h8mail v2.4 release

on under h8mail
1 minute read

Abstract

h8mail 2.4 has been released. This one is quick but deadly.

Click here to read previous h8mail v2.3 release post.

Documentation on updating h8mail can be found here

Scylla.sh

Added scylla.sh’s API to default h8mail calls. Scylla has an open API to query cleartext data for emails, passwords, hashs, domains and IPs!

Scylla is maintained by Alejandro Caceres (hyp3ri0n). Be sure to say thanks and to support his work if you can.

h8mail now uses scylla by default. This can be stopped by using the --skip argument.
h8mail will first check if scylla.sh is up, if not, calling the Scylla API is skipped.

Scylla.sh supports other queries, including username, hash, domain, password and IP!

  • To use a custom query for scylla.sh, just use -q as you would normally do for premium services:
    $ h8mail -t JSmith89 -q username
    $ h8mail -t evilcorp.com -q domain
    

You can refer to the custom queries documentation to view all supported queries

Scylla currently offers the following databases for querying:

The zoosk Database
The badoo_normalized Database
The tumblr Database
The exploit Database
The webhostingtalk Database
The 000webhost Database
The myspace Database
The aimjunkies Database
The xsplit Database
The abandonia Database
The linkedin Database
The lastfm Database
The 7k7k Database
The twitter Database
The dropbox Database
The xhamster Database
The cdprojektred Database
The edmodo Database

I’m very thankfull for Alejandro’s work, and this new service really pushes h8mail capabilities. Again, be sure to support his work as hosting it is very expensive.

Misc

  • Added Emailrep.io breach count to default output
  • Removed old HIBP v2 calls
  • Reordered data parsing so it looks more natural on output
  • Explicit python3 calls in makefile

logo-transparent.png

h8mail, OSINT, password, breach, haveibeenpwned, leak, docker, username, scylla