h8mail
Installation
섹션 제목: “Installation”Install via pip
섹션 제목: “Install via pip”pip install h8mailInstall from source
섹션 제목: “Install from source”git clone https://github.com/khast3x/h8mail.git
cd h8mail
pip install -r requirements.txt
python h8mail.pyVerify installation
섹션 제목: “Verify installation”h8mail --versionConfiguration
섹션 제목: “Configuration”API Key Setup
섹션 제목: “API Key Setup”Create a ~/.h8mail_rc configuration file:
[breaches]
hibp_api_key = YOUR_HIBP_API_KEY
snusbase_auth = YOUR_SNUSBASE_TOKEN
leakcheck_api_key = YOUR_LEAKCHECK_API_KEY
emailrep_api_key = YOUR_EMAILREP_API_KEYOr set environment variables:
export HIBP_API_KEY="your_key_here"
export SNUSBASE_AUTH="your_token_here"Supported Breach Services
섹션 제목: “Supported Breach Services”| Service | Type | API Required | Notes |
|---|---|---|---|
| HaveIBeenPwned (HIBP) | Breach DB | Yes | Most comprehensive, 613M+ breaches |
| Snusbase | Breach DB | Yes | Large Russian breach database |
| LeakCheck | Breach DB | Yes | Extensive leak collection |
| EmailRep | Reputation | Yes | Email reputation & breach data |
| Dehashed | Breach DB | Yes | Dark web breach database |
| Intelx | Breach DB | Yes | Intelligence X platform |
| Scylla | Breach DB | No | Free online breach search |
| Shodan | IP Lookup | Yes | Internet-connected devices |
Single Email Lookup
섹션 제목: “Single Email Lookup”Basic email search
섹션 제목: “Basic email search”h8mail -e target@example.comSearch with verbose output
섹션 제목: “Search with verbose output”h8mail -e target@example.com -vSearch specific service only
섹션 제목: “Search specific service only”h8mail -e target@example.com --only hibpSearch multiple services
섹션 제목: “Search multiple services”h8mail -e target@example.com --only hibp,snusbase,leakcheckBulk Email Searching
섹션 제목: “Bulk Email Searching”Search from file
섹션 제목: “Search from file”h8mail -l emails.txtEmail file format
섹션 제목: “Email file format”target1@example.com
target2@example.com
admin@company.org
user@domain.netSearch with custom output file
섹션 제목: “Search with custom output file”h8mail -l emails.txt -o results.txtBatch processing with rate limiting
섹션 제목: “Batch processing with rate limiting”h8mail -l emails.txt --delay 2Local Breach File Searching
섹션 제목: “Local Breach File Searching”Search local breach database
섹션 제목: “Search local breach database”h8mail -e target@example.com -ldb /path/to/breach_database.txtSearch multiple local files
섹션 제목: “Search multiple local files”h8mail -e target@example.com -ldb breaches/ passwords/Import and index local breaches
섹션 제목: “Import and index local breaches”h8mail -e target@example.com --local-only -ldb database.csvChase Mode - Trace Related Emails
섹션 제목: “Chase Mode - Trace Related Emails”Enable chase mode for related accounts
섹션 제목: “Enable chase mode for related accounts”h8mail -e target@example.com --chaseChase mode with depth limit
섹션 제목: “Chase mode with depth limit”h8mail -e target@example.com --chase -c 2Chase related emails found in breaches
섹션 제목: “Chase related emails found in breaches”h8mail -e admin@company.com --chase --max-distance 3This finds other email addresses from breaches and searches those recursively.
