False Positives: Twitch, 8tracks, HackenProof (Hackers), NitroType, ProductHunt, Strava

[La5u]

Additional info

Usernames used to test:

qwertyzzsdvasdwe13412
MVDJSKBNALHDASLKJ9832
jqzj629

All 3 usernames were reported as false positives on:

https://8tracks.com/
https://hackenproof.com/hackers/
https://www.nitrotype.com/racer/
https://www.producthunt.com/
https://www.strava.com/athletes/
https://www.twitch.tv/

Code of Conduct

• I agree to follow this project's Code of Conduct

[HypeStratex]

True, i can completely confirm same happened for me.
i wanna append to this list , the following false positives for me too:
[+] SlideShare: https://slideshare.net/
[+] NationStates Nation: https://nationstates.net/nation=
[+] NationStates Region: https://nationstates.net/region=
[+] ProductHunt: https://www.producthunt.com/
[+] Shpock: https://www.shpock.com/shop/
[+] TLDR Legal: https://tldrlegal.com/users/
[+] Twitch: https://www.twitch.tv/

i checked this ones and in none the actual profile existed. Thanks for your work guys. appreciate.

[bytexenon]

Hmm, that's super interesting—thanks for reporting this!

Here's what I know: Twitch and ProductHunt always show false positives; no matter where you're testing from — we're working on fixing those. As for the other ones, they might depend on the region you're running Sherlock from. I've checked what Sherlock shows for those usernames from a residential US East IP address and here's what I'm getting:

Screenshot 1

Screenshot 2

Screenshot 3

(consistent HackerEarth, ProductHunt, Reddit, Shpock, SlideShare, Smule, Strava, Twitch, & BabyRU false positives)
(8tracks, HackerProof (Hackers), NitroType, NationStates Nation, NationStates Region, and TLDR Legal* don't return false positives for me)

These don't 100% match with your screenshots. So I'd suggest you to re-run Sherlock with the --dump-response parameter and redirect the output to a file (like this: sherlock --dump-response qwertyzzsdvasdwe13412 > dump_response_output.txt), then send over the contents of the dump_response_output.txt file here — this will help us fix those false positives faster

[La5u]

I tried sherlock --dump-response qwertyzzsdvasdwe13412 > dump_response_output.txt, but it throwed a UnicodeEncodeError, because it tried to write the response from the website, which was in a different language because of my ip, to the text file. sherlock --dump-response qwertyzzsdvasdwe1341 worked (for some reason), but the response was too long so it didn't all fit on the terminal window for me to copy. I had to go to the code in sherlock.py and change from
print(f"ERROR TEXT : {net_info['errorMsg']}")
to
print(f"ERROR TEXT : {str(net_info['errorMsg']).encode('utf-8')}")
to` finally get it to save to the txt file without errors. This could be implemented in the future to allow different languages to be written to the dump file.

Here are the results:
dump_response_output.txt

if needed, i could test with a vpn as well