H8mail V2.0 - E-Mail Osint In Addition To Password Breach Hunting


Powerful in addition to user-friendly password finder.
Use h8mail to notice passwords through different breach in addition to reconnaissance services, or using local breaches such equally Troy Hunt's "Collection1" or the infamous "Breach Compilation" torrent.

Features
  • Email designing matching (reg exp), useful for reading from other tool outputs
  • Loosey patterns for local searchs ("john.smith", "evilcorp")
  • Painless install. Available through pip, alone requires requests
  • Small in addition to fast Alpine Dockerfile available
  • CLI or Bulk file-reading for targeting
  • Output to CSV file
  • Compatible amongst the "Breach Compilation" torrent scripts
  • Search .txt in addition to .gz files locally using multiprocessing
    • Compatible amongst "Collection#1"
  • Get related emails
  • Chase in addition to target related emails inwards ongoing search
  • Supports premium lookup services for advanced users
  • Regroup breach results for all targets in addition to methods
  • Includes selection to shroud passwords for demonstrations
  • Delicious colors

pip3 install h8mail

Demo

Out of the box


With API services, local breach search & chasing enabled


APIs
Service Functions Status
HaveIBeenPwned Number of electronic mail breaches yes
Hunter.io - Public Number of related emails yes
Hunter.io - Service (free tier) Cleartext related emails yes
WeLeakInfo - Public Number of search-able breach results no
WeLeakInfo - Service Cleartext passwords, hashs in addition to salts no
Snusbase - Service Cleartext passwords, hashs in addition to salts - Fast yes
Leak-Lookup - Public Number of search-able breach results yes
Leak-Lookup - Service Cleartext passwords, hashs in addition to salts yes

Install

Requirements
h8mail 2.0 alone requires requests to run.

Stable release (best)
To install h8mail, run this dominance inwards your terminal:
$ pip3 install h8mail
And that's basically it.
This is the preferred method to install h8mail, equally it volition ever install the almost recent stable release.
Please note:
If you lot don't accept pip installed, this Python installation guide tin give the axe guide you lot through the process.
For h8mail specific troubleshooting, banking concern check the Troubleshooting section.



The inwards a higher house illustration showcases installing h8mail using --user

From sources
The sources for h8mail tin give the axe travel downloaded from the Github repo.
You tin give the axe either clone the populace repository:
$ git clone git://github.com/khast3x/h8mail
Or download the tarball:
$ curlicue  -OL https://github.com/khast3x/h8mail/tarball/master
Next, decompress the downloaded archive.
Once you lot accept a re-create of the source, you lot tin give the axe install it with:
$ cd h8mail/ $ python setup.py install $ h8mail -h
Or exactly running it equally a module:
$ cd h8mail/ $ python -m h8mail -h

Docker
$ docker run -ti kh4st3x00/h8mail -h

Usage
usage: h8mail [-h] -t TARGET_EMAILS [TARGET_EMAILS ...] [--loose]               [-c CONFIG_FILE [CONFIG_FILE ...]] [-o OUTPUT_FILE]               [-bc BC_PATH] [-sk] [-k CLI_APIKEYS [CLI_APIKEYS ...]]               [-lb LOCAL_BREACH_SRC [LOCAL_BREACH_SRC ...]]               [-gz LOCAL_GZIP_SRC [LOCAL_GZIP_SRC ...]] [-sf]               [-ch [CHASE_LIMIT]]  Email information in addition to password lookup tool  optional arguments:   -h, --help            present this assist message in addition to leave of absence   -t TARGET_EMAILS [TARGET_EMAILS ...], --targets TARGET_EMAILS [TARGET_EMAILS ...]                         Either string inputs or files. Supports electronic mail designing                         matching from input or file, filepath globing in addition to                         multiple arguments   --loose               Allow loose search yesteryear disabling electronic mail designing                         recognition. Use spaces equally designing seperators   -c CONFIG_FILE [CONF   IG_FILE ...], --config CONFIG_FILE [CONFIG_FILE ...]                         Configuration file for API keys. Accepts keys from                         Snusbase, (WeLeakInfo, Citadel.pw), hunterio   -o OUTPUT_FILE, --output OUTPUT_FILE                         File to write CSV output   -bc BC_PATH, --breachcomp BC_PATH                         Path to the breachcompilation torrent folder. Uses the                         query.sh script included inwards the torrent.                         https://ghostbin.com/paste/2cbdn   -sk, --skip-defaults  Skips HaveIBeenPwned in addition to HunterIO check. Ideal for                         local scans   -k CLI_APIKEYS [CLI_APIKEYS ...], --apikey CLI_APIKEYS [CLI_APIKEYS ...]                         Pass config options. Supported format: "K=V,K=V"   -lb LOCAL_BREACH_SRC [LOCAL_BREACH_SRC ...], --local-bre   ach LOCAL_BREACH_SRC [LOCAL_BREACH_SRC ...]                         Local cleartext breaches to scan for targets. Uses                         multiprocesses, i split upwards procedure per file, on                         split upwards worker puddle yesteryear arguments. Supports file or                         folder equally input, in addition to filepath globing   -gz LOCAL_GZIP_SRC [LOCAL_GZIP_SRC ...], --gzip LOCAL_GZIP_SRC [LOCAL_GZIP_SRC ...]                         Local tar.gz (gzip) compressed breaches to scans for                         targets. Uses multiprocesses, i split upwards procedure per                         file. Supports file or folder equally input, in addition to filepath                         globing. Looks for 'gz' inwards filename   -sf, --single-file    If breach contains large cleartext or tar.gz files, prepare                         this flag to sentiment the progress bar. Disables                         concurrent file searching for stability   -ch [CHASE_LIMIT], --c   hase [CHASE_LIMIT]                         Add related emails from HunterIO to ongoing target                         list. Define number of emails per target to chase.                         Requires hunter.io somebody API telephone commutation 

