Holehe OSINT - Email to Registered Accounts

Overview

Holehe OSINT - Email to Registered Accounts

PyPI PyPI - Week PyPI - Downloads PyPI - License

Summary

Efficiently finding registered accounts from emails.

Holehe checks if an email is attached to an account on sites like twitter, instagram, imgur and more than 120 others.

πŸ› οΈ Installation

With PyPI

pip3 install holehe

With Github

git clone https://github.com/megadose/holehe.git
cd holehe/
python3 setup.py install

Quick Start

Holehe can be run from the CLI and rapidly embedded within existing python applications.

πŸ“š CLI Example

πŸ“ˆ Python Example

import trio
import httpx

from holehe.modules.social_media.snapchat import snapchat


async def main():
    email = "[email protected]"
    out = []
    client = httpx.AsyncClient()

    await snapchat(email, client, out)

    print(out)
    await client.aclose()

trio.run(main)

Module Output

For each module, data is returned in a standard dictionary with the following json-equivalent format :

{
  "name": "example",
  "rateLimit": false,
  "exists": true,
  "emailrecovery": "ex****[email protected]",
  "phoneNumber": "0*******78",
  "others": null
}
  • rateLitmit : Lets you know if you've been rate-limited.
  • exists : If an account exists for the email on that service.
  • emailrecovery : Sometimes partially obfuscated recovery emails are returned.
  • phoneNumber : Sometimes partially obfuscated recovery phone numbers are returned.
  • others : Any extra info.

Rate limit? Change your IP.

Maltego Transform : Holehe Maltego

Thank you to :

Donations

For BTC Donations : 1FHDM49QfZX6pJmhjLE5tB2K6CaTLMZpXZ

πŸ“ License

GNU General Public License v3.0

Built for educational purposes only.

Modules

Name Domain Method Frequent Rate Limit
aboutme about.me register ✘
adobe adobe.com password recovery ✘
amazon amazon.com login ✘
amocrm amocrm.com register ✘
anydo any.do login βœ”
archive archive.org register ✘
armurerieauxerre armurerie-auxerre.com register ✘
atlassian atlassian.com register ✘
axonaut axonaut.com register ✘
babeshows babeshows.co.uk register ✘
badeggsonline badeggsonline.com register ✘
biosmods bios-mods.com register ✘
biotechnologyforums biotechnologyforums.com register ✘
bitmoji bitmoji.com login ✘
blablacar blablacar.com register βœ”
blackworldforum blackworldforum.com register βœ”
blip blip.fm register βœ”
blitzortung forum.blitzortung.org register ✘
bluegrassrivals bluegrassrivals.com register ✘
bodybuilding bodybuilding.com register ✘
buymeacoffee buymeacoffee.com register βœ”
cambridgemt discussion.cambridge-mt.com register ✘
caringbridge caringbridge.org register ✘
chinaphonearena chinaphonearena.com register ✘
clashfarmer clashfarmer.com register βœ”
codecademy codecademy.com register βœ”
codeigniter forum.codeigniter.com register ✘
codepen codepen.io register ✘
coroflot coroflot.com register ✘
cpaelites cpaelites.com register ✘
cpahero cpahero.com register ✘
cracked_to cracked.to register βœ”
crevado crevado.com register βœ”
deliveroo deliveroo.com register βœ”
demonforums demonforums.net register βœ”
devrant devrant.com register ✘
diigo diigo.com register ✘
discord discord.com register ✘
docker docker.com register ✘
dominosfr dominos.fr register βœ”
ebay ebay.com login βœ”
ello ello.co register ✘
envato envato.com register ✘
eventbrite eventbrite.com login ✘
evernote evernote.com login ✘
fanpop fanpop.com register ✘
firefox firefox.com register ✘
flickr flickr.com login ✘
freelancer freelancer.com register ✘
freiberg drachenhort.user.stunet.tu-freiberg.de register ✘
garmin garmin.com register βœ”
github github.com register ✘
google google.com register βœ”
gravatar gravatar.com other ✘
hubspot hubspot.com login ✘
imgur imgur.com register βœ”
insightly insightly.com login ✘
instagram instagram.com register βœ”
issuu issuu.com register ✘
koditv forum.kodi.tv register ✘
komoot komoot.com register βœ”
laposte laposte.fr register ✘
lastfm last.fm register ✘
lastpass lastpass.com register ✘
mail_ru mail.ru password recovery ✘
mybb community.mybb.com register ✘
myspace myspace.com register ✘
nattyornot nattyornotforum.nattyornot.com register ✘
naturabuy naturabuy.fr register ✘
ndemiccreations forum.ndemiccreations.com register ✘
nextpvr forums.nextpvr.com register ✘
nike nike.com register ✘
nimble nimble.com register ✘
nocrm nocrm.io register ✘
nutshell nutshell.com register ✘
odampublishing forum.odampublishing.com register ✘
odnoklassniki ok.ru password recovery ✘
office365 office365.com other βœ”
onlinesequencer onlinesequencer.net register ✘
parler parler.com login ✘
patreon patreon.com login βœ”
pinterest pinterest.com register ✘
pipedrive pipedrive.com register ✘
plurk plurk.com register ✘
pornhub pornhub.com register ✘
protonmail protonmail.ch other ✘
quora quora.com register ✘
raidforums raidforums.com register βœ”
rambler rambler.ru register ✘
redtube redtube.com register ✘
replit replit.com register βœ”
rocketreach rocketreach.co register ✘
samsung samsung.com register ✘
seoclerks seoclerks.com register ✘
sevencups 7cups.com register βœ”
smule smule.com register βœ”
snapchat snapchat.com login ✘
soundcloud soundcloud.com register ✘
sporcle sporcle.com register ✘
spotify spotify.com register βœ”
strava strava.com register ✘
taringa taringa.net register βœ”
teamleader teamleader.com register ✘
teamtreehouse teamtreehouse.com register ✘
tellonym tellonym.me register ✘
thecardboard thecardboard.org register ✘
therianguide forums.therian-guide.com register ✘
thevapingforum thevapingforum.com register ✘
treasureclassifieds forum.treasureclassifieds.com register ✘
tumblr tumblr.com register ✘
tunefind tunefind.com register βœ”
twitter twitter.com register ✘
venmo venmo.com register βœ”
vivino vivino.com register ✘
voxmedia voxmedia.com register ✘
vrbo vrbo.com register ✘
vsco vsco.co register ✘
wattpad wattpad.com register βœ”
wordpress wordpress login ✘
xing xing.com register ✘
xnxx xnxx.com register βœ”
xvideos xvideos.com register ✘
yahoo yahoo.com login βœ”
zoho zoho.com login βœ”
Comments
  • Error everytime I run

