DehashedDumper is a Python 3 script that dumps breach data from the Dehashed Leak API.
The script either takes a single domain name or a file with newline separated domain names. It will then query breach data for each target domain and output the results into outfiles. If you supply the --full command, all breach data from Dehashed's API is stored in a separate CSV outfile. The CSV will be extended with private information about breaches, e.g. a description, the breach date as well as the amount and type of leaked data.
DehashedDumper talks with the official Dehashed API, which requires authentication. Therefore, you must have a valid subscription and enough API tokens on Dehashed. You can retrieve your API key from your Dehashed profile. Use your email address for the API authentication.
Your authentication credentials are passed via the CLI parameters --email and --api-token.
usage: dehasheddumper.py [-h] (--domain <domain> | --domains <file>) [--email <email>] [--api-token <token>] [--full]
options:
-h, --help show this help message and exit
--domain <domain> Domain name to extract leaks
--domains <file> Newline separated file with domain names
--email <email> Dehashed email account
--api-token <token> Dehashed API token
--full Dump all data from Dehashed into CSV
docker run --rm -v ${PWD}:/app/results l4rm4nd/dehasheddumper:latest --domain apple.com --email <email> --api-token <token> --full
# install dependencies
pip install -r requirements.txt
python3 dehasheddumper.py --domain apple.com --email <email> --api-token <token> --full
$ python3 dehasheddumper.py --domains domains.txt --full
▓█████▄ ▓█████▄ █ ██ ███▄ ▄███▓ ██▓███ ▓█████ ██▀███
▒██▀ ██▌▒██▀ ██▌ ██ ▓██▒▓██▒▀█▀ ██▒▓██░ ██▒▓█ ▀ ▓██ ▒ ██▒
░██ █▌░██ █▌▓██ ▒██░▓██ ▓██░▓██░ ██▓▒▒███ ▓██ ░▄█ ▒
░▓█▄ ▌░▓█▄ ▌▓▓█ ░██░▒██ ▒██ ▒██▄█▓▒ ▒▒▓█ ▄ ▒██▀▀█▄
░▒████▓ ░▒████▓ ▒▒█████▓ ▒██▒ ░██▒▒██▒ ░ ░░▒████▒░██▓ ▒██▒
▒▒▓ ▒ ▒▒▓ ▒ ░▒▓▒ ▒ ▒ ░ ▒░ ░ ░▒▓▒░ ░ ░░░ ▒░ ░░ ▒▓ ░▒▓░
░ ▒ ▒ ░ ▒ ▒ ░░▒░ ░ ░ ░ ░ ░░▒ ░ ░ ░ ░ ░▒ ░ ▒░
░ ░ ░ ░ ░ ░ ░░░ ░ ░ ░ ░ ░░ ░ ░░ ░
░ ░ ░ ░ ░ ░ ░
░ ░ ░ by LRVT
[i] Performing leak check on apple.com
[i] Finished leak check on apple.com
> 42 unique user emails found!
> 1000 unique passwords found!
$ ls -la
.rw-r--r-- anon anon 148 B Thu Oct 20 18:13:04 2022 20102022-1337_DD_apple.com_passwords.lst
.rw-r--r-- anon anon 122 B Thu Oct 20 18:13:04 2022 20102022-1337_DD_apple.com_users.lst
.rw-r--r-- anon anon 08 KB Thu Oct 20 18:13:04 2022 20102022-1337_DD_apple.com_fulldata.lst
.rw-r--r-- anon anon 04 KB Thu Oct 20 18:13:44 2022 dehasheddumper.py