Usage examples

Query for a unmarried target
$ h8mail -t target@example.com

Query for listing of targets, betoken config file for API keys, output to pwned_targets.csv
$ h8mail -t targets.txt -c config.ini -o pwned_targets.csv

Query a listing of targets against local re-create of the Breach Compilation, top API keys for Snusbase from the dominance line
$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -k "snusbase_url=$snusbase_url,snusbase_token=$snusbase_token"

Query without making API calls against local re-create of the Breach Compilation
$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -sk

Search every .gz file for targets industrial plant life inwards targets.txt locally
$ h8mail -t targets.txt -gz /tmp/Collection1/ -sk

Check a cleartext dump for target. Add the adjacent 10 related emails to targets to check. Read keys from cli
$ h8mail -t admin@evilcorp.com -lb /tmp/4k_Combo.txt -ch 10 -k "hunterio=ABCDE123"

Configuration file & keys
h8mail tin give the axe read keys yesteryear using a config.ini file amongst -c, or yesteryear passing keys from the command line straight amongst -k.
The configuration file format is equally follows:
[h8mail] shodan = hunterio = snusbase_url = snusbase_token = ; leak-lookup_pub = 1bf94ff907f68d511de9a610a6ff9263 leak-lookup_priv =
In the inwards a higher house example, you'll notice a Leak-lookup populace key, graciously generated for h8mail users. To activate, uncomment the work in addition to brand certain to top to config file. The API tin give the axe sometimes timeout. If that's the case, exactly relaunch.
Keys in addition to their respective values tin give the axe also travel passed from the dominance line, amongst the -k option. Format is similar so:
$ h8mail -t john.smith@evilcorp.com -k "K=V, K=V" "K=V"

Troubleshooting

Python version & Kali
  • The inwards a higher house instructions assume you lot are running python3 equally default. If unsure, type the next inwards your terminal.
    It should travel either Python 3.* or Python 2.* :
$ python --version
  • If you lot are running python2 equally default :
    Make certain you lot accept python3.6+ installed, thence supersede python commands amongst explicit python3 commands.
  • If you lot accept non prepare your venvs, you lot powerfulness instruct a permission mistake proverb Consider using the --user selection or banking concern check the permissions.
    Simply add together --user similar so:
$ pip install --user h8mail

Windows
  • h8mail uses ANSI color escape characters. Windows doesn't know how to present the colors, in addition to volition present gibberish instead.
    Fortunately, you lot tin give the axe role Cmder, which is an splendid Windows CMD prompt alternative
  • If you're having problem amongst python in addition to pip, chances are you lot ask to add python to your PATH. pip volition also ask to travel inwards your PATH surround variable.
  • If you're withal having problem amongst pip, you lot tin give the axe produce the following:
# Check python version, should travel 3.6+ C:> python --version # To accept python grip installation of pip C:> python -m ensurepip # To launch pip equally a module C:> python -m pip install h8mail # To launch h8mail equally a module C:> python -m h8mail --help

OSX
  • As described for Windows, you lot powerfulness run into issues amongst python if your installation is incomplete, or pip's installation directory is non inwards your PATH.
  • If thats the case, you lot tin give the axe campaign invoking pip in addition to h8mail amongst the same dominance lines equally Windows.
  • Make certain the python dominance refers to Python three amongst python --version, otherwise supersede python amongst python3 inwards the instructions.
  • Basically campaign this if installed in addition to non executing, banking concern check Windows instructions for farther examples:
$ python3 -m h8mail -h

Thanks & Credits

Related opened upwards source projects

Notes
  • Service providers that wishing existence integrated tin give the axe shipping me an electronic mail at k at khast3x point club (PGP friendly)
  • h8mail is maintained on my complimentary time. Feedback in addition to country of war stories are welcomed.
  • My code is signed amongst my Keybase PGP key. You tin give the axe instruct it using:
# curlicue + gpg pro tip: import ktx's keys curlicue https://keybase.io/ktx/pgp_keys.asc | gpg --import  # the Keybase app tin give the axe force to gpg keychain, also keybase pgp line ktx