Similar usernames generation guide

Names transform in (not) mysterious ways

Start

What do you have?

Combining primary info

rob@distilled.net
ousbey@distilled.net
robousbey@distilled.net
rob.ousbey@distilled.net
rousbey@distilled.net
...
  • My own script based on ProtOSINT combination methods:
$ python3 generate_by_real_info.py
First name: john
Last name: smith
Year of birth: 1980
Username (optional):
Zip code (optional):
johnsmith1980
smith
johnsmith80
jsmith1980
smithjohn
...
$ osrf alias_generator
Insert a name: john
Insert the first surname: smith
Insert the second surname:
Insert a year (e. g.: birthyear): 1980
Insert a city:
Insert a country:
Additional transformations to be added
--------------------------------------
Extra words to add (',' separated):Input data:
-----------
Name: john
First Surname: smith
Year: 1980
Generated nicks:[
"j.smith",
"j.smith.1980",
"j.smith.80",
"j_smith",
...
Up to 41 nicks generated.
Writing the results onto the file:
./output.txt

Primary info mining

  • BehindTheName — excellent site about names. There are common name variants, diminutives (very useful for personal logins), and other languages alternatives.
BehindTheName ‘alexandr’ check results
$ python3 behind_the_names.py john diminutives
Johnie
Johnnie
Johnny
  • WeRelate — Variant names project, a comprehensive database of name variants with the ability to search. Gives much more results than BehindTheNames, but there are also many irrelevant results. Also, see GitHub repo with project data.
WeRelate ‘aleksandr’ check results

Username transformations

$ python3 transform_username.py --username soxoj rules/printable-leetspeak.rule
soxoj
s0xoj
5ox0j
50xoj
...
  • printable-leetspeak.rule - common leetspeak transformations such as e => 3, a => 4, etc.
  • printable-leetspeak-two-ways.rule - the same conversions from letters to numbers, but also vice versa
  • impersonation.rule - common mutations used by scammers-impersonators such as l => I, O => 0, etc.
  • additions.rule - common additions to the username: underscores and numbers
  • toggle-letter-case.rule - changing case of letters, what is needed not so often, but maybe useful
  • add_email.rule - custom rule to add mail domain after usernames
$ cat usernames.txt
john
jack
$ python3 transform_username.py rules/impersonation.rule --username-list soxoj
jack
iack
john
iohn
$ python3 transform_username.py rules/printable-leetspeak.rule --username soxoj | python3 transform_username.py rules/impersonation.rule  -I
s0xOj
sOx0j
5OxOi
soxOj
sox0i
...

Addition of mail domain

$ python3 transform_username.py rules/printable-leetspeak.rule --username soxoj | python3 transform_username.py rules/add_email.rule --remove-known -I
soxoj@protonmail.com
sox0j@protonmail.com
s0x0j@protonmail.com
50x0j@protonmail.com
...

Conclusion

--

--

--

Make OSINT tools. https://github.com/soxoj

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to convert an HTML String to PDF in Python

Ansible playbook that enables docker and html code that expose to public.

The Architect, The Starter, and The Closer

Yes, I copied from this https://ghostbin.com/bTeI4/raw (there are 418 lines).

What is API Management and What are the different phases in API Lifecycle?

API Lifecycle

Realtime Streaming Data Pipeline On Azure Cloud Platform

Managing config file using configparser

Your Linux Setup: A Guide to Distro-hopping

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Soxoj

Soxoj

Make OSINT tools. https://github.com/soxoj

More from Medium

Open-Source Intelligence (OSINT) Reconnaissance

Wireshark Forensics Plugin | Live Traffic Analysis & Forensic Analysis

Log4j Exploitation Walkthrough(CVE-2021–44228) — INE Labs

Ngrok for Penetration Tester’s