Listen to this Post
Introduction:
In the world of Open Source Intelligence (OSINT), the ability to transform a simple name into a comprehensive digital footprint is a game-changer for security researchers, investigators, and red teams alike. NAMINT by SEINTPL represents a critical advancement in this space—a lightweight JavaScript tool that systematically generates plausible username permutations and login patterns from first, middle, and last names, feeding directly into username search tools for rapid account discovery across hundreds of platforms. When combined with a robust OSINT toolkit, this approach enables investigators to map an individual’s entire online presence in minutes rather than hours.
Learning Objectives:
- Master the name-to-username permutation workflow using NAMINT and understand how to integrate it with username discovery tools
- Learn to deploy and configure major OSINT username search tools including Sherlock, Maigret, and WhatsMyName across Linux and Windows environments
- Develop a complete OSINT investigation pipeline from name input to comprehensive digital footprint analysis with practical command-line implementations
1. NAMINT: The Name Permutation Engine
NAMINT (Name Intelligence) is a simple yet powerful JavaScript tool that automates the generation of naming permutations. By inputting a first name, optional middle name, and surname, NAMINT produces dozens of likely username combinations and login patterns that individuals commonly use across platforms. The tool supports both web-based interaction through its GitHub Pages interface (https://seintpl.github.io/NAMINT/) and browser extension formats for Firefox and Chrome.
Step-by-Step Guide: Using NAMINT for Name Permutation
- Access the Tool: Navigate to https://seintpl.github.io/NAMINT/ in your browser.
-
Input Name Data: Enter the target’s first name, optional nickname, and surname into the respective fields.
-
Generate Permutations: The tool automatically generates possible login patterns including:
– FirstName.LastName
– FirstInitial.LastName
– FirstName_LastName
– FirstNameLastName
– Nickname variations
– Common username patterns based on the input
- Export and Feed Forward: Copy the generated username list and feed it into username discovery tools like Sherlock, Maigret, or WhatsMyName.
-
Browser Extension Option: Install the NAMINT quicksearch extension for Firefox or Chrome to enable right-click name searches directly from any webpage.
-
Deploying Username Discovery Tools: Sherlock, Maigret, and WhatsMyName
Once NAMINT generates potential usernames, the next phase involves checking these handles across hundreds of platforms. Three tools dominate this space: Sherlock (~400+ sites), Maigret (~3,000+ sites), and WhatsMyName (~1,000+ sites).
Step-by-Step Guide: Installing and Running Username Discovery Tools
On Kali Linux (Recommended):
Update package lists sudo apt update Install Sherlock sudo apt install sherlock Verify installation sherlock --version Maigret installation via pip pip install maigret Verify Maigret maigret --help
On Ubuntu/Debian:
Sherlock via pip pip install sherlock-project Or clone from GitHub git clone https://github.com/sherlock-project/sherlock.git cd sherlock pip install -r requirements.txt Maigret via pip pip install maigret
On Windows (PowerShell):
Ensure Python 3.10+ is installed python --version Install Sherlock pip install sherlock-project Install Maigret pip install maigret For standalone Maigret, download maigret_standalone.exe from Releases Double-click to run - Maigret will prompt for a username
Basic Usage Examples:
Sherlock - single username search sherlock johndoe Sherlock - multiple usernames from file sherlock --list usernames.txt Sherlock - output to CSV sherlock johndoe --csv Maigret - single username with full dossier maigret johndoe Maigret - limit to top 100 sites for speed maigret johndoe --top 100 Maigret - export to JSON maigret johndoe --json
WhatsMyName Web Interface:
Access https://whatsmyname.app in any browser, enter a username, and receive results across 1,000+ platforms instantly.
3. Advanced OSINT Toolkit Integration
Modern OSINT investigations require more than isolated tools. Comprehensive toolkits like osint-mcp bundle 29 investigation tools across entity intelligence, event intelligence, and social/community intelligence domains. These toolkits integrate name permutation, username discovery, email enumeration, breach detection, and AI-driven analysis into unified workflows.
Step-by-Step Guide: Building a Complete OSINT Pipeline
1. Name to Username (NAMINT): Generate username permutations.
2. Username Discovery (Sherlock/Maigret): Check permutations across platforms.
- Email Enumeration (theHarvester/Holehe): Discover email addresses associated with found usernames.
Install theHarvester sudo apt install theharvester Email enumeration by domain theharvester -d example.com -b google Install holehe pip install holehe Check email registrations holehe [email protected]
- Breach Checking (HaveIBeenPwned): Verify if discovered emails appear in known data breaches.
Using haveibeenpwned API (requires API key) curl -X GET "https://haveibeenpwned.com/api/v3/breachedaccount/johndoe%40example.com" \ -H "hibp-api-key: YOUR_API_KEY"
5. Automated OSINT with osint-mcp:
Clone and set up osint-mcp git clone https://github.com/snuri00/osint-mcp.git cd osint-mcp Run username search python -m osint_mcp search_username --target johndoe Run email search python -m osint_mcp search_email --target [email protected]
4. Email Permutation and Corporate Targeting
For corporate OSINT investigations, email permutation tools generate plausible corporate email addresses based on naming conventions. Tools like MottaHunter combine scraping, validation, and permutation generation.
