• Python script that applies OSINT techniques by searching public data using domain, email, phone, IP addresses or URLs.
• Create account at https://pipl.com/api & get the API key.
• Create account at https://www.opencnam.com/ & get the Account SID and Auth Token.
• Create account at https://www.shodan.io/ & get the Shodan API key.
• Create account at https://whatcms.org/API & get the WhatCMS API key.
• Create account at https://censys.io/register & get the API ID and API secret.
• Create account at https://dashboard.fullcontact.com/consents & get The Full Contact API key. 

• Collect personal information include full name, age, gender, languages, location, social networks, etc...
• Collect information related to data breaches.
• Collect information related to pastes of data breaches made public.
• Collect which country a phone number belongs to.
• Collect results of google hackings searches.
• Collect results related to a domain or an IP address.
• Collect digital certificates for a certain domain.
• Collect CMS for a certain website.
• Collect DNS Records and zone transfers information for a certain domain.
• Collect Facebook ID and a facebook page full of photos after getting a facebook profile URL.
• Collect URLs present in some web page.
• Collect URL to know what torrents are being downloaded from some IP.
• This script allows specfic searches and in bulk.
• More functionalities may to be added later. 

• Kubuntu 18.04.2 LTS
• Kali Linux 2019.1
• Windows 10

• Python3 - https://docs.python-guide.org/starting/install3/linux/#install3-linux

• sudo apt-get install git

• Python3 - https://www.python.org/downloads/windows/
• git - https://git-scm.com/download/win

• pip3 install -r requirements.txt
• pip3 install git+https://github.com/abenassi/Google-Search-API --upgrade
• pip3 install https://github.com/PaulSec/API-dnsdumpster.com/archive/master.zip --user

• first run, you need to submit your API fields to get all the functionality of the script. I suggest you create the accounts mentioned in the description.
• 'osintSearch.config.ini' configuration file, created with your data and can be edited by you.

• $ python3 osintS34rCh.py

About
Script parses Pastebin email:password dumps and gather information about each email address. It supports Google, Trumail, Pipl, FullContact and HaveIBeenPwned. Moreover, it allows you to send an informational mail to person about his leaked password, at the end every information lands in Elasticsearch for further exploration.

It supports only one format - email:password.
Everything else will not work!
For now, notification works when it finds match on FullContact and next sends you email address and associated social media accounts.

Requirements:

pip install -r requirements

{"domains": 
 { #domains to whitelist or blacklist
 "whitelist": [""],
 "blacklist": ["yahoo.com"]
},
"keys": 
 { #API KEYS
 "pushsafer": "API_KEY",
 "fullcontact": "API_KEY",
 "pipl": "API_KEY"
},
"gmail": 
 { #GMAIL credentials and informational message that will be send
 "username": "[email protected]",
 "password": "password",
 "message": "Hey,nnI am a security researcher and I want to inform you that your password !PASSWORD! has been leaked and you should change it immediately.nThis email is part of the research, you can find more about it on https://medium.com/@wojciechnnStay safe!"},
"elasticsearch":
 { #ElasticSearch connection info
 "host": "127.0.0.1",
 "port": 9200}
}

[email protected]:~/PycharmProjects/pepe# python pepe.py -h
usage: pepe.py [-h] [--file FILE] [--stream] [--interactive]
                 [--modules MODULES [MODULES ...]] [--elasticsearch]
                 [--whitelist] [--blacklist]

                            ,=.
              ,=''''==.__.="  o".___
        ,=.=="                  ___/
  ,==.,"    ,          , ,===""
 <     ,==)  "'"=._.==)    `==''    `"           `

  clover/snark^
  http://ascii.co.uk/art/platypus
  
  Post Exploitation Pastebin Emails
  github.com/woj-ciech
  medium.com/@woj_ciech
  
  Example:
  python pepe.py --file <dump.txt> --interactive --whitelist
  python pepe.py --file <dump.txt> --modules hibp google trumail --elasticsearch --blacklist

optional arguments:
  -h, --help            show    this help message and exit
  --file FILE           Load file
  --stream              Stream Pastebin
  --interactive         Interactive mode
  --modules MODULES [MODULES ...]
                        Modules to check in non-interactive mode
  --elasticsearch       Output to ElasticSearch
  --whitelist           Whitelist
  --blacklist           Blacklist