    Error everytime I run

    I'm running: https://cdimage.kali.org/kali-2020.4/kali-linux-2020.4-live-amd64.iso (Debian 9.x Kali)

    I downloaded and installed holehe from this git page, (most up to date).

    How do i stop this error?

    Error: Twitter : @palenath Github : https://github.com/megadose/holehe For BTC Donations : 1FHDM49QfZX6pJmhjLE5tB2K6CaTLMZpXZ Traceback (most recent call last): File "/usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_exceptions.py", line 326, in map_exceptions yield File "/usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_client.py", line 1502, in _send_single_request (status_code, headers, stream, ext,) = await transport.arequest( File "/usr/local/lib/python3.8/dist-packages/httpcore-0.12.2-py3.8.egg/httpcore/_async/connection_pool.py", line 218, in arequest response = await connection.arequest( File "/usr/local/lib/python3.8/dist-packages/httpcore-0.12.2-py3.8.egg/httpcore/_async/connection.py", line 93, in arequest self.socket = await self._open_socket(timeout) File "/usr/local/lib/python3.8/dist-packages/httpcore-0.12.2-py3.8.egg/httpcore/_async/connection.py", line 119, in _open_socket return await self.backend.open_tcp_stream( File "/usr/local/lib/python3.8/dist-packages/httpcore-0.12.2-py3.8.egg/httpcore/_backends/auto.py", line 44, in open_tcp_stream return await self.backend.open_tcp_stream( File "/usr/local/lib/python3.8/dist-packages/httpcore-0.12.2-py3.8.egg/httpcore/_backends/trio.py", line 165, in open_tcp_stream return SocketStream(stream=stream) File "/usr/lib/python3.8/contextlib.py", line 131, in exit self.gen.throw(type, value, traceback) File "/usr/local/lib/python3.8/dist-packages/httpcore-0.12.2-py3.8.egg/httpcore/_exceptions.py", line 12, in map_exceptions raise to_exc(exc) from None httpcore.ConnectTimeout

    The above exception was the direct cause of the following exception:

