dehashed.py

Dehashed is pretty handy for finding creds from various leaks/breaches.

Search using Dehashed from sm00v

Personally I like to grab this repo, and then conduct a search like so:

dehashed.py -u you@yourdomain.com -a YOUR-API-KEY-HERE -d targetdomain.com -o

Prep captured creds for spraying

cat *cracked* | sort -uf > company-creds.txt

Clean up captured creds file (optional)

If you used the DeHashed-API-Tool to create an export of creds, you'll want to replace , with : so it's easier to feed the user:pass file to tools like go365:

sed -i 's/,/:/g' file-with-usernames-and-passwords.txt

Then you could take the company-creds.txt and spray them if you so desire.

Search using Dehashed from sm00v​

Prep captured creds for spraying​

Clean up captured creds file (optional)​

Search using Dehashed from sm00v

Prep captured creds for spraying

Clean up captured creds file (optional)