logo
 
  1. IT-Security >
  2. Cyber Security Nachrichten >
  3. WhatBreach - OSINT Tool To Find Breached Emails And Databases


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

WhatBreach - OSINT Tool To Find Breached Emails And Databases

IT Security Nachrichten vom | Direktlink: feedproxy.google.com Nachrichten Bewertung


WhatBreach is a tool to search for breached emails and their corresponding database. It takes either a single email or a list of emails and searches them leveraging haveibeenpwned.com's API, from there (if there are any breaches) it will search for the query link on Dehashed pertaining to the database, and output all breaches along with all pastes that this email is included in (if any). If you are trying to find the database, passing a certain flag will also attempt to download available freely public databases from databases.today. If the query is found within the publicly listed it will download the database for you and save it into the projects home folder which will be located under ~/.whatbre ach_home/downloads.

Examples
As an example we will use [email protected] as the example search:
(venv) [email protected]:~/whatbreach$ python whatbreach.py -e "[email protected]"
[ i ] starting search on single email address: [email protected]
[ i ] searching breached accounts on HIBP related to: [email protected]
[ i ] searching for paste dumps on HIBP related to: [email protected]
[ i ] found a total of 67 database breach(es) and a total of 59 paste(s) pertaining to: [email protected]
------------------------------------------------------------------------------------
Breached Site: | Database Link:
Paste#26 | https://pastebin.com/b0zdYUzc
Paste#27 | https://pastebin.com/C6YUMUxk
Paste#24 | https://pastebin.com/JFvBG4HW
Paste#25 | https://pastebin.com/hi5yXRCn
Paste#22 | https://pastebin.com/mVrrDb9d
Paste#23 | https://pastebin.com/jBCPwT1e
Paste#20 | https://pastebin.com/uyG5ggf8
Paste#21 | https://pastebin.com/QrudBvXf
Paste#28 | https://pastebin.com/6fZtANAb
Paste#29 | https://pastebin.com/gffDmJ5X
... | ... # truncated to save space
Paste#13 | https://pastebin.com/RLVk8j3E
Paste#12 | https://pastebin.com/zaN47ZZJ
Paste#11 | https://pastebin.com/k193QzRG
Paste#10 | https://pastebin.com/Qhaf51b6
Paste#17 | http://siph0n.in/exploits.php?id=4440
Paste#16 | https://pastebin.com/j7YX2sJm
Paste#15 | https://pastebin.com/Sin9fR7f
Paste#14 | https://pastebin.com/jvSgnZkK
Paste#19 | https://pastebin.com/2rVemphh
VK | https://www.dehashed.com/search?query=VK
ArmyForceOnline | https://www.dehashed.com/search?query=ArmyForceOnline
Gawker | https://www.dehashed.com/search?query=Gawker
Paste#9 | http://www.pemiblanc.com/test.txt
Paste#8 | https://pastebin.com/EGS77pC4
Paste#7 | https://pastebin.com/pQdmx6mc
Paste#6 | https://pastebin.com/ZwUh4tcG
Paste#5 | https://pastebin.com/RkdC5arB
MySpace | https://www.dehashed.com/search?query=MySpace
Paste#3 | https://pastebin.com/GUV70Jqa
Paste#2 | https://pastebin.com/2eENex9n
Paste#1 | https://pastebin.com/rSd85uLK
Onverse | https://www.dehashed.com/search?query=Onverse
------------------------------------------------------------------------------------
You also have the option to suppress the discovered pastes:
(venv) [email protected]:~/whatbreach$ python whatbreach.py -e "[email protected]" -nP
[ i ] starting search on single email address: [email protected]
[ i ] searching breached accounts on HIBP related to: [email protected]