    Traceback (most recent call last): File "/usr/local/bin/holehe", line 33, in sys.exit(load_entry_point('holehe==1.58.6.5', 'console_scripts', 'holehe')()) File "/usr/local/lib/python3.8/dist-packages/holehe-1.58.6.5-py3.8.egg/holehe/core.py", line 194, in main trio.run(maincore) File "/usr/local/lib/python3.8/dist-packages/trio-0.18.0-py3.8.egg/trio/_core/_run.py", line 1932, in run raise runner.main_task_outcome.error File "/usr/local/lib/python3.8/dist-packages/holehe-1.58.6.5-py3.8.egg/holehe/core.py", line 182, in maincore nursery.start_soon(launch_module, website, email, client, out ,args) File "/usr/local/lib/python3.8/dist-packages/trio-0.18.0-py3.8.egg/trio/_core/_run.py", line 815, in aexit raise combined_error_from_nursery File "/usr/local/lib/python3.8/dist-packages/holehe-1.58.6.5-py3.8.egg/holehe/core.py", line 148, in launch_module await module(email, client, out) File "/usr/local/lib/python3.8/dist-packages/holehe-1.58.6.5-py3.8.egg/holehe/modules/jobs/freelancer.py", line 23, in freelancer response = await client.post('https://www.freelancer.com/api/users/0.1/users/check?compact=true&new_errors=true', data=data, headers=headers) File "/usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_client.py", line 1633, in post return await self.request( File "/usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_client.py", line 1371, in request response = await self.send( File "/usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_client.py", line 1406, in send response = await self._send_handling_auth( File "/usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_client.py", line 1444, in _send_handling_auth response = await self._send_handling_redirects( File "/usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_client.py", line 1476, in _send_handling_redirects response = await self._send_single_request(request, timeout) File "/usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_client.py", line 1502, in _send_single_request (status_code, headers, stream, ext,) = await transport.arequest( File "/usr/lib/python3.8/contextlib.py", line 131, in exit self.gen.throw(type, value, traceback) File "/usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_exceptions.py", line 343, in map_exceptions raise mapped_exc(message, **kwargs) from exc # type: ignore httpx.ConnectTimeout /usr/local/lib/python3.8/dist-packages/httpx-0.16.1-py3.8.egg/httpx/_client.py:1781: UserWarning: Unclosed <httpx.AsyncClient object at 0x7f085e77ac10>. See https://www.python-httpx.org/async/#opening-and-closing-clients for details.

    opened by user333222 16
  • false positive with pinterest check

    false positive with pinterest check

    Hi, after a few repeated attempts in a few minutes I verified that the check on pinterest always starts returning used for the account. Can you please check? Thank you very much!

    opened by fastfire 6
  • flickr.py show allways Rate_limit

    flickr.py show allways Rate_limit

    The flickr module is allways returning Rate_limit = true. Flickr must have changed something. Based on this: https://www.aware-online.com/en/email-to-flickr-account-part1/ i could produce a working version for this module, just don't know how to submit (for now)

    opened by ro-gi 5
  • SyntaxError: invalid syntax

    SyntaxError: invalid syntax

    Describe the bug Running Holhe returns a Syntax Error.

    To Reproduce Steps to reproduce the behavior:

    1. run holhe
    2. Errored Copy and Paste File "/usr/local/lib/python3.6/dist-packages/holehe/modules/products/samsung.py", line 90 if found := re.search(phone_number_pattern, req.text):
    opened by trashmanbrah 4
  • Runtime Error

    Runtime Error

    Describe the bug Fails to run

    To Reproduce Steps to reproduce the behavior: run holehe gmail.com

    Expected behavior gets info

    Screenshots If applicable, add screenshots to help explain your problem.

    Desktop (please complete the following information):

