H8mail V2.0 - E-Mail Osint In Addition To Password Breach Hunting
Powerful in addition to user-friendly password finder.
Use h8mail to notice passwords through different breach in addition to reconnaissance services, or using local breaches such equally Troy Hunt's "Collection1" or the infamous "Breach Compilation" torrent.
Features
- Email designing matching (reg exp), useful for reading from other tool outputs
- Loosey patterns for local searchs ("john.smith", "evilcorp")
- Painless install. Available through
pip
, alone requiresrequests
- Small in addition to fast Alpine Dockerfile available
- CLI or Bulk file-reading for targeting
- Output to CSV file
- Compatible amongst the "Breach Compilation" torrent scripts
- Search .txt in addition to .gz files locally using multiprocessing
- Compatible amongst "Collection#1"
- Get related emails
- Chase in addition to target related emails inwards ongoing search
- Supports premium lookup services for advanced users
- Regroup breach results for all targets in addition to methods
- Includes selection to shroud passwords for demonstrations
- Delicious colors
pip3 install h8mail
Demo
Out of the box
With API services, local breach search & chasing enabled
APIs
Service | Functions | Status |
---|---|---|
HaveIBeenPwned | Number of electronic mail breaches | yes |
Hunter.io - Public | Number of related emails | yes |
Hunter.io - Service (free tier) | Cleartext related emails | yes |
WeLeakInfo - Public | Number of search-able breach results | no |
WeLeakInfo - Service | Cleartext passwords, hashs in addition to salts | no |
Snusbase - Service | Cleartext passwords, hashs in addition to salts - Fast | yes |
Leak-Lookup - Public | Number of search-able breach results | yes |
Leak-Lookup - Service | Cleartext passwords, hashs in addition to salts | yes |
Install
Requirements
h8mail 2.0 alone requires
requests
to run.Stable release (best)
To install h8mail, run this dominance inwards your terminal:
$ pip3 install h8mail
This is the preferred method to install h8mail, equally it volition ever install the almost recent stable release.
Please note:
If you lot don't accept
pip
installed, this Python installation guide tin give the axe guide you lot through the process.For h8mail specific troubleshooting, banking concern check the Troubleshooting section.
The inwards a higher house illustration showcases installing h8mail using
--user
From sources
The sources for h8mail tin give the axe travel downloaded from the Github repo.
You tin give the axe either clone the populace repository:
$ git clone git://github.com/khast3x/h8mail
$ curlicue -OL https://github.com/khast3x/h8mail/tarball/master
Once you lot accept a re-create of the source, you lot tin give the axe install it with:
$ cd h8mail/ $ python setup.py install $ h8mail -h
$ cd h8mail/ $ python -m h8mail -h
Docker
$ docker run -ti kh4st3x00/h8mail -h
Usage
usage: h8mail [-h] -t TARGET_EMAILS [TARGET_EMAILS ...] [--loose] [-c CONFIG_FILE [CONFIG_FILE ...]] [-o OUTPUT_FILE] [-bc BC_PATH] [-sk] [-k CLI_APIKEYS [CLI_APIKEYS ...]] [-lb LOCAL_BREACH_SRC [LOCAL_BREACH_SRC ...]] [-gz LOCAL_GZIP_SRC [LOCAL_GZIP_SRC ...]] [-sf] [-ch [CHASE_LIMIT]] Email information in addition to password lookup tool optional arguments: -h, --help present this assist message in addition to leave of absence -t TARGET_EMAILS [TARGET_EMAILS ...], --targets TARGET_EMAILS [TARGET_EMAILS ...] Either string inputs or files. Supports electronic mail designing matching from input or file, filepath globing in addition to multiple arguments --loose Allow loose search yesteryear disabling electronic mail designing recognition. Use spaces equally designing seperators -c CONFIG_FILE [CONF IG_FILE ...], --config CONFIG_FILE [CONFIG_FILE ...] Configuration file for API keys. Accepts keys from Snusbase, (WeLeakInfo, Citadel.pw), hunterio -o OUTPUT_FILE, --output OUTPUT_FILE File to write CSV output -bc BC_PATH, --breachcomp BC_PATH Path to the breachcompilation torrent folder. Uses the query.sh script included inwards the torrent. https://ghostbin.com/paste/2cbdn -sk, --skip-defaults Skips HaveIBeenPwned in addition to HunterIO check. Ideal for local scans -k CLI_APIKEYS [CLI_APIKEYS ...], --apikey CLI_APIKEYS [CLI_APIKEYS ...] Pass config options. Supported format: "K=V,K=V" -lb LOCAL_BREACH_SRC [LOCAL_BREACH_SRC ...], --local-bre ach LOCAL_BREACH_SRC [LOCAL_BREACH_SRC ...] Local cleartext breaches to scan for targets. Uses multiprocesses, i split upwards procedure per file, on split upwards worker puddle yesteryear arguments. Supports file or folder equally input, in addition to filepath globing -gz LOCAL_GZIP_SRC [LOCAL_GZIP_SRC ...], --gzip LOCAL_GZIP_SRC [LOCAL_GZIP_SRC ...] Local tar.gz (gzip) compressed breaches to scans for targets. Uses multiprocesses, i split upwards procedure per file. Supports file or folder equally input, in addition to filepath globing. Looks for 'gz' inwards filename -sf, --single-file If breach contains large cleartext or tar.gz files, prepare this flag to sentiment the progress bar. Disables concurrent file searching for stability -ch [CHASE_LIMIT], --c hase [CHASE_LIMIT] Add related emails from HunterIO to ongoing target list. Define number of emails per target to chase. Requires hunter.io somebody API telephone commutation