[ i ] searching for paste dumps on HIBP related to: [email protected]
[ w ] suppressing discovered pastes
[ i ] found a total of 67 database breach(es) and a total of 0 paste(s) pertaining to: [email protected]
------------------------------------------------------------------------------------
Breached Site: | Database Link:
Dropbox | https://www.dehashed.com/search?query=Dropbox
Leet | https://www.dehashed.com/search?query=Leet
MySpace | https://www.dehashed.com/search?query=MySpace
MyHeritage | https://www.dehashed.com/search?query=MyHeritage
ArmyForceOnline | https://www.dehashed.com/search?query=ArmyForceOnline
17Media | https://www.dehashed.co m/search?query=17Media
Xbox360ISO | https://www.dehashed.com/search?query=Xbox360ISO
LinkedIn | https://www.dehashed.com/search?query=LinkedIn
QuinStreet | https://www.dehashed.com/search?query=QuinStreet
Bookmate | https://www.dehashed.com/search?query=Bookmate
... | ... # truncated to save space
Dubsmash | https://www.dehashed.com/search?query=Dubsmash
MangaFox | https://www.dehashed.com/search?query=MangaFox
FashionFantasyGame | https://www.dehashed.com/search?query=FashionFantasyGame
Trillian | https://www.dehashed.com/search?query=Trillian
Disqus | https://www.dehashed.com/search?query=Disqus
NemoWeb | https://www.dehashed.com/search?query=NemoWeb
Gawker | https://www.dehashed.com/search?query=Gawker
CashCrate | https://www.dehashed.com/search?query=CashCrate
Tumblr | https://www.dehashed.com/search?query=Tumblr
PoliceOne | https://www.dehashed.com/search?query=PoliceOne
Onverse | https://www.dehashed.com/search?query=Onverse
Interpals | https://www.dehashed.com/search?query=Interpals
Seedpeer | https://www.dehashed.com/search?query=Seedpeer
HeroesOfNewerth | https://www.dehashed.com/search?query=HeroesOfNewerth
Bell2017 | https://www.dehashed.com/search?query=Bell2017
------------------------------------------------------------------------------------
As well as the discovered databases:
(venv) [email protected]:~/whatbreach$ python whatbreach.py -e "[email protected]" -nD
[ i ] starting search on single email address: [email protected]
[ i ] searching breached accounts on HIBP related to: [email protected]
[ i ] searching for paste dumps on HIBP related to: [email protected]
[ i ] found a total of 67 database breach(es) and a total of 59 paste(s) pertaining to: [email protected]
[ w ] suppressing discovered databases
-----------------------------------------------------------------------
Breached Site: | Database Link:
Paste#26 | https://pastebin.com/b0zdYUzc
Paste#27 | https://pastebin.com/C6YUMUxk
Paste#24 | https://pastebin.com/JFvBG4HW
Paste#25 | https://pastebin.com/hi5yXRCn
Paste#22 | https://pastebin.com/mVrrDb9d
Paste#23 | https://pastebin.com/jBCPwT1e
... | ... # truncated to save space
Paste#9 | http://www.pemiblanc.com/test.txt
Paste#8 | https://pastebin.com/EGS77pC4
Paste#7 | https://pastebin.com/pQdmx6mc
Paste#6 | https://pastebin.com/ZwUh4tcG
Paste#5 | https://pastebin.com/RkdC5arB
Paste#4 | https://pastebin.com/4qH2fRMc
Paste#3 | https://pastebin.com/GUV70Jqa
Paste#2 | https://pastebin.com/2eENex9n
Paste#1 | https://pastebin.com/rSd85uLK
Paste#52 | https://pastebin.com/ffkjfRrY
Paste#48 | http://balockae.online/files/Lizard Stresser.txt
Paste#49 | https://pastebin.com/bUq60ZKA
Paste#44 | http://siph0n.in/exploits.php?id=3667
Paste#45 | https://pastebin.com/MAFfXwGA
Paste#46 | http://pxahb.xyz/emailpass/www.chocolate.at.txt
Paste#47 | https://pastebin.com/zchq7iQS
