GHunt is an OSINT tool to extract information from any Google Account using an email.

It can currently extract:

🗺️ Email module:

  • Owner’s name
  • Gaia ID
  • Last time the profile was edited
  • Profile picture (+ detect custom picture)
  • If the account is a Hangouts Bot
  • Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.)
  • Possible YouTube channel
  • Possible other usernames
  • Google Maps reviews (M)
  • Possible physical location (M)
  • Events from Google Calendar (C)
  • Public photos (P)
  • Phones models (P)
  • Phones firmwares (P)
  • Installed softwares (P)

🗺️ Document module:

  • Owner’s name
  • Owner’s Gaia ID
  • Owner’s profile picture (+ detect custom picture)
  • Creation date
  • Last time the document was edited
  • Public permissions
  • Your permissions

🗺️ Youtube module:

  • Owner’s Gaia ID (through Wayback Machine)
  • Detect if the email is visible
  • Country
  • Description
  • Total views
  • Joined date
  • Primary links (social networks)
  • All infos accessible by the Gaia module

🗺️ Gaia module:

  • Owner’s name
  • Profile picture (+ detect custom picture)
  • Possible YouTube channel
  • Possible other usernames
  • Google Maps reviews (M)
  • Possible physical location (M)

The features marked with a (P) require the target account to have the default setting of Allow the people you share content with to download your photos and videos on the Google AlbumArchive, or if the target has ever used Picasa linked to their Google account.
More info here.

Those marked with a (M) require the Google Maps reviews of the target to be public (they are by default).

Those marked with a (C) requires user to have Google Calendar set on public (default it is closed)

Problems? Questions? Visit main page:


📰 Latest news

  • 02/10/2020: Since a few days ago, Google returns a 404 when we try to access someone’s Google Photos public albums, we can only access it if we have a link to one of his albums.
    Either this is a bug and this will be fixed, or it’s a protection that we need to find how to bypass.
  • 03/10/2020: Successfully bypassed. 🕺 (commit 01dc016)
    It requires the “Profile photos” album to be public (it is by default)
  • 20/10/2020: Google WebArchive now returns a 404 even when coming from the “Profile photos” album, so the photos scraping is temporary (or permanently) disabled. (commit e762543)
  • 25/11/2020: Google now removes the name from the Google Maps profile if the user has 0 reviews (or contributions, even private). I did not find a bypass for the moment, so all the help in the research of a bypass is appreciated.
  • 20/03/2021: Successfully bypassed. 🕺 (commit b3b01bc)

[email protected]
python3 doc

⚠️ I suggest you make an empty account just for this or use an account where you never login because depending on your browser/location, re-logging into the Google Account used for the cookies can deauthorize them.

Firefox   Chrome   Edge

You just need to launch the file and choose the extraction mode you want to use, between putting GHunt in listening mode, or copy/paste the encoded cookies in base64.


Regarding the collection of metadata from your Google Photos account:

Given that Google shows “X require access” on your Google Account Dashboard, you might imagine that you had to explicitly authorize another account in order for it to access your pictures; but this is not the case.
Any account can access your AlbumArchive (by default):


Here’s how to check and fix the fact that you’re vulnerable (which you most likely are):
Go to while logged in with your Google account. You will be automatically redirected to your correct album archive URL ( After that, click the three dots on the top left corner, and click on setting


Then, uncheck the only option there:


On another note, the target account will also be vulnerable if they have ever used Picasa linked to their Google account in any way, shape or form. For more details on this, read PinkDev1’s comment on issue #10.
For now, the only (known) solution to this is to delete the Picasa albums from your AlbumArchive.


This tool is based on Sector’s research on Google IDs and completed on my own as well. If I have the motivation to write a blog post about it, I’ll add the link here!