Added a module Dehashed

theHarvester/__main__.py

@@ -24,6 +24,7 @@
     certspottersearch,
     criminalip,
     crtsh,
+    search_dehashed,
     dnssearch,
     duckduckgosearch,
     fullhuntsearch,
@@ -149,7 +150,7 @@ async def start(rest_args: argparse.Namespace | None = None):
         '-b',
         '--source',
         help="""anubis, baidu, bevigil, bing, bingapi, brave, bufferoverun,
-                            censys, certspotter, criminalip, crtsh, duckduckgo, fullhunt, github-code,
+                            censys, certspotter, criminalip, crtsh, dehashed, duckduckgo, fullhunt, github-code,
                             hackertarget, hunter, hunterhow, intelx, netlas, onyphe, otx, pentesttools, projectdiscovery,
                             rapiddns, rocketreach, securityTrails, sitedossier, subdomaincenter, subdomainfinderc99, threatminer, tomba,
                             urlscan, virustotal, yahoo, whoisxml, zoomeye, venacus""",
@@ -504,6 +505,23 @@ async def store(
                     except Exception as e:
                         print(f'[!] A timeout occurred with crtsh, cannot find {args.domain}\n {e}')
 
+                elif engineitem == 'dehashed':
+                    try:
+                        dehashed_search = search_dehashed.SearchDehashed(word)
+                        stor_lst.append(
+                            store(
+                                dehashed_search,
+                                engineitem,
+                                store_host=False,
+                                store_ip=True,
+                            )
+                        )
+                    except Exception as e:
+                        if isinstance(e, MissingKey):
+                            print(e)
+                        else:
+                            print(f'An exception has occurred in Dehashed: {e}')
+
                 elif engineitem == 'duckduckgo':
                     duckduckgo_search = duckduckgosearch.SearchDuckDuckGo(word, limit)
                     stor_lst.append(

theHarvester/data/api-keys.yaml

@@ -65,4 +65,7 @@ apikeys:
     key:
 
   venacus:
-    key:
+    key:
+
+  dehashed:
+    key:

theHarvester/discovery/search_dehashed.py

@@ -0,0 +1,97 @@
+import time
+import requests
+from theHarvester.discovery.constants import MissingKey
+from theHarvester.lib.core import Core
+
+
+class SearchDehashed:
+    def __init__(self, word) -> None:
+        self.word = word
+        self.key = Core.dehashed_key()
+        if self.key is None:
+            raise MissingKey('Dehashed')
+
+        self.api = 'https://api.dehashed.com/v2/search'
+        self.headers = {
+            'Content-Type': 'application/json',
+            'Dehashed-Api-Key': self.key
+        }
+        self.results = ''
+        self.data: list[dict] = []
+
+    async def do_search(self) -> None:
+        print(f'\t[+] Performing Dehashed search for: {self.word}')
+        page = 1
+        size = 100
+        while True:
+            payload = {
+                'query': self.word,
+                'page': page,
+                'size': size,
+                'wildcard': False,
+                'regex': False,
+                'de_dupe': False
+            }
+
+            try:
+                response = requests.post(self.api, json=payload, headers=self.headers)
+                if response.status_code == 401:
+                    raise Exception('Unauthorized. Check Dehashed API key.')
+                if response.status_code == 403:
+                    raise Exception('Forbidden. API key is not allowed.')
+
+                data = response.json()
+                entries = data.get('entries', [])
+                if not entries:
+                    break
+
+                self.data.extend(entries)
+                print(f'\t[+] Page {page} - Retrieved {len(entries)} entries.')
+
+                if len(entries) < size:
+                    break
+                page += 1
+                time.sleep(0.5)
+            except Exception as e:
+                print(f'\t[!] Dehashed error: {e}')
+                break
+
+    async def print_csv_results(self) -> None:
+        if not self.data:
+            print("\t[!] No data found.")
+            return
+
+        print("\n[Dehashed Results]")
+        print("Email,Username,Password,Phone,IP,Source")
+
+        for entry in self.data:
+            email = entry.get('email', '')
+            username = entry.get('username', '')
+            password = entry.get('password', '')
+            phone = entry.get('phone', '')
+            ip = entry.get('ip_address', '')
+            source = entry.get('database_name', '')
+
+            csv_line = f'"{email}","{username}","{password}","{phone}","{ip}","{source}"'
+            print(csv_line)
+
+    async def process(self, proxy: bool = False) -> None:
+        await self.do_search()
+        await self.print_csv_results()
+
+    async def get_emails(self) -> set:
+        emails = set()
+        for entry in self.data:
+            if 'email' in entry and entry['email']:
+                emails.add(entry['email'])
+        return emails
+
+    async def get_hostnames(self) -> set:
+        return set()
+
+    async def get_ips(self) -> set:
+        ips = set()
+        for entry in self.data:
+            if 'ip_address' in entry and entry['ip_address']:
+                ips.add(entry['ip_address'])
+        return ips

theHarvester/lib/core.py

@@ -70,6 +70,10 @@ def censys_key() -> tuple:
     def criminalip_key() -> str:
         return Core.api_keys()['criminalip']['key']
 
+    @staticmethod
+    def dehashed_key() -> str:
+        return Core.api_keys()['dehashed']['key']
+
     @staticmethod
     def fullhunt_key() -> str:
         return Core.api_keys()['fullhunt']['key']
@@ -175,6 +179,7 @@ def get_supportedengines() -> list[str | Any]:
             'criminalip',
             'crtsh',
             'duckduckgo',
+            'dehashed',
             'fullhunt',
             'github-code',
             'hackertarget',