Output Formats
섹션 제목: “Output Formats”JSON output
섹션 제목: “JSON output”h8mail -e target@example.com -o results.json --jsonCSV output
섹션 제목: “CSV output”h8mail -l emails.txt -o results.csv --csvPlain text output (default)
섹션 제목: “Plain text output (default)”h8mail -e target@example.com -o results.txtHTML report output
섹션 제목: “HTML report output”h8mail -l emails.txt -o report.html --htmlSearching Strategies
섹션 제목: “Searching Strategies”Company domain reconnaissance
섹션 제목: “Company domain reconnaissance”h8mail -l company_employees.txt -o breach_report.txtCredential hunting for penetration testing
섹션 제목: “Credential hunting for penetration testing”h8mail -e target@example.com -v --pasteCombine with other data
섹션 제목: “Combine with other data”h8mail -e leaked_email@domain.com --chaseHigh-priority target search
섹션 제목: “High-priority target search”h8mail -e ceo@company.com -v --all-providersAdvanced Options
섹션 제목: “Advanced Options”Show all breaches (verbose)
섹션 제목: “Show all breaches (verbose)”h8mail -e target@example.com -vSkip unresponsive services
섹션 제목: “Skip unresponsive services”h8mail -e target@example.com --timeout 10Use proxies
섹션 제목: “Use proxies”h8mail -e target@example.com --proxy socks5://127.0.0.1:9050Save paste dumps when found
섹션 제목: “Save paste dumps when found”h8mail -e target@example.com --paste -o pastes/Disable colors in output
섹션 제목: “Disable colors in output”h8mail -e target@example.com --no-colorCheck before running bulk operations
섹션 제목: “Check before running bulk operations”h8mail -l emails.txt --dry-runIntegration with OSINT Workflows
섹션 제목: “Integration with OSINT Workflows”Combine with TheHarvester
섹션 제목: “Combine with TheHarvester”theharvester -d example.com -b all | grep "@" | tee emails.txt
h8mail -l emails.txt -o results.txtCombine with Maltego
섹션 제목: “Combine with Maltego”Export email addresses from Maltego → Import to h8mail
Use in Shodan queries
섹션 제목: “Use in Shodan queries”h8mail -e admin@example.com --shodanParse breach data for usernames
섹션 제목: “Parse breach data for usernames”h8mail -e user@example.com -v | grep -i "password\|username"Automation and Scripting
섹션 제목: “Automation and Scripting”Batch processing with shell loop
섹션 제목: “Batch processing with shell loop”for email in $(cat targets.txt); do
h8mail -e "$email" -o "results_${email}.txt"
doneAutomated daily monitoring
섹션 제목: “Automated daily monitoring”#!/bin/bash
DATE=$(date +%Y%m%d)
h8mail -l critical_emails.txt -o "breach_report_${DATE}.txt"Integration with bash automation
섹션 제목: “Integration with bash automation”h8mail -e target@example.com --json | jq '.[] | select(.breaches | length > 0)'Python scripting
섹션 제목: “Python scripting”import subprocess
import json
result = subprocess.run(
['h8mail', '-e', 'target@example.com', '--json'],
capture_output=True,
text=True
)
data = json.loads(result.stdout)Common Workflows
섹션 제목: “Common Workflows”Verify email in breach databases
섹션 제목: “Verify email in breach databases”h8mail -e suspicious@company.comMonitor employee email safety
섹션 제목: “Monitor employee email safety”h8mail -l company_staff.txt -o security_audit.txtIncident response - find compromised accounts
섹션 제목: “Incident response - find compromised accounts”h8mail -e compromised@domain.com -v --all-providersThreat hunting - trace attacker email
섹션 제목: “Threat hunting - trace attacker email”h8mail -e attacker@evil.com --chase -vCredential stuffing assessment
섹션 제목: “Credential stuffing assessment”h8mail -l internal_users.txt -o credstuffing_risk.json --jsonTroubleshooting
섹션 제목: “Troubleshooting”API key not recognized
섹션 제목: “API key not recognized”# Verify config file exists
cat ~/.h8mail_rc
# Check environment variable
echo $HIBP_API_KEYRate limiting errors
섹션 제목: “Rate limiting errors”# Add delay between requests
h8mail -l emails.txt --delay 3SSL certificate errors
섹션 제목: “SSL certificate errors”# Disable SSL verification (use cautiously)
h8mail -e target@example.com --insecureTimeout issues
섹션 제목: “Timeout issues”# Increase timeout
h8mail -e target@example.com --timeout 30Large file handling
섹션 제목: “Large file handling”# Process in chunks
split -l 100 emails.txt email_chunk_
for file in email_chunk_*; do h8mail -l "$file"; doneBest Practices
섹션 제목: “Best Practices”- API Limits: Respect rate limits; use delays between bulk searches
- Privacy: Only scan email addresses you have authorization to test
- Storage: Securely store breach data and results
- Updates: Keep h8mail updated for new breach service integrations
- Filtering: Use —only flag to query specific services and save API quota
- Logging: Combine -v and -o flags for detailed searchable results
- Automation: Use JSON output for automated parsing in scripts
Resources
섹션 제목: “Resources”- GitHub: https://github.com/khast3x/h8mail
- Documentation: https://github.com/khast3x/h8mail/wiki
- API Keys: Register with individual breach services for API access
- OSINT Tools: Integrate with Shodan, Maltego, TheHarvester