2015/04/01

New Script/Tool: Email Address Finder


While performing various phishing exercises/engagements, I found myself having to identify list of potential email addresses on a regular basis.  Tools like "theHarvester" make this task easier, however, theHarvester does not just find email addresses.  It also finds associated host names and while it does search a large number of search engines, it did not search all of the ones I thought it should.

As a result, I ended up writing my own minimal script to search for email addresses across all of the search engines I could think of at the time.  The tool currently searches for email address from 8 different search engine sources:

  • google
  • bing
  • ask
  • dogpile
  • yandex
  • baidu
  • yahoo
  • duckduckgo
simply run:
python find_emails.py <target domain>
and it will start querying each of the above listed search engines for records that match
@<target domain>
and then parse the resulting output for strings that match the email regex of
[a-zA-Z0-9\.\-_]+@[a-zA-Z0-9\.\-]* + <target domain>
Once the regex has been applied, all of the identified email address are added to a list, and uniqued to produce the final list of identified potential email addresses.

I fully admit that this code is not new or unique, but I wrote it to suit my needs and if you find it useful as well, then please let me know.  If you have suggested improvements, find errors, etc, please let me know as well.

You can find this code located at: https://github.com/tatanus/PHISHING/blob/master/SCRIPTS/find_emails.py

No comments:

Post a Comment