Table of content

Abstract

  • h8mail 2.5.3 has been released.
    • Integration of the powerful intelx.io API πŸ†•
      • IntelX offers a free 7 days API key to give them a try.
    • πŸ”§ Important bug fix for local searching and some quality of life.

Updating

Documentation on updating h8mail can be found here. Basically run:

$ pip3 install --upgrade h8mail

Complete h8mail documentation can be found here.
Be sure to check it out for more information on h8mail usage and troubleshooting.

New API: intelx.io ⭐

To quote from their website:

Intelligence X is an independent European technology company founded in 2018 by Peter Kleissner. The company is based in Prague, Czech Republic. Its mission is to develop and maintain the search engine and data archive. Intelligence X differentiates itself from other search engines in these unique ways:

  • The search works with selectors, i.e. specific search terms such as email addresses, domains, URLs, IPs, CIDRs, Bitcoin addresses, IPFS hashes, etc.
  • It searches in places such as the darknet, document sharing platforms, whois data, public data leaks and others.
  • It keeps a historical data archive of results, similar to how the Wayback Machine from archive.org stores historical copies of websites.

Basically, you can query stored archives of tons of leaks and pastes, and fetch data relevant to our targets. h8mail performs an integrated local search and returns aggregated results.

h8mail looking through a breach found on intelx.io

Aggregated results from a single file search

Getting a free trial API key

Obtain a free trial key that expires after a week

πŸ”Έ You can get your API key here. Once the account is verified, go to Account, then Developer. Copy your API key.

Using the API key

For detailed instructions, check out the dedicated wiki page.

Using a config file

Before proceeding, make sure to make a copy of your other API keys!

πŸ”Ή In your terminal, run the following:

# Generate a blank config file
# Will overwrite existing h8mail_config.ini file
$ h8mail -g
$ nano h8mail_config.ini

πŸ”Ή Uncomment the intelx_key and intelx_maxfile lines by removing ;.
πŸ”Ή Add your API key. Number of results per search is optional (default is 10).

πŸ”Ή Launch h8mail with the new config file, skip default checks. Save the output in a CSV file:

$ h8mail -t [email protected] -c h8mail_config.ini --skip -o intelx_1.csv

Using command line

πŸ”Ή Launch h8mail passing key by command line instead of config file, skip default checks:

$ h8mail -t [email protected] -k "intelx_key=my-api-key-goes-here" --skip

πŸ”Ž You can also query domains, IP addresses, usernames, hashes or even previous search results by using the --loose flag. This will tell h8mail not to look for email patterns. IntelX should understand what you’re looking for and return relevant search items to fetch.

πŸ’Ύ By default, h8mail will delete retrieved files after searching through them. You can find the source’s name or storage ID in h8mail’s output if you wish to look them up again.
If you wish to keep the retrieved files, run h8mail with --debug. This will print the search’s raw response, as well as skip file removal.
Temporary file’s names are based on the result’s systemid field.

This might be subject to change, but for now h8mail only queries for text media type (type 24).

Bug fixes & QoL

  • Local search can now look for loosey patterns in files (such as usernames)
  • Local file size formats to MB
  • Fixed typos
  • Update errors do not stop the execution anymore

πŸ“¬ Follow me on Twitter to stay updated on future developments!