OSINT Workflow Wednesday - Creating OSINT Bookmarklets
5 min read

OSINT Workflow Wednesday - Creating OSINT Bookmarklets

OSINT Workflow Wednesday - Creating OSINT Bookmarklets

Another week, another workflow. This week we’ll take a look at how to build a basic bookmarklet to automate OSINT searches using javascript. This guide will show you the basics and give you the framework to build a more sophisticated tool with more functionality. Let's get started.

For writing basic javascript, I recommend using the text editor Atom. This is just a personal preference as it's very lightweight and it's free. This guide will, however, work with any text editor.

Step 1: Create an option for input

Start a new javascript file and create a variable to accept input for usernames. This will create a prompt when you click the bookmarklet which we'll use to automate our process.

var username = prompt("Enter a username: ");

The result should look something like this.

Example of a prompt in javascript

In order to test this as you go, you can simply open your browser, head on over to your developer tools, navigate to the Console tab, and enter your javascript there.

Testing your prompt variable in console

To learn more about creating variables with javascript, check out this source. If you want to learn about built in functions like prompt(), check out this source.

Step 2: Plug that username into a URL

For this example, we're going to create a bookmarklet for Facebook. To start, create a variable called fb and add the Facebook URL, including https://, as the value and append the username variable you created in Step 1 to the end of it. It should look something like this.

var fb = "https://facebook.com" + username;

We can test this the same way we tested the username variable in Step 1, in the console.

Testing the fb variable

We added the console.log(fb) to the end just so we can get a record of the output after appending the username variable to facebook.com. If all goes well, it should look something like this.

Output of the test of the fb variable


Step 3: Open the URL in a New Tab

Next, we’ll use a basic function that’s built into javascript called window. We want to OPEN that URL in a new tab after the username is input which can be done by adding the "_blank" argument like:

window.open(fb, "_blank");

We can test this, again, in the console. It should look something like this.

Testing the window function in console

If the test goes well, you'll find that the desired Facebook profile is now opened in a new tab. Now, it's time to convert that into a bookmarklet.

Step 4: Minify your JavaScript

Before we turn our script into a bookmarklet, we have to format the javascript in a way that is compatible for bookmarklets. In order to make your script compatible, you have to minify your code. To minify your javascript, or make it one line, head on over to the JavaScript Minifier’s website. They will do the task for you for free.

JavaScript Minifier
Online JavaScript Minifier/Compressor. Free! Provides an API. Simple Quick and Fast.

The end result should look something like this:

var username=prompt("Enter a username: "),fb="https://facebook.com/"+username;window.open(fb,"_blank");

We're still not ready to make this a bookmarklet. Now that the code is compatible, we have to format it correctly in the next step.

Step 5: Create the Bookmarklet

There’s a formula to create a bookmarklet that's pretty simple but I found a site called MrColes that does it for you. Simply copy and paste the minified #javascript into this site and drag and drop the bookmarklet to your bookmarks bar.

Bookmarklet Creator with Script Includer
A simple web based tool to convert JavaScript into a bookmarklet and optionally include external scripts, like jQuery. There is an automated demo included at the bottom of the page.

If you prefer to do it manually, here's the formula for creating a bookmarklet:

javascript:(function(){ [...your code here...] })();

If you do this manually, rather than the drag and drop method at MrColes, simply go to your bookmark manager, add a new bookmark and place the javascript into the URL field, name it whatever you want, and add it to your bookmark list. It should work the same as the MrColes method.

Step 6: Add more Functionality

You can add additional variables for checking multiple websites and add additional functions to open those websites with one motion. You can also add Google search URLs to automate Google Dorking. The possibilities are endless. Here's an example of a very complex and robust bookmarklet for expanding all comments and replies on Facebook.

Jens Farley’s Facebook Bookmarklets

Step 7: Share your Project

Most bookmarklets are very basic; however, they allow you to automate what would typically be a manual process. The biggest issue I see is not that I don't have enough bookmarklets, but that I have too many. If you're trying to get into the world of making OSINT tools, creating bookmarklets is a great place to start. It teaches you the foundations of javascript and will even allow you to graduate to building browser extensions. Once you're familiar with javascript, you can pivot to Python if you don't know it already and build even more tools!

Once you have something that's actually valuable in your own workflow, make sure to share it with the rest of the OSINT community. Check out this collection of bookmarklets I've been working on with @BOsintBlanc. It's a great place to start when thinking about ideas for your next tool.

B0sintBlanc/Osint-Bookmarklets
This is a place for all things OSINT & Bookmarklets! - B0sintBlanc/Osint-Bookmarklets

Thanks for reading. If you enjoyed this post, make sure to subscribe. A new one just like this will be posted every Wednesday at 6:00 PM UTC-5:00.

Enjoying these posts? Subscribe for more