to 24th Apr’ 21)

      Here’s the Weekly Newsletter from 4th April’ 2021 to 10th April’ 2021: 1. OpKey launches Industry’s First Marketplace for ERP Test Automation - Opkey recently launched...

    Related Stories

    Stay on op - Ge the daily news in your inbox