Esearchy is a small library capable of searching the internet for email addresses. Currently, the supported search methods are, but not limited to:
-
Search engines:
-
Google
-
Bing
-
Yahoo,
-
AltaVista
-
-
Social Engines:
-
LinkedIn
-
Google Profiles ( Based on DigiNinja’s idea www.digininja.org/projects/gpscan.php)
-
Naymz
-
Classmantes
-
Spoke
-
-
Other Engines
-
PGP servers
-
Usenets
-
GoogleGroups Search
-
Spider
-
LDAP
-
But Searches do not stop there, ESearchy it also looks for emails inside:
-
PDF
-
DOC
-
DOCX
-
XLSX
-
PPTX
-
ODT
-
ODP
-
ODS
-
ODB
-
ASN
-
TXT
Once all the text is parsed within the file the emails are added to the list of found accounts.
In order to parse Microsoft Word (.doc):
-
You Either need a windows Platform with Word installed.
-
Install AntiWord. ( www.winfield.demon.nl/ )
-
Or if non of the above is on the OS, we perform a raw search inside the file.
NOTE: THIS IS STILL BEING DEVELOPED CODE IS SUBMITTED DAILY SO BE AWARE THAT CODE MIGHT NOT WORK PROPERLY AL THE TIME. IF SOMETHING GOES WRONG PLEASE RAISE AN ISSUE.
-
Emails from github.
For now, there are two main ways of performing a search:
-
Executable CLI command
esearchy -h
-
Library
For thouse who want to integrate this to their application you can use it in “the ruby way”
-
ruby 1.8 or 1.9
-
cgi
-
pdf/reader
-
json
-
spidr
-
ldap
-
rubyzip ( Migrating to FreedomCoder-rubyzip 0.9.2 so it’s 1.9 compatible)
-
> sudo gem sources -a gems.github.com (If you do not have the repository)
-
> sudo gem install gemcutter
-
> sudo gem install esearchy
Esearchy-ng is a powerfull tool with many options. Eventhought we do have a –enable-all option it is not necesary the best option to start with.
> esearchy -q "@company.com" -c "Company Inc" --enable-linkedin --enable-spoke -m 500
It is always a good idea to put a limit on the search even if it is 50000. Although it is worth noting that nowadays Google won’t show more than 1K, even when it shows millions of results.
This is a simple example to search for emails on all main search engines and a few PGP key servers.
> esearchy -q "@company" -y AwgiZ8rV34Ejo9hDAsmE925sNwU0iwXoFxBSEky8wu1viJqXjwyPP7No9DYdCaUW28y0.i8pyTh4 -b 220E2E31383CA320FF7E022ABBB8B9959F3C0CFE --enable-bing --enable-google --enable-yahoo --enable-pgp -m 500
This option requires several flags and sadly it is not the most stable way of running it. But sometimes it does work. It searches for everything, emails, people, and even parses the website ( which might take several hours ) for emails.
> esearchy --enable-all -y AwgiZ8rV34Ejo9hDAsmE925sNwU0iwXoFxBSEky8wu1viJqXjwyPP7No9DYdCaUW28y0.i8pyTh4 -b 220E2E31383CA320FF7E022ABBB8B9959F3C0CFE -o output.csv -q @company.com -c Company Inc -w "http://www.company.com" -m 1000
-
www.freedomcoder.com.ar/2010/07/09/client-side-penetration-testing-with-esearchy-emaily/
-
www.securityaegis.com/esearchy-my-new-favorite-osint-script/
-
www.penetrationtests.com/ [Penetration Testing Directory]
-
www.mundoruby.com.ar/ [Ruby’s News Aggregator]
-
www.digininja.org/ [DigiNinja’s Website]
-
hexale.blogspot.com/ [8A’s webite]
-
www.kalmbach.com.ar/ [/jk’s webite]
(The MIT License)
Copyright © 2008 - 2009:
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the ‘Software’), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED ‘AS IS’, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.