[email protected]:~/PycharmProjects/pepe# python pepe.py --file paste.txt --interactive --blacklist

-----------------------Found email [REDACTED]@hotmail.com with password [REDACTED]-----------------------
[A] Add domain hotmail.com to blacklist
[T] Test
[G] Google search
[H] HaveIBeenPwned
[P] Pipl
[F] FullContact
[I] Inform
[N] Next
> G
---Google Search---
http://[REDACTED]
http://[REDACTED]
http://[REDACTED]

[A] Add domain gmail.com to blacklist
[T] Test
[G] Google search
[H] HaveIBeenPwned
[P] Pipl
[F] FullContact
[I] Inform
[N] Next
> N
-----------------------Found email [REDACTED].[REDACTED]@gmail.com with password [REDACTED]-----------------------
[A] Add domain gmail.com to blacklist
[T] Test
[G] Google search
[H] HaveIBeenPwned
[P] Pipl
[F] FullContact
[I] Inform
[N] Next
> F
---FullContact---
[REDACTED] [REDACTED]<   br/>https://twitter.com/[REDACTED]
https://facebook.com/[REDACTED]
https:/linkedin.com/[REDACTED]
[A] Add domain gmail.com to blacklist
[T] Test
[G] Google search
[H] HaveIBeenPwned
[P] Pipl
[F] FullContact
[I] Inform
[N] Next
> P
---Pipl---
Name: [REDACTED]
[REDACTED] years old
Jobs:
Quality Control [REDACTED] (since 2018)
[REDACTED] Review [REDACTED] (2017-2018)
[REDACTED] Attorney [REDACTED] (2017-2018)
[REDACTED] Attorney at [REDACTED] (2017-2017)
...
[REDACTED] (2012-2012)
[REDACTED] Assistant at [REDACTED] (2012-2012)
Author/Founder at [REDACTED] (2009-2011)
https://www.linkedin.com/in/[REDACTED]
http://www.facebook.com/people/[REDACTED]
http://twitter.com/[REDACTED]
http://pinterest.com/[REDACTED]
https://plus.google.com/[REDACTED]

...
[REDACTED]

[email protected]:~/PycharmProjects/# python pepe.py --file pastetest.txt --blacklist --modules hibp google fullcontact trumail --elasticsearch
-----------------------Found email [REDACTED]@hotmail.com with password [REDACTED]-----------------------
---Google Search---
https://pastebin.com/[REDACTED]
---Have I Been Pwned---
LinkedIn
---FullContact---
No results
---Trumail---
Email test passed
-----------------------Found email charlie.[REDACTED]@live.com with password [REDACTED]-----------------------
---Google Search---
https://justpaste.it/[REDACTED]
https://pastebin.com/[REDACTED]
---Have I Been Pwned---
MyHeritage
RiverCityMedia
Tumblr
YouveBeenScraped
---FullContact---
Charlie [REDACTED]
https://twitter.com/[REDACTED]
[REDACTED]
---Trumail---
Email test passed
-----------------------Found email [REDACTED].[REDACTED]@gmail.com with password [REDACTED]-----------------------
   ---Google Search---
http://[REDACTED]
http://[REDACTED]
http://[REDACTED]
https://pastebin.com/[REDACTED]
---Have I Been Pwned---
BTSec
Exactis
HauteLook
Houzz
LinkedIn
---FullContact---
[REDACTED] [REDACTED]
https://www.facebook.com/[REDACTED]
[REDACTED]
---Trumail---
Email test passed
-----------------------Found email [REDACTED].[REDACTED]@gmail.com with password [REDACTED]-----------------------
---Google Search---
https://[REDACTED]
https://[REDACTED]
https://[REDACTED]
https://pastebin.com/[REDACTED]
---Have I Been Pwned---
Lastfm
LinkedIn
MySpace
Trillian
Tumblr
---FullContact---
[REDACTED] [REDACTED] [REDACTED].
https://www.facebook.com/[REDACTED]
https://plus.google.com/[REDACTED]
https://www.linkedin.com/in/[REDACTED]
http://www.pinterest.com/[REDACTED]
https://twitter.com/[REDACTED]
https://youtube.com/user/[REDACTED]
[REDACTE   D]