Example of The Endorser Output

A common trope is that there are only six degrees of separation between all people on the planet. While this may or may not be true; the endorser by eth0izzle is an Open-Source intelligence tool that can help you use the connections between people to find ever more promising potential targets.

The endorser uses LinkedIn skill endorsements to find the important connections between employees. It works on the principle that people who are closely linked within an organisation are more likely to have more numerous skill endorsements than a person who is external.

For my work I use a Mac, so my guide will include all the steps I took to get the endorser working. Unfortunately macOS adds a few more steps than an up-to-date Linux install may require.

If you haven’t installed Xcode or its command line tools, now will be a great time to do this as Homebrew (which I’ve mentioned in other blog posts) will require the them to complete the installation of Python. I always install the entirety of Xcode from the Mac App Store as every now and then I use some of its other tools for tinkering, but most third party tools only require the command line tools, such as code compilation. The command line tools can installed by typing $ xcode-select –install in a terminal window.

A standard installation of macOS ships with Python 2 (As I write this the latest version of macOS, which I have installed, is High Sierra 10.13.2) the endorser will require a minimum of Python 3.0 to be installed for it to work, so you’ll need to update your Python installation. With Homebrew this will be easy, just type $ brew install python3 and it will grab the latest version of Python.

Cloning the endorser from git

Once you’ve then got the files needed for the endorser from Git using the command $ git clone https://github.com/eth0izzle/the-endorser.git, within the files downloaded as part of the endorser there should be one called requirements.txt. This contains a list of (some of the) extras needed to run the endorser. Navigate to the main endorser directory; for me this command is $ cd ./the-endorser. Once terminal has the endorser folder as the active directory, you can install the dependancies within the requirements file. Previously I used pip within Kali where the command would be $ pip install requirements; however, within macOS you’ll need to use $ pip3 install requirements. If you don’t use the 3, the command may fail. We’re not quite done with grabbing extras yet as you’ll still need to grab ChromeDriver and if you don’t have it installed already, Google Chrome.

With everything finally loaded, all thats left to do is to add your LinkedIn credentials into the ‘config.yaml’ file; you can either use nano within terminal ($ nano config.yaml) or any text editor will do. Credentials entered, run the endorser using python3 the-endorser.py and add the two URLs you wish to compare the number of endorsements for e.g.

$ Python3 the-endorser https://www.linkedin.com/in/FirstUser https://www.linkedin.com/in/SecondUser

It may take a number of minutes to finally produce but the output should automatically open, if it doesn’t it should be stored within the main level of the endorser folder. From this file you should be able to see the skills person one has on their profile, along with the skills person two has on their profile that are shared with contacts in both their networks.

Confusingly to me, the arrows are pointing at your selected users contacts, but the links actually signify that the contact has endorsed your chosen user for that skill. This then means that any contacts with a high number of shared links are likely to be closely linked in reality to your two chosen users, allowing you to focus any further investigation on that shared contact.

This will be enormously useful if you don’t have any prior knowledge of an organisations structure as the endorser allows you to quickly gather information on who may work for an organisation and at what level they likely work at.