Project homepage

Getting straight into it:

  • Fixed Scylla errors - Scylla’s domain has migrated to scylla.so
  • Fixed IntelX bucket errors - h8mail will now check which buckets your API has access to before performing search
  • New JSON ouput - h8mail can now output results to JSON format using -j or --json. A data structure sample is included below
  • Breachdirectory.tk API integration - Breachdirectory.tk’s API has been integrated and added to config template. Key is free for infosec students and pro! 🔑

Updating h8mail

To update h8mail using pip3, simply use the following:

> pip3 install --upgrade h8mail

JSON output

Below is a simple demonstration of h8mail JSON output:

> h8mail -t [email protected] -j test.json
*** snip ***
> cat test.json | jq
{
   "targets":[
      {
         "target":"[email protected]",
         "pwn_num":108,
         "data":[
            [
               "SCYLLA_SOURCE:Collections"
            ],
            [
               "SCYLLA_PASSWORD:jontest",
               "SCYLLA_SOURCE:lbsg.net"
            ],
            [
               "SCYLLA_PASSWORD:Atoru",
               "SCYLLA_SOURCE:Collection1-btc-combo"
            ],
            [
               "SCYLLA_PASSWORD:x23abc",
               "SCYLLA_USERNAME:orinko0624",
               "SCYLLA_SOURCE:lbsg.net"
            ]
         ]
      }
   ]
}

Breachdirectory.tk API integration

Breachdirectory.tk integration follows the standard workflow for API integration. You will receive a username and password. Generate a configuration file, uncomment the two lines mentioning breachdirectory, fill with your username and password, save.

> h8mail -g
> nano h8mail_config.ini
# Uncomment breachdirectory user/pass, fill
> h8mail -t [email protected] -c h8mail_config.ini

📬 Follow me on Twitter to stay updated on future developments!