E-mails

Online tools

# Domain e-mail syntax finder
https://www.email-format.com
https://hunter.io

# E-mail validator
https://tools.verifyemailaddress.io/
http://mailtester.com
https://dnslytics.com/email-test
https://verify-email.org/
https://verifalia.com/validate-email


The Harvester

# theHarvester is a famous OSINT and scrapping tool for passiv recon on targets
# Using API keys will highly increase results

# TheHarvester received a great
# Following modules need API key (api-keys.yaml)
# bing, github, hunter, intlex, securitytrails, shodan, spyse

Usage: theharvester options

       -d: Domain to search or company name
       -b: data source: baidu, bing, bingapi, dogpile, google, googleCSE,
                        googleplus, google-profiles, linkedin, pgp, twitter, vhost,
                        virustotal, threatcrowd, crtsh, netcraft, yahoo, all

       -s: start in result number X (default: 0)
       -v: verify host name via dns resolution and search for virtual hosts
       -f: save the results into an HTML and XML file (both)
       -n: perform a DNS reverse query on all ranges discovered
       -c: perform a DNS brute force for the domain name
       -t: perform a DNS TLD expansion discovery
       -e: use this DNS server
       -p: port scan the detected hosts and check for Takeovers (80,443,22,21,8080)
       -l: limit the number of results to work with(bing goes from 50 to 50 results,
            google 100 to 100, and pgp doesn\'t use this option)
       -h: use SHODAN database to query discovered hosts

Examples:
        theharvester -d microsoft.com -l 500 -b google -h myresults.html
        theharvester -d microsoft.com -b pgp
        theharvester -d microsoft -l 200 -b linkedin
        theharvester -d apple.com -b googleCSE -l 500 -s 300


SimplyEmail

# Another simple tool to do email enumeration
https://github.com/SimplySecurity/SimplyEmail

./SimplyEmail.py -all -e cybersyndicates.com

or in verbose
./SimplyEmail.py -all -v -e cybersyndicates.com

or in verbose and no "Scope"
./SimplyEmail.py -all -v -e cybersyndicates.com -s

or with email verification
./SimplyEmail.py -all -v -verify -e cybersyndicates.com 

or with email verification & Name Creation
./SimplyEmail.py -all -v -verify -n -e cybersyndicates.com 

or json automation
./SimplyEmail.py -all -e cybersyndicates.com --json cs-json.txt


Zen (https://github.com/s0md3v/Zen)

# This tool allows you to retrieve the e-mail address of github users
python zen.py username
python zen.py https://github.com/username

# Find all emails addresses of contributors for one project
python zen.py https://github.com/username/repository

# Find emails for an organization
python zen.py organization --org
python zen.py https://github.com/orgs/organzation

# Search if the e-mail is present in a breach
python zen.py s0md3v --breach