Usage examples
Query for a unmarried target
$ h8mail -t target@example.com
Query for listing of targets, betoken config file for API keys, output to
pwned_targets.csv
$ h8mail -t targets.txt -c config.ini -o pwned_targets.csv
Query a listing of targets against local re-create of the Breach Compilation, top API keys for Snusbase from the dominance line
$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -k "snusbase_url=$snusbase_url,snusbase_token=$snusbase_token"
Query without making API calls against local re-create of the Breach Compilation
$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -sk
Search every .gz file for targets industrial plant life inwards targets.txt locally
$ h8mail -t targets.txt -gz /tmp/Collection1/ -sk
Check a cleartext dump for target. Add the adjacent 10 related emails to targets to check. Read keys from cli
$ h8mail -t admin@evilcorp.com -lb /tmp/4k_Combo.txt -ch 10 -k "hunterio=ABCDE123"
Configuration file & keys
h8mail tin give the axe read keys yesteryear using a
config.ini
file amongst -c
, or yesteryear passing keys from the command line straight amongst -k
.The configuration file format is equally follows:
[h8mail] shodan = hunterio = snusbase_url = snusbase_token = ; leak-lookup_pub = 1bf94ff907f68d511de9a610a6ff9263 leak-lookup_priv =
Keys in addition to their respective values tin give the axe also travel passed from the dominance line, amongst the
-k
option. Format is similar so:$ h8mail -t john.smith@evilcorp.com -k "K=V, K=V" "K=V"
Troubleshooting
Python version & Kali
- The inwards a higher house instructions assume you lot are running python3 equally default. If unsure, type the next inwards your terminal.
It should travel eitherPython 3.*
orPython 2.*
:
$ python --version
- If you lot are running python2 equally default :
Make certain you lot accept python3.6+ installed, thence supersedepython
commands amongst explicitpython3
commands.
- If you lot accept non prepare your venvs, you lot powerfulness instruct a permission mistake proverb
Consider using the --user selection or banking concern check the permissions.
Simply add together --user similar so:
$ pip install --user h8mail
Windows
h8mail
uses ANSI color escape characters. Windows doesn't know how to present the colors, in addition to volition present gibberish instead.
Fortunately, you lot tin give the axe role Cmder, which is an splendid Windows CMD prompt alternative- If you're having problem amongst python in addition to pip, chances are you lot ask to add python to your PATH.
pip
volition also ask to travel inwards yourPATH
surround variable. - If you're withal having problem amongst
pip
, you lot tin give the axe produce the following:
# Check python version, should travel 3.6+ C:> python --version # To accept python grip installation of pip C:> python -m ensurepip # To launch pip equally a module C:> python -m pip install h8mail # To launch h8mail equally a module C:> python -m h8mail --help
OSX
- As described for Windows, you lot powerfulness run into issues amongst python if your installation is incomplete, or
pip
's installation directory is non inwards your PATH. - If thats the case, you lot tin give the axe campaign invoking
pip
in addition toh8mail
amongst the same dominance lines equally Windows. - Make certain the
python
dominance refers to Python three amongstpython --version
, otherwise supersedepython
amongstpython3
inwards the instructions. - Basically campaign this if installed in addition to non executing, banking concern check Windows instructions for farther examples:
$ python3 -m h8mail -h
Thanks & Credits
- Snusbase for existence developer friendly
- kodykinzie for making a prissy introduction in addition to walktrough article in addition to video on installing in addition to using h8mail
- Leak-Lookup for existence developer friendly
- WeLeakInfo for existence developer friendly. They are currently migrating API service. I'll update h8mail when available
- h8mail's Pypi integration is strongly based on the travel of audreyr's CookieCutter PyPackage
- Logo generated using Hatchful yesteryear Shopify
Related opened upwards source projects
- WhatBreach yesteryear Ekultek
- BaseQuery yesteryear g666gle
- LeakLooker yesteryear woj-ciech
- HashBuster yesteryear s0md3v
Notes
- Service providers that wishing existence integrated tin give the axe shipping me an electronic mail at
k at khast3x point club
(PGP friendly) - h8mail is maintained on my complimentary time. Feedback in addition to country of war stories are welcomed.
- My code is signed amongst my Keybase PGP key. You tin give the axe instruct it using:
# curlicue + gpg pro tip: import ktx's keys curlicue https://keybase.io/ktx/pgp_keys.asc | gpg --import # the Keybase app tin give the axe force to gpg keychain, also keybase pgp line ktx