Powered by

# dehashed-API

dehashed-API is awesome for parsing creds snagged with dehashed.com.

# Install

I had good luck spinning up a venv and then installing with pipx:

pipx install git+https://github.com/hmaverickadams/DeHashed-API-Tool

# Set API key 

nano venv/lib/python3.12/site-packages/dehashapitool/config.txt

Paste in your API key in the file, then save and close the file.

# Search for leaked creds - JUST passwords 

sudo venv/bin/dehashapitool -d domain.com -o domain-pwned-pwz.txt --only-passwords

# Search for general info about a domain 

sudo venv/bin/dehashapitool -d domain.com -o all-the-things-and-stuff.txt

# Clean up credential output to prepare for credential spraying

If you're going to spray these credentials using something like go365, this

sed -n "1d; s/\['\([^']*\)'\],\['\([^']*\)'\]/\1,\2/p" output-from-dehashed.txt

# Snip out shorter passwords

If you know what your target's password length requirements are, you can trim out shorter passwords from this user/pass list. For example, if you want to get a list of users with passwords 14 characters or more, do:

awk -F: 'length($2) >= 14' users-and-passwords.txt