MCPcopy Index your code
hub / github.com/ibnaleem/gosearch

github.com/ibnaleem/gosearch @v2.0.1 sqlite

repository ↗ · DeepWiki ↗ · release v2.0.1 ↗
101 symbols 368 edges 18 files 1 documented · 1% 5 cross-repo links
README

This project heavily relies on contributors, please see Contributing for more details.

go install github.com/ibnaleem/gosearch@latest

GitHub Actions Badge Number of websites GitHub repo size GitHub License


[!WARNING]
For your own privacy and security, never download GoSearch from anywhere other than this repository. In the future, I will publish releases with SHA256 hashes and .gpg signed binaries with my PGP key

Overview

You don't have time searching every profile with a username. Instead, you can leverage concurrency and a binary that does the work for you, and then some.

I initially wrote this project to learn Go, an upcoming programming language used for backend services. I decided to create a Sherlock clone, addressing some of its faults, limitations, and adding more features. This eventually led to a community driven OSINT tool that was praised in the OSINT letter.

GoSearch isn't limited to searching websites; it can search 900k leaked credentials from HudsonRock's Cybercrime Intelligence API, over 3.2 billion leaked credentials from ProxyNova's Combination Of Many Breaches API, and 18 billion leaked credentials from BreachDirectory.org with an API key (see Use Cases)

Installation

[!WARNING]
If you are on 32-bit architecture, please use this branch or GoSearch will fail to build. For an in-depth overview of this issue, please see #72

[!WARNING]
If you're using Windows Defender, it might mistakenly flag GoSearch as malware. Rest assured, GoSearch is not malicious; you can review the full source code yourself to verify this. For an in-depth overview of this issue, please see #90

$ go install github.com/ibnaleem/gosearch@latest

Unix:

$ gosearch -u [username]

Windows

C:\Users\Bob> gosearch.exe -u [username]

Use Cases

Ideally, it is best practice to run GoSearch with the --no-false-positives flag:

$ gosearch -u [USERNAME] --no-false-positives

This will display profiles GoSearch is confident exist on a website. GoSearch also allows you to search BreachDirectory for compromised passwords associated with a specific username. For this, you must obtain an API key and provide it with the -b flag:

$ gosearch -u [USERNAME] -b [API-KEY] --no-false-positives

If GoSearch finds password hashes, it will attempt to crack them using Weakpass. The success rate is nearly 100%, as Weakpass uses a large wordlist of common data-wells, which align with the breaches reported by BreachDirectory. Every single password hash that's been found in BreachDirectory has been cracked by Weakpass.

If you're not using BreachDirectory, GoSearch will search for breaches on HudsonRock's Cybercrime Intelligence & ProxyNova's Databases, respectively. It will also search common TLDs for any domains associated with a given username. This is done whether BreachDirectory is searched or not.

I Don't Have a Username

If you're uncertain about a person's username, you could try generating some by using urbanadventurer/username-anarchy. Note that username-anarchy can only run in Unix terminals (Mac/Linux)

$ git clone https://github.com/urbanadventurer/username-anarchy
$ cd username-anarchy
$ (username-anarchy) ./username-anarchy firstname lastname

Why GoSearch?

GoSearch is inspired by Sherlock, a popular username search tool. However, GoSearch improves upon Sherlock by addressing several of its key limitations:

  1. Sherlock is Python-based, which makes it slower compared to Go.
  2. Sherlock is outdated and lacks updates.
  3. Sherlock sometimes reports false positives as valid results.
  4. Sherlock frequently misses actual usernames, leading to false negatives.
  5. Sherlock does not search HudsonRock's Cybercrime Intelligence database
  6. Sherlock does not search ProxyNova's database
  7. Sherlock does not search BreachDirectory's database

The primary issue with Sherlock is false negatives—when a username exists on a platform but is not detected. The secondary issue is false positives, where a username is incorrectly flagged as available. GoSearch tackles these problems by colour-coding uncertain results as yellow which indicates potential false positives. This allows users to easily filter out irrelevant links.

Contributing

Please see CONTRIBUTING.md.

ibnaleem ibnaleemshelepuginivan shelepuginivanarealibusadrealiora arealibusadrealioraAtahanPoyraz AtahanPoyraz
vickychhetri vickychhetriolekukonko olekukonkoCptIdea CptIdea
anotherhadi anotherhadipaulpogoda paulpogodadependabot[bot] dependabot[bot]

LICENSE

This project is licensed under the GNU General Public License - see the LICENSE file for details.

Support

BuyMeACoffee Thanks.dev

Bitcoin

bc1qjrtyq8m7urapu7cvmvrrs6m7qkh2jpn5wqezfl

Stargazers Over Time

Stargazers over time

Core symbols most depended-on inside this repo

Println
called by 179
internal/theme/theme.go
Greenf
called by 47
internal/theme/theme.go
WriteToFile
called by 34
internal/utils/utils.go
Text
called by 17
internal/theme/theme.go
Green
called by 17
internal/theme/theme.go
String
called by 15
internal/theme/theme.go
Yellow
called by 15
internal/theme/theme.go
Redf
called by 13
internal/theme/theme.go

Shape

Function 68
Struct 27
Method 5
TypeAlias 1

Languages

Go100%

Modules by API surface

internal/theme/theme.go27 symbols
internal/modules/github/email-from-commits.go11 symbols
tests/test.go10 symbols
internal/search/search.go9 symbols
internal/utils/utils.go6 symbols
internal/modules/gravatar/gravatar.go6 symbols
internal/modules/hudsonrock/hudsonrock.go5 symbols
internal/modules/github/mutual-followers.go4 symbols
internal/modules/github/gpg-keys.go4 symbols
internal/modules/github/github.go4 symbols
internal/modules/github/ssh-keys.go3 symbols
internal/modules/github/social-accounts.go3 symbols

Dependencies from manifests, versioned

github.com/andybalholm/brotliv1.2.1 · 1×
github.com/cespare/xxhash/v2v2.3.0 · 1×
github.com/clipperhouse/displaywidthv0.10.0 · 1×
github.com/clipperhouse/uax29/v2v2.6.0 · 1×
github.com/cloudwego/base64xv0.1.5 · 1×
github.com/ibnaleem/gobreachv0.0.0-2025011620493 · 1×
github.com/inancgumus/screenv0.0.0-2019031416391 · 1×
github.com/klauspost/cpuid/v2v2.2.9 · 1×

For agents

$ claude mcp add gosearch \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact