[HN Gopher] Show HN: I built an app that scans every social medi...
___________________________________________________________________
Show HN: I built an app that scans every social media network for
your username
Author : Ostatnigrosh
Score : 101 points
Date : 2022-11-23 18:05 UTC (4 hours ago)
(HTM) web link (www.handlefinder.com)
(TXT) w3m dump (www.handlefinder.com)
| moneywoes wrote:
| Seems the HN one doesn't work
| tomrod wrote:
| Indeed. On that and a lot of sites I get false positives. Old
| usernames that I used (and pretty sure no one else did) on
| sites I've never visited.
| serjester wrote:
| Why use React for something this light? People wants to use a
| frontend frameworks for everything now, I miss 1998. Just
| kidding, great work! Way more accessibly to the average person
| than the Sherlock CLI.
|
| Also you have two requiments.txt's FYI.
| jfk13 wrote:
| A bunch of the occurrences it "finds" appear to be false
| positives, as far as I can tell.
| someweirdperson wrote:
| I am using an un-pronouncible combination of 4 characters in some
| games. Never could not get it anywhere I wanted it. Was surprised
| to see it found on 60 sites, none of them me.
|
| My username here is found on only 50, the other 49 not me.
|
| It might be a useful tool to pre-check names before creating
| accounts for someone who wants a consistent name everywhere.
| dingdongdaddy wrote:
| you made a web frontend for Sherlock LMAO
| xeromal wrote:
| Be warned people. You might find accounts you don't remember
| making. lmao
|
| A trip down memory lane.
| JacobThreeThree wrote:
| The only username you should use more than once is your real
| name.
| timeon wrote:
| You shouldn't use your real name on the internet.
| bombcar wrote:
| Or use someone else's real name. Like Abraham Lincoln's.
| someweirdperson wrote:
| For most people it doesn't matter much because there is
| many dupes.
|
| Mine seems to be unique, which is a little scary.
| xeromal wrote:
| I was 12-18 years old so I wasn't really thinking that way.
| Jerrrry wrote:
| um, many people enjoy having a persistent online alter-ego,
| and some annoying people like to claim others when a service
| launches, just to be a dick.
| someweirdperson wrote:
| False positive bug list. These always return a match even if
| there is none:
|
| Archive of Our Own
|
| Dribbble
|
| Enjin
|
| Fiverr
|
| HackerNews
|
| Instagram
|
| Quizlet
|
| Smule
|
| We Heart It
|
| livelib
| s1mon wrote:
| I put in a <somewhat random mashing of the keyboard> userid. I
| got a shorter list, but clearly this is an issue.
|
| [ ! ] Checking username q349t8y on:
|
| [ + ] Enjin: Enjin
|
| [ + ] Fiverr: Fiverr
|
| [ + ] HackerNews: HackerNews
|
| [ + ] Instagram: Instagram
|
| [ + ] Quizlet: Quizlet
|
| [ + ] Smule: Smule
|
| [ + ] livelib: livelib
|
| [ X ] End Results: 7
| Ostatnigrosh wrote:
| I found myself scrolling through Github's "trending" repos,
| looking for some coding inspiration. Within the next hour, I
| stumbled across something called The Sherlock Project.
| Interesting, It had over 35k stars, must be pretty popular.
|
| I quickly cloned the repo and started toying around with it. It
| didn't take me long to realize the power of this tool. All I had
| to do was insert a username, and voila! I was looking at every
| social media website that was associated with the username. Not
| only that but direct links to the accounts.
|
| I immediately wanted to turn this into a web app so that everyone
| could use it. My first challenge was that this was a CLI tool, so
| I got to work. The Sherlock project makes about 400 requests to
| various site s to check if your username exists. This was going
| to be tough... I noticed they were using requests.FutureSession
| to multithread the result.
|
| I decided to use a multithreaded Web-socket to continuously
| report out data to the frontend. After ALOT of trial and error I
| finally got something working. The Issue now though was that it
| wouldn't run in production due to a multiprocessing error:
| Daemonic processes are not allowed to have children.
|
| Eventually I learned that you cant use the standard
| multiprocessing library for this kind of thing, you had to use
| billiard. Bam! It worked. I quickly hacked together a simple
| frontend, configured the web socket, and results were pouring in.
|
| Turns out, the web-socket is considered a "long running request"
| as it makes 400 external requests. Maybe I could use celery to
| offload this process to a worker and queue it up. I started
| working on it and realized this was a little out of my skill
| range.
|
| I then decided to take a look at the logs where I hosted the code
| and what do i find? CPU, Memory, and bandwidth all reaching a
| staggering 100% usage. I was using the free tier of Render that
| only allowed for one instance of my app...duh. I did some rework
| of my codebase and it started running a little faster.
|
| Needless to say, I learned to take it slow, build tests for my
| code, and be patient with results.
|
| What do you guys think? Any hard lessons learned in coding? What
| were your takeaways?
|
| Here is also a link to the repo:
| https://github.com/bnkc/handlefinder
| rkagerer wrote:
| You need a privacy policy (or at least a one-liner statement)
| that gives potential users some assurance you aren't harvesting
| their username / IP / etc or the results for some other purpose
| or piping it to advertisers.
| Ostatnigrosh wrote:
| Havent really thought of that. Ill take a look
| A4ET8a8uTh0 wrote:
| Yep. The wrap around the tool is neat and looks well done
| based on what I could see, but I hesitated based just that
| consideration.
|
| edit: I thought I should make my feedback less generic. In
| this case, by neat I mean: no fluff, no useless stuff on the
| landing page, straight to the point. I appreciate that.
| mattl wrote:
| I think it would be useful to show the networks that the
| username cannot be found on.
