icon Book Free Consultation




h8mail is an email OSINT and breach hunting tool using different breach and reconnaissance , or local breaches such as Troy Hunt's "Collection1" and the infamous "Breach Compilation" torrent. 


  1. Email pattern matching (reg exp), useful for reading fromother tool output.
  2. Loosey patterns for local searchs (“john.smith”, “evilcorp”)
  3. Painless install. Available through pip, only requires  requests
  4. Small and fast Alpine Dockerfile available
  5. CLI or Bulk file-reading for targeting
  6. Output to CSV file
  7. Compatible with the “Breach Compilation” torrent scripts
  8. Search .txt and .gz files locally using multiprocessing *Compatible with “Collection#1”
  9. Get related emails
  10. Chase and target related emails in ongoing search
  11. Supports premium lookup services for advanced users
  12. 12 Regroup breach results for all targets and methods 


Installation of this tool is pretty straight forward.

Install pip3 for python3. By using the pip3 we can install h8mail 

into our machine.

pip3 install h8mail  


Lock image


Basic Usecases 

  • Query for a single target

            h8mail -t [email protected]

  •  Query for list of targets, indicate config file for API keys, output to pwned_targets.csv

             h8mail -t targets.txt -c config.ini -o pwned_targets.csv 

  • Query a list of targets against local copy of the Breach

              Compilation, pass API key for snusbase from the command line h8mail -t targets.txt -bc                   

               ../Downloads/BreachCompilation/ -k "snusbase_token=$snusbase_token"

  • Query without making API calls against local copy of the Breach Compilation

             h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -sk