    • OS: Ubuntu
    • Browser firefox
    • version latest

    ➜ ~ holehe [email protected] Twitter : @palenath Github : https://github.com/megadose/holehe For BTC Donations : 1FHDM49QfZX6pJmhjLE5tB2K6CaTLMZpXZ 0%| | 0/121 [00:00<?, ?it/s]/home/rajaa/.local/lib/python3.9/site-packages/anyio/_backends/_trio.py:164: TrioDeprecationWarning: trio.MultiError is deprecated since Trio 0.22.0; use BaseExceptionGroup (on Python 3.11 and later) or exceptiongroup.BaseExceptionGroup (earlier versions) instead (https://github.com/python-trio/trio/issues/2211) class ExceptionGroup(BaseExceptionGroup, trio.MultiError): 92%|β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ– | 111/121 [00:01<00:00, 85.89it/s]Traceback (most recent call last): File "/home/rajaa/.local/bin/holehe", line 8, in <module> sys.exit(main()) File "/home/rajaa/.local/lib/python3.9/site-packages/holehe/core.py", line 226, in main trio.run(maincore) File "/home/rajaa/.local/lib/python3.9/site-packages/trio/_core/_run.py", line 2010, in run raise runner.main_task_outcome.error File "/home/rajaa/.local/lib/python3.9/site-packages/holehe/core.py", line 218, in maincore await client.aclose() File "/home/rajaa/.local/lib/python3.9/site-packages/httpx/_client.py", line 1974, in aclose await self._transport.aclose() File "/home/rajaa/.local/lib/python3.9/site-packages/httpx/_transports/default.py", line 365, in aclose await self._pool.aclose() File "/home/rajaa/.local/lib/python3.9/site-packages/httpcore/_async/connection_pool.py", line 312, in aclose raise RuntimeError( RuntimeError: The connection pool was closed while 9 HTTP requests/responses were still in-flight. 100%|β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ| 121/121 [00:02<00:00, 45.66it/s] ➜ ~

    opened by Alpha-404 3
  • Error trying to execute 'holehe' command

    Error trying to execute 'holehe' command

    Note that "Name" was added by me to not reveal my real name. My name contains swedish letters "ÅÄÖ" so I added the following code to holehe-script.py " # -- coding: utf-8 -- " because it didn't like my swedish letters.

    C: \Users\Name> holehe [email protected] Twitter : @palenath Github : https://github.com/megadose/holehe For BTC Donations: 1FHDM49QfZX6pJmhjLE5tB2K6CaTLMZpXZ Error in sys.excepthook: Traceback(most recent call last): File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\linecache.py", line 47, in getlines return updatecache(filename, module_globals) File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\linecache.py", line 137, in updatecache lines = fp.readlines() File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\codecs.py", line 322, in decode (result, consumed) = self._buffer_decode(data, self.errors, final) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf6 in position 46: invalid start byte

    Original exception was: Traceback(most recent call last): File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\Scripts\holehe-script.py", line 13, in < module > File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\site-packages\holehe\core.py", line 226, in main trio.run(maincore) File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\site-packages\trio_core_run.py", line 2010, in run raise runner.main_task_outcome.error File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\site-packages\holehe\core.py", line 199, in maincore modules = import_submodules("holehe.modules") File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\site-packages\holehe\core.py", line 46, in import_submodules results.update(import_submodules(full_name)) File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\site-packages\holehe\core.py", line 44, in import_submodules results[full_name] = importlib.import_module(full_name) File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\importlib_init_.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1006, in _gcd_import File "", line 983, in _find_and_load File "", line 967, in _find_and_load_unlocked File "", line 677, in _load_unlocked File "", line 724, in exec_module File "", line 860, in get_code File "", line 791, in source_to_code File "", line 219, in _call_with_frames_removed File "C:\Users\Name\AppData\Local\Programs\Python\Python37-32\lib\site-packages\holehe\modules\products\samsung.py", line 90 if found := re.search(phone_number_pattern, req.text): ^SyntaxError: invalid syntax

    opened by das-peterj 2
  • zsh: command not found: holehe

    zsh: command not found: holehe

    I've just installed holehe via the command pip3 install holehe

    When I'm trying to launch the command holehe, I have this issue : zsh: command not found: holehe

    opened by Mathtoan 2
  • Incorrect results glitch

    Incorrect results glitch

    I've found a glitch. It concerns Nike.com in connection with a Gmail.

    To reproduce: create a Nike account with a Gmail, run the Gmail on Holehe (it will correctly show a Nike account), then go to your Nike account settings and change the email on there into something else (other than Gmail provider), then run the Gmail again, and Holehe will still show (this time incorrectly) a Nike account. Same result even for randomized Gmail catchalls such as myname+1234@gmail

    Nike must have changed something on their backend because this is definitely a new glitch. Bottom line is, whatever Nike did makes Holehe spit out incorrect info

    opened by ghost 2
  • Get masked phone number from Samsung website

    Get masked phone number from Samsung website

    I've seen that it's possible to get a masked phone number of a samsung user through the password recovery procedure of samsung's website so I integrated it into the code. I tested the change using emails taken from many public online databases and it worked perfectly.

    opened by lorenzofavaro 2
  • Crashes at Snapchat and Ebay modules Parse (out.text.split)

    Crashes at Snapchat and Ebay modules Parse (out.text.split)

    Describe the bug during running the "snapchat" example, and Ebay also, the code crashes during the out.text.split answer received with httpx.response.

    i didn't check but my guess that there is more modules with the split-fails crashes...

