Infoga: Email Information Gathering

Infoga is a tool gathering email accounts information (ip, hostname, country,…) from a different public source (search engines, pgp key servers and shodan) and checks if emails were leaked using haveibeenpwned.com API. Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company on the Internet.

Installation

git clone https://github.com/m4ll0k/Infoga.git
cd Infoga
python setup.py install
python infoga.py

Usage

infoga.py [OPTIONS]

        -d --domain     Target URL/Name
        -s --source     Source data (default "all"):

                all     Use all search engine
                google  Use google search engine
                bing    Use bing search engine
                yahoo   Use yahoo search engine
                ask     Use ask search engine
                baidu   Use baidu search engine
                dogpile Use dogpile search engine
                exalead Use exalead search engine
                jigsaw  Use jigsaw search engine
                pgp     Use pgp search engine

        -i --info       Get email informations
        -v --verbose    Verbose level (1,2 or 3)
        -h --help       Show this help and exit

 

$ python infoga.py --domain nsa.gov --source all --breach -v 2 --report ../nsa_gov.txt

$ python infoga.py –info m4ll0k@protonmail.com –breach -v 3 –report ../m4ll0k.txt

Source: https://github.com/m4ll0k/

Share