email2phonenumber

by martinvigo

2.4Kstars

278forks

56watchers

Updated 8 months ago

About

email2phonenumber is an OSINT tool that uncovers a target's phone number using only their email address by exploiting password reset weaknesses on various websites.

A OSINT tool to obtain a target's phone number just by having his email address

Primary Use Case

This tool is primarily used by security researchers and threat intelligence analysts to automate the discovery of phone numbers linked to email addresses through OSINT techniques. It helps identify phone numbers by scraping password reset flows and generating valid phone numbers based on numbering plans, aiding in social engineering or penetration testing engagements.

Key Features

Scrapes websites for phone number digits by initiating password reset requests using the target's email
Generates lists of valid phone numbers based on country-specific phone numbering plans
Performs bruteforce attacks by iterating over phone numbers to correlate masked emails with the target's email
Supports multiple websites including Ebay, Lastpass, Amazon, and Twitter (noting protections are in place on these)
Uses proxies to bypass captchas and abuse protections during bruteforce operations
Developed in Python 3 with dependencies on BeautifulSoup and requests
Includes a demo video and was presented at BSides Las Vegas 2019

Installation

Ensure Python 3.x is installed
Install required Python libraries using pip: pip3 install beautifulsoup4 requests
Download or clone the email2phonenumber repository from GitHub

Usage

>_ python3 email2phonenumber.py scrape -e [email protected]

Scrapes supported websites to extract phone number digits by initiating password reset using the target's email address

>_ python3 email2phonenumber.py generate -m 555XXX1234 -o /tmp/dic.txt

Generates a dictionary of valid phone numbers based on a phone number mask

>_ python3 email2phonenumber.py bruteforce -m 555XXX1234 -e [email protected] -p /tmp/proxies.txt -q

Performs bruteforce password reset attempts using a phone number mask and proxies to find the target's phone number by correlating masked emails

Security Frameworks

Reconnaissance

Credential Access

Initial Access

Discovery

Collection

Usage Insights

Integrate with social engineering campaigns to validate target contact information.
Use in red team exercises to simulate realistic reconnaissance and credential harvesting.
Leverage generated phone number lists to test multi-factor authentication resilience.
Combine with threat intelligence platforms to enrich target profiles automatically.
Employ proxy rotation and captcha bypass techniques to improve stealth during engagements.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about email2phonenumber. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

3 free chats per tool • Instant responses • No credit card

Security Profile

Red Team85%

Blue Team35%

Purple Team60%

Details

LicenseMIT License

LanguagePython

Open Issues34

Topics

osint

osinttool