Masto provides information/intelligence on Mastodon.social users and fediverse instances (servers).
Masto OSINT Tool helps to:
- Find user ID
- Find exact username match across instances (the tool currently pulls many accounts with the username
OSINT
, whereas the mastodon.social (browser search bar) returns one result, as well as returning unreliable results, such as accounts that only start withosint
- Find all accounts belonging to a user without logging in to Mastodon (Mastodon requires users to log in and after 5 results you get:
401 Search queries pagination is not supported without authentication
- Find username correlation (can't be found by browser)
- Check if the user is a bot
- Check if the account is a group
- Check if the account is locked
- Check if the user opted to be listed on the profile directory
- Get avatar link with an additional choice of opening the avatar within your browser
- Get profile creation date
- Get number of followers & following
- Get number of posts
- Get user last status date
- Get user's bio
This is a nice feature, if you type social.network.europa.eu
on Mastodon.social , you won't get a result as the instance is set to not discoverable
.
This function helps to:
- Get information on an instance
- Get instance Admin ID
- Get instance email
- Get a short description
- Get server thumbnail link
- Get instance creation date
- Get instance language used
- Get instance admin count of followers and following
- Get instance admin last status date
- Get header image link and avatar link
- Get instance display name
- Get admin url
- Get admin avatar
- Check if instance admin account is locked
- Check if registration is required and if the admin needs to approve the request
- Check if the admin is a bot
git clone https://github.com/C3n7ral051nt4g3ncy/Masto
cd Masto
pip3 install -r requirements.txt
-
Help:
python3 masto.py -h
-
Searching for a user
python3 masto.py -u {username}
-
Searching for an instance
python3 masto.py -i {instance}
Use case 1 | Searching for a user and bypassing the profile directory opt-out |
---|
- Tried searching via browser both terms
Webbreacher
and@Webbreacher
1 result -->@[email protected]
- Searched
Webbreacher
on Masto: 3 results --> ✅ 3 accounts found - On the
counter.social
profile,@Webbreacher's
settings are --> user opted to be on the profile directory =False
, this is why the browser search didn't find the counter.social profile!
🪄 Masto successful outcome: Masto found all 3 accounts.
Use case 2 | Searching without getting a 401 error |
---|
- Many people don't want an account on Mastodon, and if you don't have an account, you can search on Mastodon, but you will only get 5 results.
- Clicking on
load more
will give you a 401 error and request for the user to log in.
🪄 Masto successful outcome: You can use Masto without logging in to Mastodon, you won't get a 401 error.
Use case 3 | Getting information on locked instances: |
---|
- Tried searching for the instance 0sint.social, there isn't much information via a browser search because it's locked.
🪄 Masto successful outcome: Masto found more information on the instance and on the admin, including email address.
Use case 4 | Conducted a username search for Defcon: |
---|
- Conducted a search with Masto for the username
defcon
, the Mastodon API returned 2 user accounts.
🪄 Masto successful outcome: Masto OSINT Tool picked up after the initial API search by doing a full scan and found 4 accounts.
The same username can be found across different instances(servers):
- example:
@[email protected]
|@[email protected]
|@[email protected]
- Finding the same username on different instances does not prove it's the same person behind each account.
- Each instance can only have one unique username in the server. Tip: verify your account with the
<a rel="me"
attribute which confirms you are behind the account, and will help avoid or detect impersonators.
- For a username test, try:
python3 masto.py -u Gargron
, the founder of Mastodon.social, this pulls a wopping 11 accounts!!! (keep in mind that the same username doesn't prove the 11 accounts belong to @Gargron {Gargron is the Mastodon Dev}). - For an instance test, try:
python3 masto.py -i social.network.europa.eu
- You may know of a valid user & have the link to the user's profile, you input the username on Masto but get no result.
- I asked the Mastodon Team about this api issue, they replied:
There is no global search, the server will reply with what it knows about. If it has not encountered the account, it will not return it in search results.
- 🟢 Masto v2.0 fixes this, the scan of Masto's own json instances list comes in support of Mastodon's API and picks up on things the API missed.
- v2.0 is 100% reliable if the server is listed in the Masto
fediverse_instances.json
file. - This fix is thanks to @Webbreacher who suggested this feature.
-
Featured on the UK OSINT website. UK OSINT is headed by Neil Smith, a true OSINT legend who has been using the internet as an investigative tool for well over 20 years.
-
Featured in Week in OSINT
#2022-45
by @Sector035 -
Featured in the OSINT Stuff Tool Collection by @cipher387
-
Mentionned by @DailyOsint
-
Mentionned by @Treadstone71
-
Mentionned in this Secjuice investigation
-
Mentionned in MAG'OSINT March 2023 Issue
Huge thanks to @EduardSchwarzkopf for all his contributions to Masto OSINT Tool.
Thanks to @Webbreacher for his input, help and ideas. I learn a great deal from him, and he is a great instructor & inspiring person.
Thanks to sthierolf for contributing
Thanks to @Roman-Kasianenko for his help.
MIT License
Tool made for the OSINT and Cyber community, feel free to contribute code
.