The “Mega” Sock Puppet Tutorial for OSINT researchers

Oguzhan Ozturk
6 min readAug 8, 2021

What’s SockPuppet Account?

Basically, a sock puppet is an alternative profile usually, a social media profile, which you create intending to gather open-source information, with the restriction that this profile will not link back directly to your original account.

Purpose of Sock puppets.

Sock puppets can be used in various different ways-

  1. Investigators can use the sock accounts to collect information and do research o some cases.
  2. Hackers can use sock accounts to do social engineering on the target to collect the information.
  3. Detective can use these type of accounts to collect information and to know the nature of someone related to their cases.

Basically, sock accounts are used to collect information or to look into someone without letting them know. Anyone can use it in any way they like.

What are the Sock Puppet Functions?

Sock puppets have two significant roles: utility and security.

Utility

Creating a specific social networking profile for the sake of collecting information makes logic from a utility perspective. Either you are aiming to befriend anyone on LinkedIn, seek to friend anyone on Facebook, or follow someone on their personal Instagram profile, you may want to make a more appealing profile to the individual or company you’re investigating. So, from a utility point, creating a new identity for the sake of your investigation is a no-brainer.

Security

Sock puppets are also handy from a security perspective. Making up an alternative profile that does not explicitly link back to you is just neat OPSEC. If you are investigating an individual or organization, you likely do not want them to realize who you are or that you’re probing into something. During investigations, sock puppet offers anonymity as well as OPSEC to both the investigator and the victim.

Let’s create our Sock puppet

If you adopt this step-by-step method to produce sock puppets, you’ll not only be able to make your profiles now, but you’ll also understand to make them in the long run.

Of course you can be any person but try to be a female person, because female accounts gets attraction soon. https://www.elfqrin.com/fakeid.php You can also use the elfqrin(above link) to create a fake user with lots of details.

  • Now we have a name and every information of the fake person.
  • Photo
    - This Person Does Not Exist can help with this
  • Banner
    - Image search for a generic banner your persona would likely use
    - e.g. If ‘you’ are a 25-year old recruiter in the U.S., image search ‘motivational quote banner’ and download one

Use a Password Manager

As you create new accounts you’ll have to enter a lot of details about ‘you’. Your name, passwords, phone numbers, date of birth, security questions, etc. Free and open-source password managers like Bitwarden (cloud-hosted) or KeePassXC (locally hosted) can be a great way to keep track of it all.

Email Address

You can use any mail provider to create an email address make sure not to use your IP address while doing this.

Email providers

  1. Proton Mail
  2. Mail.com

Make sure you don’t use an existing email address.

Now we have an email address.

Get a ‘Burner’ Phone

Burner means to use and through or a phone that is not connected to you in any way. A hone or a sim card that you will only use for the sock account and nothing else.

Burner Phone and sim cards are only important when you are into Deep OSINT for Basics a Sock Account is enough for Active or Passive investigation.

But When a website needs to verify your phone number then it’s good to have burner sim cards.

Although you always have options to buy a VoIP number or the cheapest sim card for mobile verification.

This is it. Now you can create your own Sock Account.

You can buy something like that for a dollar online (note: I didn’t test the SIM in the screenshot so do your research)

Go to Public Wi-Fi

You don’t want to do any of this at home or work where you’re sharing your real IP address. You also can’t use a VPN as that will almost always prevent you from creating accounts. Use a local library, mall, or coffee shop. Try to choose a location that’s not right next to your house, but is close enough to travel to. You’ll be coming back here in the future.

Download Apps

Download and install the following apps in this order:

  • F-Droid: Think of this like the Apple App Store or Google Play, but for free and open-source apps.
  • Aurora Store: Download this from inside F-Droid. This is your replacement for Google Play. From inside Aurora Store, you can download all of the apps below (and any other you’d normally find on Google Play) without Google tracking it.
  • Mint Mobile: Use this to activate your new, real phone number.
  • Authy (by Twilio): You will use this to setup two-factor authentication (2FA) for all of your upcoming accounts. That way, you won’t need the Mint Mobile phone number after the trial expires. Feel free to substitute Authy for the software-token generating 2FA app of your choice.

Set Up 2FA

Ideally, you’ll use a hardware token like YubiKey when possible. It’s not only the most secure method of using 2FA, it’s the most convenient in my opinion. Unfortunately, not every service uses it, so set up Authy (or your chosen alternative) as well.

Create a VOIP Number

See, I told you you’d be setting up Google Voice. Yes, there are better options like MySudo. You could even go through the hassle of manually purchasing numbers direct from Twilio. If you have the time and patience to, feel free. But Google Voice is quick, easy, free, and you don’t care if your personas info is tracked anyway. Just pick your poison and create a VOIP number you so you’re not reliant on Mint Mobile.

Set Up Your Sock Puppet Accounts

You should have everything you need to build your accounts, be it on Facebook, Twitter, LinkedIn, Instagram, etc. Take your time, create each account from start to finish, and store all the information in your password manager during creation, in this order:

  • Create the account
    - You want to look like ‘normal’ as possible to the service
    - use public Wi-Fi
    - do not use a VPN
    - use your true (Mint Mobile) number for verification
  • Once the account is created, immediately navigate to the privacy and security settings
  • Change the phone number from your Mint to your VOIP number
  • Setup 2FA using Authy
  • Completely log out of the account
  • Log back in with your username/password from your password manager and Authy 2FA code

Only once you’ve created your account, and have confirmed you can log in using Authy for 2FA, should you move on to building the profile.

Age Your Accounts

Congrats, you did it! You have working sock puppet accounts! Now, do you want to have to go through all that again in a day or two?

Didn’t think so.

Nothing will completely prevent your accounts from getting shut down, but you can make it less likely by aging them. Try not to use them for a few days, ideally a week. Let them simmer.

Then, go back to the same place you created them. Connect to that same public Wi-Fi. One by one, log in to each account and engage other users as your persona would.
Follow more topics.
Like and share posts.
Make some comments.
Follow people and request connections.
Teach the service provider that ‘you’ are a normal person, doing normal things, and it will be less likely to lock you out in the future. Once you’ve done all that, log out of everything and let it age for another week.

You should now be good to go. Your accounts are created and reliant only on your VOIP number and software token 2FA. Your profiles look real to humans and pretty legit to algorithms as well. Feel free to go forth and OSINT.

Sources:

https://www.secjuice.com/the-art-of-the-sock-osint-humint/
https://www.ehacking.net/2021/04/the-ultimate-sock-puppets-tutorial-for-osint-operators.html
https://hackernoon.com/how-to-make-sock-puppet-accounts-for-osint-in-2021-12r33gs
https://www.cybrary.it/video/what-is-a-sock-puppet/
https://medium.com/dark-roast-security/dark-side-116-sock-puppets-ed7a9bd5a556
https://www.cybervie.com/blog/what-is-sock-puppets-in-osint-how-to-create-one/

--

--