    To Reproduce Steps to reproduce the behavior: run the example with the Snapchat module. as shown in the holehe.

    opened by YevgenyMe 2
  • Metaclass Conflict

    Metaclass Conflict

    Hi,

    I tried to install holehe on my computer, however it gives me this issue when running holehe [email protected] or an example.py file with your code...

    TypeError: metaclass conflict: the metaclass of a derived class must be a (non-strict) subclass of the metaclasses of all its bases

    How can I fix it?

    opened by feedesreves 2
  • Snapchat python module always returns rateLimit: True

    Snapchat python module always returns rateLimit: True

    Describe the bug:

    Holehe Snapchat module as used in README.md "Python Example" header yields Exception:

    IndexError: list index out of range Traceback:

    Traceback (most recent call last):
      File "W:\Development\Python\(MyProject)\(MyModule).py", line 21, in <module>
        trio.run(main)
      File "W:\Development\Python\venv\(MyProject)\Lib\site-packages\trio\_core\_run.py", line 2010, in run
        raise runner.main_task_outcome.error
      File "W:\Development\Python\(MyProject)\(MyModule).py", line 16, in main
        await snapchat(email, client, out)
      File "W:\Development\Python\venv\(MyProject)\Lib\site-packages\holehe\modules\social_media\snapchat.py", line 12, in snapchat
        xsrf = req.text.split('data-xsrf="')[1].split('"')[0]
               ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^
    IndexError: list index out of range
    

    To Reproduce Steps to reproduce the behavior:

    1. Call snapchat module (done exactly via example Python code in README.md)
    2. Receive IndexError Exception
    3. To resolve, modify Snapchat module to use new snapchat authpage URL ( See Context section below )
    4. Verify field 'data-xsrf=' is being scraped properly on new login page
    5. rateLimit always returns True

    Expected behavior Module output rateLimit field to properly show false when not actually ratelimited

    Environment:

    • OS: [Windows 10 x64]
    • Python Version: Tested module on Python 3.8/3.11
    • Holehe installed via pip3 on both versions

    Additional context

    After some quick investigation, the initial exception issue seems to be related to a move or change in the page Snapchat is using for their login portal:

    Previous URL (in holehe module): https://accounts.snapchat.com (HTTP status 302 found) Current URL (tested working): https://accounts.snapchat.com/accounts/login (HTTP status 200 OK)

    Simply changing the URL in the module (line 11) resolves the Index Error exception and grabs data-xsrf field, however it seems to probably go a little deeper than that, since the subsequent output seems to call the exception handler in the module (line 44).

    Subsequent output:

    [{'name': 'snapchat', 'domain': 'snapchat.com', 'method': 'login', 'frequent_rate_limit': False, 'rateLimit': True, 'exists': False, 'emailrecovery': None, 'phoneNumber': None, 'others': None}]

    It would seem unlikely to be an actual ratelimit, as I have tried this both over VPN (a few locations) and home connection with same result.

    This is speculation, but using browser dev tools to inspect snapchat's new login URL shows a new hidden input field under the xsrf-token field named "arkose-token" along with a "data-use-arkose="true" field in the same pusher div as data-xsrf="$token".

    Arkose Labs appears to be a company that provides "Bot Prevention" services (ref: https://www.arkoselabs.com/)

    This is my first bug report - I wanted to be thorough - apologies if it's a little verbose!

    opened by bhardy0630 0
  • error on protonmail module

    error on protonmail module

    Let's try Holehe with a protonmail address which I'm sure, it doesn't exist like : [email protected] (verified on protonmail sign up). And result of Holehe tool is : [+] protonmail.ch / Date, time of the creation 2020-04-28 12:52:34 Protonmail module seems to verify if a protonmail address is possible but not if it really exists or not.