| Ostatnigrosh wrote:
| Thats a good thought. I was considering it but was worried
| about "cluttering" the site
| bombcar wrote:
| Could be useful for people who like to "claim" their common
| handle.
| veb wrote:
| what I find annoying is that (other than HN) most places
| won't let you claim your username if the person has
| signed up, yet never posted over years (or even logged
| in) and places where an account was deleted.
|
| when I signed up to HN, I had a different username. I
| reached out to admins and they looked at the other
| account that had been created but they let me have it
| because the person hadn't logged in since. Oh! I think
| GitHub did as well. (shit, I wonder if I have mixed up
| GitHub and HN... I'm pretty sure they're the two that did
| actually let me have my handle... :x)
| mattl wrote:
| That sounds like a bad idea.
|
| Why would it be a good idea to recycle usernames like
| that?
| williamscales wrote:
| Because some people sign up for a site early and then
| never use it. I can't get my desired handle on a
| particular social network because some dude registered 15
| years ago, posted one item, and then never used it again.
|
| I mean, obviously I'll live but it's a silly situation.
| xwdv wrote:
| Because overtime we can wear down the idea that a public
| facing username is some kind of unique identifier.
| mattl wrote:
| Do you have any alternative solution in mind? ICQ
| numbers?
| xwdv wrote:
| Content
| bombcar wrote:
| Same reason we recycle domains.
| mattl wrote:
| Which is a bad idea also. We should have some domain name
| space which we let people register forever.
| bombcar wrote:
| That results in the clownpenis.fart problem.
| TheTaytay wrote:
| I echo this request. It was my expectation actually!
|
| I searched for my username and was shocked it was used on
| literally every website you checked. Then I tried a less
| common variant and was similarly shocked, until I realized
| that you were showing me fewer websites the second time
| around. Only then did I realize you only showed me sites
| where it was already claimed...
| NaturalPhallacy wrote:
| I got a false positive on runescape, fiverr, and tiktok for my
| username (not this one).
| smcl wrote:
| Reminds me of this, which popped up recently here:
| https://github.com/soxoj/maigret
| sph wrote:
| Add "Show HN:" to the title to have more time in the spotlight,
| since you built this.
| Ostatnigrosh wrote:
| Good idea!
| [deleted]
| [deleted]
| oriettaxx wrote:
| great, it works (with some false-positive, like Enjin for
| example).
|
| A warning: an account could be suspended (since many still cannot
| let you remove it), and by logging in again you end up re-
| activating.
|
| just be aware
| deadalus wrote:
| This tool is very fast! I used it to find my crush's social
| profiles and it worked well.
| Ostatnigrosh wrote:
| haha thats one way to use this thing
| [deleted]
| [deleted]
| s1mon wrote:
| Some people are liking the UI here, but it wasn't clear to me at
| first that a [+] meant the username was used on that site. In my
| mind, it could just as easily mean that it's available on that
| site (that could be a _positive_ result if you 're looking for
| places to sign up with a name). This should be made more clear.
|
| It would be interesting if you could toggle on the not-found list
| as part of the results. If you get a big positive list, but you'd
| like to find the sites where the username is not in use yet,
| there's no quick way to get that info. (Yes you could scrape both
| lists and use some simple command line scripts to get those
| results, but it's such a simple thing to add to this tool)
| [deleted]
| avgDev wrote:
| Great tool I used it to find all social accounts of my ex.
| Anyway, got to go as I am outside her house and don't want to
| miss her leaving for work.
|
| /s if it wasn't obvious.
|
| Cool tool.
| culi wrote:
| good reminder for why you shouldn't use the same username
| everywhere unless you intend to have an online presence
|
| Personally I have a specific scheme I follow w my more private
| usernames. Basically the same username but depending on the
| website it has a predictable alteration to it so I get
| different usernames for different sites but don't have to
| remember them all
|
| Then I have a different username (well, a couple) I use for
| sites where I don't mind having a public presence that can be
| tied back together
| nop_slide wrote:
| You should also mention you are using Sherlock as the underlying
| backend which does that actual searching as you did in this post.
|
| https://old.reddit.com/r/Python/comments/z1ts1n/i_built_an_a...
|
| Sherlock uses MIT license and you still haven't added MIT license
| to your repo.
|
| https://github.com/sherlock-project/sherlock
|
| https://github.com/bnkc/handlefinder
|
| With that said, I like the look of the UI you put on top, great
| work!
|
| Edit: As others have pointed out, the author doesn't need to make
| their creation MIT as well. I misunderstood the license
| agreement. They just have to include the notice of the
| dependencies somewhere. TIL.
| Ostatnigrosh wrote:
| Hey! Just added the MIT license.
| nop_slide wrote:
| Apologies if I misread the license attribution, didn't want
| to take away from the work you did but also wanted to make
| sure credit was given.
|
| Cheers
| echelon wrote:
| The MIT license isn't infectious! You might have just told the
| author to give up their rights.
|
| They're well within their rights to release their software as
| MIT or whatever, but they should make that decision on their
| own or as reflection upon the proper arguments from the
| community.
| nnoitra wrote:
| Kiro wrote:
| They don't need to add the MIT license. They only need to
| include the notice somewhere.
| nop_slide wrote:
| Yep, my misunderstanding.
| mtmail wrote:
| OP did right after posting:
| https://news.ycombinator.com/item?id=33722495 Almost the same
| text as on reddit.
|
| Second sentence in the README file on github is "This app is a
| wrapper around The Sherlock Project" (last edited 5h before
| posting) and second sentence in the UI is "This project is a
| wrapper around the Sherlock Project."
| high_pathetic wrote:
| And that's why I prefer making a username per site I use. No need
| to connect the dots, no need for this tool, except for spying on
| a person.
___________________________________________________________________
(page generated 2022-11-23 23:00 UTC)