A new open-source Python tool named EpsteIn has been developed to allow users to determine if their LinkedIn contacts appear in over 3.5 million pages of court documents related to Jeffrey Epstein, recently released by the U.S. Department of Justice. Created by Christopher Finke, this tool operates locally, emphasizing user privacy in the context of growing interest in open-source intelligence (OSINT) for network verification.
Functionality and Features of EpsteIn
The tool, EpsteIn, indexes references from public Epstein-related documents using an API crafted by Patrick Duggan, available on DugganUSA.com. It scans LinkedIn Connections.csv files exported by users. The output is an interactive HTML report, typically named EpsteIn.html, which organizes results by the number of mentions. This report includes contact cards with details such as names, job titles, companies, excerpts, and direct links to DOJ PDF documents.
In tests conducted by 404 Media, the tool identified 22 potential matches, highlighting common names like “Adam S.” This underscores the potential for false positives due to vague references. The tool requires Python 3.6 or later, the requests library, and a virtual environment set up via ‘pip install -r requirements.txt’. Users can export LinkedIn contacts through Settings > Data privacy > Get a copy of your data, though this process may take up to 24 hours.
Privacy and Security Considerations
Using the tool ensures all processing is done locally, avoiding cloud-based privacy concerns. However, exporting LinkedIn data might expose entire networks, and improper use could lead to targeted harassment or doxxing. The presence of false positives necessitates careful manual review, aligning with best practices in validating indicators of compromise (IOC).
EpsteIn presents a case of accessible OSINT for probing professional networks, assisting cybersecurity professionals in examining associations after data leaks. While local execution minimizes server-side privacy leaks, users must remain cautious about the potential exposure of sensitive information.
Balancing Benefits and Risks
The tool offers numerous advantages, including running offline without sharing API keys and providing contextual excerpts for verification. However, common names may result in inaccurate matches, and technical skills are required for setup. The EpsteIn tool is designed to aid in personal risk assessment, but experts recommend careful consideration of conclusions drawn from public records.
For more updates on cybersecurity, follow us on Google News, LinkedIn, and X. Contact us if you wish to feature your stories.
