H8Mail – Email OSINT And Password Breach Hunting

Email OSINT and password finder.Use h8mail to find passwords through different breach and reconnaissance services, or the infamous “Breach Compilation" torrent.FeaturesEmail pattern matching (reg exp), useful for all those raw HTML filesSmall and fast Alpine Dockerfile availableCLI or Bulk file-reading for targetingOutput to CSV fileReverse DNS + Open PortsCloudFlare rate throttling avoidanceExecution flow remains synchronous and throttled according to API usage guidelines written by service providersQuery and group results from different breach service providersQuery a local copy of the "Breach Compilation"Get related emailsDelicious colorsDemosOut of the boxWith API servicesWith the BreachedCompilation torrentAPIs Service Functions Status HaveIBeenPwned Number of email breachs Yes Shodan Reverse DNS, Open ports Yes Hunter.io – Public Number of related emails Yes Hunter.io – Service (free tier) Cleartext related emails Yes WeLeakInfo – Public Number of search-able breach results Soon WeLeakInfo – Service Cleartext passwords, hashs and salts Soon Snusbase – Service Cleartext passwords, hashs and salts – Fast Yes InstallIf you’re using Docker, make sure to add your targets.txt and your API keys in the configuration file before buildingLocallyNodeJS is required to ensure CloudFlare bypassing. You can find out how to install it for your distribution hereThese instructions assume you are running Python3 as default. If unsure, please check the troubleshooting sectionapt-get install nodejsgit clone https://github.com/khast3x/h8mail.gitcd h8mailpip install -r requirements.txtpython h8mail.py -hDockergit clone https://github.com/khast3x/h8mail.gitcd h8maildocker build -t h8mail .docker run -ti h8mail -hUsage> python h8mail.py –helpusage: h8mail.py [-h] -t TARGET_EMAILS [-c CONFIG_FILE] [-o OUTPUT_FILE] [-bc BC_PATH] [-v] [-l] [-k CLI_APIKEYS]Email information and password finding tooloptional arguments: -h, –help show this help message and exit -t TARGET_EMAILS, –targets TARGET_EMAILS Either single email, or file (one email per line). REGEXP -c CONFIG_FILE, –config CONFIG_FILE Configuration file for API keys -o OUTPUT_FILE, –output OUTPUT_FILE File to write output -bc BC_PATH, –breachcomp BC_PATH Path to the breachcompilation Torrent. https://ghostbin.com/paste/2cbdn -v, –verbose Show debug information -l, –local Run local actions only -k CLI_APIKEYS, –apikey CLI_APIKEYS Pass config options. Format is "K:V,K:V"Usage examplesQuery for a single targetpython h8mail.py -t target@example.comQuery for list of targets, indicate config file for API keys, output to pwned_targets.csvpython h8mail.py -t targets.txt -c config.ini -o pwned_targets.csvQuery a list of targets against local copy of the Breach Compilation, pass API keys for Snusbase from the command linepython h8mail.py -t targets.txt -bc ../Downloads/BreachCompilation/ -k "snusbase_url:$snusbase_url,snusbase_token:$snusbase_token"Query without making API calls against local copy of the Breach Compilationpython h8mail.py -t targets.txt -bc ../Downloads/BreachCompilation/ –localTroubleshootingPython version & KaliThe above instructions assume you are running python3 as default. If unsure, type:python –versionin your terminal. It should be either Python 3.* or Python 2.*.If you are running python2 as default :Make sure you have python3 installed, then replace python commands with explicit python3 calls:apt-get install nodejsgit clone https://github.com/khast3x/h8mail.gitcd h8mailpip3 install -r requirements.txtpython3 h8mail.py -hNotes & LinksService providers that wish being integrated can send me an email at k at khast3x dot club (Protonmail encryption friendly)Special thanks to Snusbase for being developer friendlySpecial thanks to kodykinzie for making a nice introduction and walktrough article and video on installing and using h8mailDownload H8Mail

Link: http://feedproxy.google.com/~r/PentestTools/~3/u6x3-7n6oMI/h8mail-email-osint-and-password-breach.html