Paste#40 | https://pastebin.com/sj9 eyM5w
Paste#41 | https://pastebin.com/wY9ghBM9
Paste#42 | https://pred.me/gmail.html
Paste#43 | https://pastebin.com/AnTUDMtj
-----------------------------------------------------------------------
I have also implemented the ability to search through a list of email addresses and check for the possibility of the email being a "Ten minute email", it will prompt you to continue if the email is found, since the possibility of using this email is next to none:
(venv) [email protected]:~/whatbreach$ python whatbreach.py -l test.txt -cT
[ i ] parsing email file: test.txt
[ i ] starting search on a total of 3 email(s)
[ i ] searching breached accounts on HIBP related to: [email protected]
[ i ] searching for paste dumps on HIBP related to: [email protected]
[ i ] found a total of 67 database breach(es) and a total of 59 paste(s) pertaining to: [email protected]
------------------------------------------------------------------------------------
Breached Site: | Database Link:
Paste#26 | https://pastebin.com/b0zdYUzc
Paste#27 | https://pastebin.com/C6YUMUxk
Paste#24 | https://pastebin.com/JFvBG4HW
Paste#25 | https://pastebin.com/hi5yXRCn
Paste#22 | https://pastebin.com/mVrrDb9d
Paste#23 | https://pastebin.com/jBCPwT1e
Paste#20 | https://pastebin.com/uyG5ggf8
Paste#21 | https://paste bin.com/QrudBvXf
R2Games | https://www.dehashed.com/search?query=R2Games
NemoWeb | https://www.dehashed.com/search?query=NemoWeb
Disqus | https://www.dehashed.com/search?query=Disqus
Adobe | https://www.dehashed.com/search?query=Adobe
... | ... # truncated to save space
Paste#15 | https://pastebin.com/Sin9fR7f
Paste#14 | https://pastebin.com/jvSgnZkK
Paste#19 | https://pastebin.com/2rVemphh
VK | https://www.dehashed.com/search?query=VK
ArmyForceOnline | https://www.dehashed.com/search?query=ArmyForceOnline
Gawker | https://www.dehashed.com/search?query=Gawker
Paste#9 | http://www.pemiblanc.com/test.txt
Paste#8 | https://pastebin.com/EGS77pC4
Paste#7 | https://pastebin.com/pQdmx6mc
Paste#6 | https://pastebin.com/ZwUh4tcG
Paste#5 | https://pastebin.com/RkdC5arB
MySpace | https://www.dehashed.com/search?query=MySpace
Paste#3 | https://pastebin.com/GUV70Jqa
Paste#2 | https://pastebin.com/2eENex9n
Paste#1 | https://pastebin.com/rSd85uLK
Onverse | https://www.dehashed.com/search?query=Onverse
------------------------------------------------------------------------------------
[ w ] email: [email protected] appears to be a ten minute email
[ ? ] would you like to process the email[y/N]: n
[ i ] searching breached accounts on HIBP related to: [email protected]
[ i ] searching for paste dumps on HIBP related to: [email protected]
[ i ] found a total of 6 database breach(es) and a total of 4 paste(s) pertaining to: [email protected]
----------------------------------------------------------------------------
Breached Site: | Database Link:
Adobe | https://www.dehashed.com/search?query=Adobe
Paste#4 | http://xn--e1alhsoq4c.xn--p1ai/base/Gmail.txt
Paste#3 | https://pastebin.com/GUV70Jqa
Paste#2 | https://pred.me/gmail.html
Paste#1 | https://pastebin.com/VVgL8Fzp
NemoWeb | https://www.dehashed.com/search?query=NemoWeb
----------------------------------------------------------------------------
The program is pretty straight forward but for simplicity I have provided the acceptable arguments below:
(venv) [email protected]:~/whatbreach$ python whatbreach.py --help
usage: whatbreach.py [-h] [-e EMAIL] [-l PATH] [-nD] [-nP] [-cT] [-d]

