OSINT - Email validation using forget-password functionality (Python).

These days most of OSINT guys were doing their investigations on humans/unknown emails data. Sometimes threat actor/attackers also do mistakes while creating accounts in multiple platforms. We have to take those mistakes as an advantage in our investigations, so most of the email addresses will be unknown in lot of Threat Intel investigations.

In this post, I would like to share one of the interesting github project which can take email address as an input and checking in top websites using “forget password” functionality.

Github Project:

Github- Holehe Project - https://github.com/megadose/holehe

Prerequisites:
pip3 install holehe==1.51
Installation:
git clone https://github.com/megadose/holehe.git
cd holehe/
python3 setup.py install
Demo:
Powershell code
Powershell command
Import as Python module:
from holehe import *
print(adobe("test@gmail.com"))
print(lastpass("test@gmail.com"))

References