Sherlock
Find social media accounts by username across 400+ platforms. Command-line OSINT.
What should journalists know about Sherlock?
Sherlock checks a username against 400+ social media sites and returns matching profile URLs. It runs locally — your queries never touch a Sherlock server, which matters when you don't want to alert a target. The tool is fast and simple: one username in, a list of URLs out. But accuracy is the real issue. A December 2024 deep dive found 32% of detected accounts were false positives (pages that existed but had no real profile), and another 44% were valid accounts belonging to someone else entirely. That means roughly three-quarters of raw results are noise. Maigret, a Sherlock fork, searches 3,000+ sites (vs. Sherlock's 400+), parses profile pages for personal info, and supports recursive searches — it's the stronger tool for serious investigations. Sherlock remains useful as a quick first pass, but treat every result as unverified until you click through.
Quick username enumeration across 400+ platforms. First-pass OSINT to see where a username appears. Building a starting list for deeper manual investigation.
Real-name searches (username-only matching). Verified identity confirmation — a matching username doesn't mean the same person. Monitoring accounts over time (one-shot scan only). Investigations requiring accuracy without manual verification. High-confidence attribution.
Security & Privacy
Data is scrambled while being sent to their servers
Data is scrambled when stored on their servers
Where servers are located — affects which governments can request your data
Privacy policy summary
No server component. No data collection by Sherlock's developers. Your searches are visible to every platform queried — each site receives an HTTP request checking for the username. Some platforms log these lookups. Rate limiting or IP blocking is possible if you query aggressively.
How to protect yourself:
Run through a VPN or Tor to mask your IP from target platforms (though --tor is deprecated in v0.16.0 — use an external Tor proxy). Reduce thread count to avoid rate limiting and false positives from blocked requests. Manually verify every result — expect 30-50% false positive rates on common usernames. Cross-reference with Maigret or WhatsMyName for better coverage and accuracy. Use --site flags to limit scope when you know which platforms matter. Output to CSV or XLSX for structured review.
Open-source, runs locally, no data collection. The operational security concern is real: every platform you query sees your IP address and the username you're searching. Some platforms log lookup attempts. Since v0.16.0, built-in Tor support is deprecated — you need an external proxy for anonymity. The tool itself is trustworthy; the risk is in how you use it and whether targets or platforms detect your enumeration activity.
Who Owns This
Known issues
False positive rate is high — a December 2024 analysis found 32.3% of detected accounts didn't actually exist, and 44.1% belonged to different people. The project has removed 124+ sites historically due to persistent false positives. Sherlock doesn't detect platform censorship or geo-blocking — a blocked page can register as a confirmed account. --tor and --unique-tor flags are deprecated in v0.16.0. Aggressive thread counts cause rate limiting and additional false positives. Facebook, Discord, and many dating apps block automated enumeration entirely, so coverage on those platforms is zero. No profile parsing — Sherlock only confirms URL existence, unlike Maigret which extracts names, bios, and linked accounts. Site list requires constant maintenance as platforms change their page structures.
Pricing
Free
This is an editorial assessment based on publicly available information as of 2026-04-02, using our published methodology. Independent security review is pending. Security posture can change at any time. This is not a guarantee of safety.
Something wrong or outdated? Report it.