Sockpuppet account creation, just like OSINT, is always changing. This page will be updated regularly. Please join the newsletter to be notified of updates.

What are sockpuppet accounts?

Sockpuppet accounts are anonymous or pseudonymous accounts used for various projects.

  • In the news lately for political discord
  • OSINT investigations
  • HUMINT investigations
  • Social engineering
  • And more!

Are sockpuppet accounts ethical?

This is up to you. Honestly. But this is my blog so here’s my thoughts on it:

Sockpuppets, an an OSINT/HUMINT capacity, have generally been used in two ways:

  1. Passive reconnaissance. (Generally OSINT)
  2. Infiltration of groups. (Generally HUMINT)

I have absolutely no ethical qualms with using sockpuppet accounts for passive recon.

With HUMINT, infiltrating target groups is a common necessity. In this case, you often have to pretend to be someone you’re not.

For example, an investigator hired to collect data on a pedophilic ring on the dark web will have to create a persona and convince them they are one of them to get into the group.

I generally don’t do this sort of work. I would only feel comfortable if I had law enforcement backing me in this because it could turn dangerous or illegal, and they’ll help me with making sure I’m not breaking any laws or getting into any trouble they can’t get me out of.

I also need to point out in the USA, it’s illegal to impersonate a government employee, especially law enforcement and military.

It’s also generally not cool to impersonate a real person. Keep your sockpuppets made-up.

Anonymous Sockpuppet Account Setup Process

This is my process for setting up an anonymous sockpuppet account.

  1. Come up with a persona for the sockpuppet account.
  2. Use Fake Name Generator to create a person whom you feel fits your sockpuppet persona.
  3. Use This Person Does Not Exist to generate an image. Make sure you inspect the image closely and get one that doesn’t have any obvious flaws, as they often do. It is worth picking up some Photoshop, GIMP, Affinity Photo or Designer, or other basic image manipulation skills to fix them and change the background of the image. July 2020 Update: Social media sites have wised up to this and it doesn’t always work. I have found that “photoshopping” a pair of sunglasses on the face and changing the background seems to work for now.
  4. Get a burner phone, completely wiped and fresh. Can be any brand that will accept a Mint Mobile SIM card.
  5. Get a burner credit card from to use on Amazon and possibly the Mint Mobile setup. They might need it to set up the account.
  6. Set up a burner Amazon account. We’re only going to use it once.
  7. Buy two Mint Mobile SIM cards. You can find them in various places online and in stores near you, but you can get two of them for $5 on Amazon (aff). They also give you 1-week free trial with something like 100 text messages, which we’re going to use. This gives you two cards for two sockpuppet accounts for only $5.
  8. I like to use Amazon to have the card sent to an Amazon pickup box, which can be anonymous.
  9. Get a VPN that you can set to the physical area in which you want your sockpuppet to “exist.”
  10. Set up the Mint Mobile trial account somewhere away from your home; as far as you’re willing to go.
  11. Use this Mint Mobile trial phone number to set up all of the websites you need.
  12. I recommend at least set up a Google account and Protonmail account. Both will come in handy at different times.
  13. Once you’ve set up all the accounts with your trial Mint SIM, set up 2FA on all of the accounts.
  14. After setting up 2FA on all of the accounts, change the phone number to one you have more permanent access to, such as MySudo or Google Voice.
  15. Make sure everything works!
  16. Destroy the SIM card.
  17. Wipe the phone.

A lot of these websites are blocking MySudo, Google Voice, and other VoIP numbers. That’s why we go through the Mint phone number first.

They should be less stringent now.

Also known as “Google Hacking”, this is the practice of using Google operators (symbols and special keywords) to narrow down search results.

For example, searching Google for "OSINT" | "open source intelligence" will show you every page on my site only that contains the words “OSINT” and/or “open source intelligence”.

Is Google Dorking Illegal?

Google Dorking itself is not illegal, however, it has been used in the past to preface illegal actions such as:

  • identity theft
  • server intrusion
  • “doxing”
  • stalking
  • harassment
  • “SWATing”
  • industrial espionage
  • cyberterrorism
  • etc

Teal background with text that says Instagram OSINT and has the Instagram logo.

As you know, Instagram OSINT is always changing, and so this page will be updated regularly. Please join the newsletter to be notified of updates.

Instagram OSINT Guide

The Instagram OSINT guide is coming soon!

Instagram OSINT Tips

  1. Most of the time, you’ll be using Google Dorking instead of Instagram’s built in search engine.
  2. To search only Instagram posts, use in Google.
  3. To search only Instagram profiles, use "[first name]" | "[first name] [last name] on" (including quotes"", but remove the brackets[]) in Google.
  4. More Instagram OSINT tips coming soon.

Instagram OSINT Tools

  • IntelTechniques Custom Instagram Tools – I use this frequently, and it’s pretty much the tool I start with (even before Google Dorking). IntelTechniques is created and run by Michael Bazzell who is pretty much the guy when it comes to OSINT and Privacy.
  • Google Search – Honestly, Google Dorking indexed Instagram content is probably where most of what I find is.
  • More Instagram OSINT tools coming soon.

Case Studies

Case 1: Find user name with real name and possible associate account (such as company they work for or own).

This case can be seen on Reddit. First, their question:

instagram advanced search
lets say that I am looking for a “John Doe” on instagram who I know has posts related to “johndoeacademy”. Is there a way for me to search instagram with filters so that it only shows me results for John Doe’s who have posts related to johndoeacademy?

Posted by u/historicalrhino

My solution:

I’m a little unsure of some specifics here. Is “johndoeacademy” a hashtag or a username?

If it’s a username, I would use Google Dorking (AKA Google Hacking) to do this. "@johndoeacademy" & "John on" | "John Smith on"

Breakdown: tells Google we only want to search for results from which is what all posts are under.

"@johndoeacademy" tells Google we only want to search for any pages (posts) by @johndoeacademy, so we need to add to remove most (if not all) posts by @johndoeacademy.

Since we’re pulling up any page that mentions @johndoeacademy, we want to add & "John on" | "John Smith on" which will help limit a lot of the SERs (Search Engine Results) down to Instagram Profiles. & makes sure we’re including these searches so the SER must have “@johndoeacademy” AND “John on” OR “John Smith on”, with | representing the OR.

Here’s an example: "@zuck" & "Harvard on" | "Harvard University on"

Drop that in Google and see what you get. We’ll get 3 SERs:

  • Two posts from Harvard University’s Instagram account mentioning @zuck, and then
  • One from Edwardo Saverin mentioning both @zuck and Harvard University in the same post.

You can see it prioritized the Harvard ones over the Saverin one because of what we specified we were searching for.

Also, as /u/JackedRightUp said, you can change “site:” to “+” to get broader SERs for checking Instagram caching sites.


+Instagram "@zuck" & "Harvard on" | "Harvard University on"

or "@zuck" & "Harvard on" | "Harvard University on"