Infoga – Email Open Source Intelligence Tool

Infoga is a tool for gathering email account information (ip,hostname,country,…) from different public source (search engines, pgp key servers and shodan) and check if emails was leaked using haveibeenpwned.com API.

This is one of the early stages during a penetration test or just to verify how you user email and information exposed online.

Infoga – Email OSINT

Currently the tool support the following sources and options:

  • all – Use all search engine
  • Google – Use google search engine
  • Bing – Use bing search engine
  • Yahoo – Use yahoo search engine
  • Ask – Use ask search engine
  • Baidu – Use baidu search engine
  • Dogpile – Use dogpile search engine
  • Exalead – Use exalead search engine
  • Pgp – Use pgp search engine

You can also run the breach option which will allow user to search haveibeenpwned and shodan to search if the email have been compromised or leaked in the past. User may add his own API keys to the script to generate required reports according to his need.

You can read more and download this tool over here: https://github.com/m4ll0k/Infoga

Share