H8mail

h8mail is an open-source intelligence tool for searching leaked credentials and compromised accounts across remote APIs and local data dumps. It functions as a credential leak hunter and email reconnaissance framework designed to identify exposed passwords and sensitive information using usernames, domains, IP addresses, and email hashes.

The tool distinguishes itself through a recursive target expansion system that feeds newly discovered email addresses back into the search queue to broaden the scope of investigations. It also includes a local breach data parser that employs multiprocessing to scan large cleartext and compressed credential files stored on the local filesystem.

Broad capabilities cover digital footprint mapping and threat intelligence gathering. The system supports multi-criteria lookups, domain breach scanning, and the extraction of email addresses from web URLs. Findings can be exported in JSON and CSV formats for external analysis, while sensitive output is obfuscated in the terminal to prevent the exposure of full credentials.

Features

Data Breach Search Tools - Provides a comprehensive system for searching leaked credentials and compromised accounts across remote APIs and local data dumps.

Credential Leak Databases - Searches remote APIs and local dumps to identify compromised passwords and leaked accounts for specific targets.

OSINT Email Discovery - Finds and expands lists of related email addresses by analyzing domain relationships and scraping web content.

Multi-Identifier Lookups - Enables querying data services using various identifiers including usernames, IP addresses, domains, and password hashes.

Local Breach Data Parsing - Scans local cleartext and compressed credential files using multiprocessing to identify target matches.

Breach Data Parsers - Employs a specialized engine to scan and extract credentials from local cleartext and compressed breach files.

Email Reconnaissance Frameworks - Provides a toolkit for discovering related email addresses and scraping targets to expand security audit scope.

Credential Leak Hunters - Identifies exposed passwords and sensitive information using usernames, domains, IP addresses, and email hashes.

Digital Footprint Analysis Suites - Connects fragmented identifiers like usernames and IP addresses to uncover a target's online presence.

Target Expansion Strategies - Iteratively discovers new email addresses and feeds them back into the search queue to expand the reconnaissance scope.

Email Address Extraction - Scrapes email addresses from provided web URLs to automatically populate search targets.

Cross-Field Identifier Correlation - Scans all returned data fields for related emails, usernames, hashes, IP addresses, and domains.

Passive Intelligence Gathering - Collects non-intrusive reconnaissance findings from multiple breach databases for security analysis.

Local Multiprocessing - Utilizes multiprocessing to accelerate the scanning of large local cleartext and compressed breach data files.

OSINT Investigation Tools - Performs local or premium email OSINT and breach hunting

Email Investigation Tools - Performs password breach hunting and email-based OSINT.

Open Source Intelligence - Email OSINT tool for breach-credential hunting.

khast3xh8mail

Features

Star history