optional arguments:
-h, --help show this help message and exit

mandatory opts:
-e EMAIL, --email EMAIL
Pass a single email to scan for
-l PATH, -f PATH, --list PATH, --file PATH
Pass a file containing emails one per line to scan

search opts:
-nD, --no-dehashed Suppres dehashed output
-nP, --no-pastebin Suppress Pastebin output

misc opts:
-cT, --check-ten-minute
Check if the provided email address is a ten minute
email or not
-d, --download Attempt to dow nload the database if there is one
available

Installation
Installing is extremely easy, just run pip install -r requirements.txt


...

Externe Webseite mit kompletten Inhalt öffnen

Kommentiere zu WhatBreach - OSINT Tool To Find Breached Emails And Databases






➤ Ähnliche Beiträge

  • 1.

    WhatBreach - OSINT Tool To Find Breached Emails And Databases

    vom 678.83 Punkte ic_school_black_18dp
    WhatBreach is a tool to search for breached emails and their corresponding database. It takes either a single email or a list of emails and searches them leveraging haveibeenpwned.com's API, from there (if there are any breaches) it will search for the query link on Dehashed pertaining to the database, and output all breaches along with all pastes that this email is included in (if any). If you are t
  • 2.

    OSINT-SPY - Search using OSINT (Open Source Intelligence)

    vom 486.71 Punkte ic_school_black_18dp
    Performs OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. OSINT-SPY Documentati
  • 3.

    pwnedOrNot v1.2.6 - OSINT Tool to Find Passwords for Compromised Email Addresses

    vom 174.42 Punkte ic_school_black_18dp
    OSINT Tool to Find Passwords for Compromised Email AccountspwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps.Featured OSINT Collection Tools for Pastebin - Jake Creps Get In Touch Twitter Telegra
  • 4.

    H8Mail v2.0 - Email OSINT And Password Breach Hunting

    vom 163.92 Punkte ic_school_black_18dp
    Powerful and user-friendly password finder.Use h8mail to find passwords through different breach and reconnaissance services, or using local breaches such as Troy Hunt's "Collection1" or the infamous "Breach Compilation" torrent. Features Email pattern
  • 5.

    Malcolm - A Powerful, Easily Deployable Network Traffic Analysis Tool Suite For Full Packet Capture Artifacts (PCAP Files) And Zeek Logs

    vom 156.82 Punkte ic_school_black_18dp
    Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be
  • 6.

    Dr. ROBOT - Tool To Enumerate The Subdomains Associated With A Company By Aggregating The Results Of Multiple OSINT Tools

    vom 145.86 Punkte ic_school_black_18dp
    Dr. ROBOT is a tool for Domain Reconnaissance and Enumeration. By utilizing containers to reduce the overhead of dealing with dependencies, inconsistency across operating sytems, and different languages, Dr. ROBOT is built to be highly portable and configurable.
  • 7.

    Buster - Find Emails Of A Person And Return Info Associated With Them

    vom 142.07 Punkte ic_school_black_18dp
    Buster is a simple OSINT tool used to: Get social accounts from various sources(gravatar,about.me,myspace,skype,github,linkedin,avast) Get links to where the email was found using google,twitter,darksearch and paste sites Get domains registered with a
  • 8.

    AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide

    vom 126.37 Punkte ic_school_black_18dp
    Original release date: October 11, 2018Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.[1][2][3][4][5] In it we highlight the use of five publicly
  • 9.

    Announcing .NET Core 3 Preview 1 and Open Sourcing Windows Desktop Frameworks

    vom 116.15 Punkte ic_school_black_18dp
    Today, we are announcing .NET Core 3 Preview 1. It is the first public release of .NET Core 3. We have some exciting new features to share and would love your feedback. You can develop .NET Core 3 applications with Visual Studio 2019 Preview 1, Visual St
  • 10.

    Lyons Insurance Broker Company Data Breached

    vom 108.71 Punkte ic_school_black_18dp
    Data Breached in Lyons Insurance USA Based Company What Happened? On March 12, 2019, Lyons learned of unusual activity in an employee email account... The post Lyons Insurance Broker Company Data Breached appeared first on HackersOnlineClub.
  • 11.

    Tool-X - A Kali Linux Hacking Tool Installer

    vom 106.84 Punkte ic_school_black_18dp
    What is Tool-X ?Tool-X is a kali linux hacking Tool installer. Tool-X is Developed By Rajkumar Dusad. with the help of Tool-X you can install best hacking tools in Rooted or Non Rooted Android devices. In the Tool-X there are almost 240 hacking tools availa
  • 12.

    TA18-074A: Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors

    vom 98.88 Punkte ic_school_black_18dp
    Original release date: March 15, 2018Systems Affected Domain ControllersFile ServersEmail ServersOverview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bu