Step-by-Step Guide: Corporate Email Discovery
1. Install MottaHunter:
git clone https://github.com/MottaSec/MottaHunter.git cd MottaHunter pip install -r requirements.txt
2. Scrape Employee Names:
python motta_hunter.py scrape --company "example" --source linkedin
3. Generate Email Permutations:
python motta_hunter.py generate --firstnames names.txt --domain example.com
4. Validate Discovered Emails:
python motta_hunter.py validate --emails emails.txt
5. Google Dorking for Enhanced Discovery
Google Dorks enable precise searches that uncover information not easily accessible through standard search queries. Tools like DorkER automate dork generation for OSINT investigations.
Essential Google Dorks for OSINT:
Find username mentions "johndoe" site:github.com "johndoe" site:reddit.com Find email addresses "@example.com" filetype:pdf "[email protected]" intext Find exposed documents site:example.com "confidential" filetype:pdf site:example.com "password" filetype:xlsx LinkedIn profile discovery site:linkedin.com/in "John Doe" "Software Engineer" Find subdomains site:.example.com -www
Automated Dork Generation with DorkER:
git clone https://github.com/BreaGG/DorkER.git cd DorkER python dorker.py --target "John Doe" --category email python dorker.py --target "example.com" --category domain
6. API-Based OSINT Automation
For scalable investigations, API-based approaches enable programmatic username and email discovery. The Apify platform provides serverless execution of Sherlock, Maigret, and other OSINT tools with pay-per-result pricing.
Python Script for Automated OSINT:
from apify_client import ApifyClient
Initialize Apify client
client = ApifyClient("YOUR_API_KEY")
Run Maigret username search
run_input = {
"usernames": ["johndoe", "john_doe", "jdoe"],
"topSites": 100,
}
run = client.actor("bovi/maigret-username-osint").call(run_input=run_input)
Process results
for item in client.dataset(run["defaultDatasetId"]).iterate_items():
print(f"Username: {item['username']}")
print(f"Site: {item['site_name']}")
print(f"Profile: {item['profile_url']}")
What Undercode Say:
- The Name-to-Footprint Pipeline is Critical: NAMINT’s ability to generate naming permutations from basic personal information transforms vague name intelligence into actionable search queries. This single step, when combined with tools like Sherlock and Maigret, reduces investigation time from hours to minutes.
-
Tool Layering Produces Superior Results: No single OSINT tool provides complete coverage. NAMINT generates the leads, Sherlock and Maigret verify platform presence, theHarvester and holehe discover email associations, and breach databases confirm exposure. This layered approach builds comprehensive digital dossiers that individual tools cannot achieve alone.
-
Command-Line Proficiency is Non-1egotiable: While web interfaces exist for most tools, CLI implementations offer superior control, scripting capabilities, and batch processing. Investigators who master the command line can automate entire workflows and process hundreds of targets simultaneously.
-
Ethical Boundaries Must Be Respected: All OSINT activities must comply with applicable laws including GDPR, CCPA, and platform terms of service. Tools should only be used for authorized security research, personal digital footprint auditing, or legitimate investigative purposes.
-
AI Integration Is Reshaping OSINT: Modern toolkits increasingly incorporate AI agents for autonomous identity triangulation, cognitive profiling, and breach analysis. The future of OSINT lies in AI-driven correlation engines that connect disparate data points automatically.
Prediction:
-P AI-Powered OSINT Will Democratize Investigations: Agentic OSINT platforms like osint-mcp and OSINT-D2 will make sophisticated intelligence gathering accessible to smaller teams and individual researchers, lowering the barrier to entry for security investigations.
-P Real-Time Breach Integration Will Become Standard: Tools that integrate HaveIBeenPwned and other breach databases directly into username discovery workflows will dominate the market, enabling instant risk assessment during investigations.
-P Browser-Based OSINT Suites Will Gain Traction: Extensions like IntelHub that bundle reverse image search, Telegram profiling, Google Dorking, and facial recognition into single interfaces will become the preferred workflow for many investigators.
-1 Privacy Concerns Will Intensify: As OSINT tools become more powerful and accessible, public backlash and regulatory scrutiny will increase, potentially leading to stricter access controls or the shutdown of certain discovery services.
-1 False Positives and Data Quality Remain Challenges: Despite algorithmic improvements, OSINT tools still generate false positives. Investigators must maintain rigorous verification processes to avoid acting on incorrect intelligence.
-P Corporate OSINT Will Expand Rapidly: Organizations will increasingly adopt OSINT toolkits for attack surface management, third-party risk assessment, and continuous exposure monitoring as attackers continue to leverage these same techniques.
▶️ Related Video (76% Match):
🎯Let’s Practice For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
IT/Security Reporter URL:
Reported By: Turn A – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
