// comparison
GHunt web vs CLI
GHunt comes in two forms. The original Python CLI is a power tool that takes real technical comfort to install, run and keep working. ghunt.sh runs the same lookups from a browser, no skills required. For most people the choice is obvious.
Side by side
| Aspect | GHunt CLI (Python) | ghunt.sh (web) |
|---|---|---|
| Setup | Python 3.10+, virtualenv, pip install, GHunt Companion extension to capture a Google session. Plan 15 to 30 minutes if nothing breaks. | Open a URL. |
| Skill required | Comfortable with the terminal, Python error messages, broken extensions and stale auth tokens. | None. |
| Reliability | Breaks regularly when Google changes its internals. Expect cycles of works, breaks, wait for a fix, update, repeat. | Maintained for you. |
| Auth | Your own Google credentials, captured via Companion. | Handled by us, you do not provide any. |
| Output | Raw JSON in the terminal. You format it yourself. | Visual report with PDF export and shareable link. |
The CLI is not for most people
The original GHunt is a serious tool, but it is built for an audience that is comfortable on a terminal. Getting it running means installing a recent Python, creating a virtualenv, dealing with the GHunt Companion browser extension, capturing a Google session token, and then troubleshooting the output when Google changes something on their side. Each of those steps can fail on its own, and they fail more often than you would hope.
In practice, Google ships internal changes regularly that break one or more modules of the CLI. The community patches it, then something else breaks. That is fine if you are a security engineer who treats the tool as part of your daily workflow. It is not fine when you have one email to investigate today and you do not want to spend an afternoon debugging Python errors.
Who the web version is really for
If any of these descriptions match your situation, do not bother with the CLI.
- Journalists. You have a source's email, you want a quick read on their public footprint, and you want to drop a clean PDF into your editor's hands. ghunt.sh gives you that report in seconds and exports to PDF natively.
- Recruiters and HR. You want to cross-check an applicant's public Google profile without setting up a developer workstation. Paste, read, move on.
- Analysts and researchers. You are triaging a list of emails and you need a fast, repeatable way to see which ones have a public footprint worth a deeper look.
- Anyone on mobile or a locked-down work laptop. You cannot install Python or a browser extension there, and you do not need to.
- Anyone who tried the CLI once and gave up. No judgement, the install really is finicky.
When the CLI still makes sense
There is a narrow audience for whom the CLI is the right tool:
- You are a security engineer wiring GHunt into a larger pipeline and you need raw JSON to feed downstream tooling.
- You are on a strict engagement where lookups must originate from credentials and infrastructure you control end to end.
- You are extending the framework with new modules or contributing back to it.
If none of those apply, the web version covers your case better, faster, and with fewer things that can go wrong.
What both do the same way
- Neither attacks a Google account. Both query public surfaces only.
- Neither bypasses MFA or recovers passwords.
- Both pivot on the Gaia ID once they have it.
- Both cover the public profile, Maps contributions, public Calendar events and Play Games activity attached to a Google account.