    Thanks a lot your tool Holehe ;)

    opened by Val8ska 0
  • timeout argument is not configured with type=int

    timeout argument is not configured with type=int

    In core.py maincore function

    parser.add_argument("-T","--timeout", default=10, required=False,dest="timeout", should be parser.add_argument("-T","--timeout", type=int, default=10, required=False,dest="timeout",

    or otherwise the argument is considered a string and then "client = httpx.AsyncClient(timeout=timeout)" produces a client which fails on all requests.

    opened by guylando 0
  • added module for Le Monde

    added module for Le Monde

    Hello,

    I added a module for the news website "Le Monde". I added it in the "media" folder altough it may be best suited to create a dedicated "newspaper" folder. There seems to be a rate limit where after a certain amount of requests the website return a 406 status code.

    opened by Baroude 0
  • [FEATURE REQUEST] Proxy

    [FEATURE REQUEST] Proxy

    Is your feature request related to a problem? Please describe. When running the script multiple time, we can have limitations on given websites.

    Describe the solution you'd like An option to use a proxy would be a solution.

    Additional context Add the option -proxy ip:port to use a proxy for all the requests.

    opened by LucBerge 1
Owner
Palenath
Palenath
Discord-email-spammer-exploit - A discord email spammer exploit with python

Discord-email-spammer-exploit was made by Love ❌ code βœ… ?? ・Description First it

Rdimo 25 Aug 13, 2022
SpiderFoot automates OSINT collection so that you can focus on analysis.

SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of m

Steve Micallef 9k Jan 8, 2023
NExfil is an OSINT tool written in python for finding profiles by username.

NExfil is an OSINT tool written in python for finding profiles by username. The provided usernames are checked on over 350 websites within few seconds.

thewhiteh4t 1.4k Jan 1, 2023
The Devils Eye is an OSINT tool that searches the Darkweb for onion links and descriptions that match with the users query without requiring the use for Tor.

The Devil's Eye searches the darkweb for information relating to the user's query and returns the results including .onion links and their description

Richard Mwewa 135 Dec 31, 2022
This tool was created in order to automate some basic OSINT tasks for penetration testing assingments.

This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where this function first perform basic google dorking to find the targets public documents. These documents will then be downloaded to the attackers computer and can be used further to identify metadata about the client.

Tobias 5 May 31, 2022
An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic lights, Refridgerators, Smart TVs etc.

An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic

Richard Mwewa 48 Nov 20, 2022
Mr.Holmes is a information gathering tool (OSINT)

?? Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t

null 534 Jan 8, 2023
A OSINT tool coded in python

Argus Welcome to Argus, a OSINT tool coded in python. Disclaimer I Am not responsible what you do with the information that is given to you by my tool

Aidan 2 Mar 20, 2022
SSH Tool For OSINT and then Cracking.

sshmap SSH Tool For OSINT and then Cracking. Linux Systems Only Usage: Scanner Syntax: scanner start/stop/status - Sarts/stops/sho

Miss Bliss 5 Apr 4, 2022
Sentinel-1 SAR time series analysis for OSINT use

SARveillance Sentinel-1 SAR time series analysis for OSINT use. Description Generates a time lapse GIF of the Sentinel-1 satellite images for the loca

null 21 Dec 9, 2022
Web-eyes - OSINT tools for website research

WEB-EYES V1.0 web-eyes: OSINT tools for website research, 14 research methods ar

null 8 Nov 10, 2022
Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone

Simple OSINT script to find Instagram profiles by name and e-mail/phone

null 108 Jan 7, 2023
OSINT Cybersecurity Tools

OSINT Cybersecurity Tools Welcome to the World of OSINT: An ongoing collection of awesome tools and frameworks, best security software practices, libr

Paul Veillard, P. Eng 7 Jul 1, 2022
Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolecciΓ³n de informaciΓ³n Pronto mΓ‘s opciones In

null 3 Apr 9, 2022
Now patched 0day for force reseting an accounts password

Animal Jam 0day No-Auth Force Password Reset via API Now patched 0day for force reseting an accounts password Used until patched to cause anarchy. Pro

IRIS 10 Nov 17, 2022
Guess the password for Tik Tok accounts

Guess the password for Tik Tok accounts Tool features : You don't need proxies There is no captcha Running on a private api Combo T

null 32 Dec 25, 2022
Brute Force Guess the password for Instgram accounts with python

Brute-Force-instagram Guess the password for Instgram accounts Tool features : It has two modes: 1- Combo system from you 2- Automatic (random) system

null 45 Dec 11, 2022
Gmail Accounts Hacking

gmail-hack Gmail Accounts Hacking Gemail-Hack python script for Hack gmail account brute force What is brute force attack? In brute force attack,scrip

Aryan 25 Nov 10, 2022
A python script to brute-force guess the passwords to Instagram accounts

Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i

Moondog 2 Nov 16, 2021