Merge pull request #224 from kaifcodec/add/email-osint-modules

kaifcodec · web-flow · commit a061d8635a4d · 2026-02-20T11:08:29.000+05:30
add: 5 new email_scan modules
diff --git a/user_scanner/email_scan/dev/hackthebox.py b/user_scanner/email_scan/dev/hackthebox.py
@@ -0,0 +1,73 @@
+import httpx
+import json
+import urllib.parse
+from user_scanner.core.result import Result
+
+
+async def _check(email: str) -> Result:
+    show_url = "https://hackthebox.com"
+    register_url = "https://account.hackthebox.com/register"
+    api_url = "https://account.hackthebox.com/api/v1/user/email/verify"
+
+    headers = {
+        'User-Agent': "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Mobile Safari/537.36",
+        'Accept': "application/json",
+        'Accept-Encoding': "identity",
+        'Content-Type': "application/json",
+        'sec-ch-ua-platform': '"Android"',
+        'sec-ch-ua': '"Not:A-Brand";v="99\", \"Google Chrome\";v=\"145\", \"Chromium\";v=\"145"',
+        'sec-ch-ua-mobile': "?1",
+        'x-requested-with': "XMLHttpRequest",
+        'origin': "https://account.hackthebox.com",
+        'sec-fetch-site': "same-origin",
+        'sec-fetch-mode': "cors",
+        'sec-fetch-dest': "empty",
+        'referer': "https://account.hackthebox.com/register",
+        'accept-language': "en-US,en;q=0.9",
+        'priority': "u=1, i"
+    }
+
+    try:
+        async with httpx.AsyncClient(timeout=15.0, follow_redirects=True) as client:
+            r_init = await client.get(register_url, headers={'User-Agent': headers['User-Agent']})
+
+            if r_init.status_code == 403:
+                return Result.error("Caught by WAF or IP Block (403) during Handshake")
+
+            xsrf_token_encoded = client.cookies.get("XSRF-TOKEN")
+            if not xsrf_token_encoded:
+                return Result.error("Failed to extract XSRF-TOKEN from HackTheBox")
+
+            xsrf_token = urllib.parse.unquote(xsrf_token_encoded)
+            headers['x-xsrf-token'] = xsrf_token
+
+            payload = {"email": email}
+            response = await client.post(api_url, content=json.dumps(payload), headers=headers)
+
+            status = response.status_code
+
+            if status == 403:
+                return Result.error("Caught by WAF or IP Block (403) during Validation")
+
+            if status == 422:
+                resp_data = response.json()
+                if "cannot use this email address" in str(resp_data):
+                    return Result.taken(url=show_url)
+                return Result.error(f"Validation error: {resp_data.get('message')}")
+
+            if status in [200, 204]:
+                return Result.available(url=show_url)
+
+            if status == 429:
+                return Result.error("Rate limited by HackTheBox")
+
+            return Result.error(f"Unexpected status code: {status}")
+
+    except httpx.ConnectTimeout:
+        return Result.error("Connection timed out! maybe region blocks")
+    except Exception as e:
+        return Result.error(e)
+
+
+async def validate_hackthebox(email: str) -> Result:
+    return await _check(email)
diff --git a/user_scanner/email_scan/entertainment/anilist.py b/user_scanner/email_scan/entertainment/anilist.py
@@ -0,0 +1,63 @@
+import httpx
+import json
+from user_scanner.core.result import Result
+
+async def _check(email: str) -> Result:
+    show_url = "https://anilist.co"
+    url = "https://anilist.co/graphql"
+
+    payload = {
+        "query": "mutation($email:String){ResetPassword(email:$email)}",
+        "variables": {
+            "email": email
+        }
+    }
+
+    headers = {
+        'User-Agent': "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36",
+        'Accept': "application/json",
+        'Content-Type': "application/json",
+        'schema': "internal",
+        'origin': "https://anilist.co",
+        'referer': "https://anilist.co/forgot-password",
+        'accept-language': "en-US,en;q=0.9"
+    }
+
+    try:
+        async with httpx.AsyncClient(timeout=7.0) as client:
+            response = await client.post(url, content=json.dumps(payload), headers=headers)
+
+            if response.status_code == 429:
+                return Result.error("Rate limited wait for few minutes")
+
+            data = response.json()
+            errors = data.get("errors", [])
+
+            if not errors:
+                return Result.error("Unexpected response body structure (No errors returned)")
+
+            error_msg = errors[0].get("message", "").lower()
+
+            if "unauthorized" in error_msg:
+                return Result.taken(url=show_url)
+
+            elif "validation" in error_msg:
+                validation = errors[0].get("validation", {})
+                email_errors = validation.get("email", [])
+                if any("invalid" in e.lower() for e in email_errors):
+                    return Result.available(url=show_url)
+
+                return Result.error("Unexpected validation error message")
+
+            else:
+                return Result.error(f"Unexpected error type: {error_msg}, report it via GitHub issues")
+
+    except httpx.ConnectTimeout:
+        return Result.error("Connection timed out! maybe region blocks")
+    except httpx.ReadTimeout:
+        return Result.error("Server took too long to respond (Read Timeout)")
+    except Exception as e:
+        return Result.error(e)
+
+async def validate_anilist(email: str) -> Result:
+    return await _check(email)
diff --git a/user_scanner/email_scan/entertainment/myanimelist.py b/user_scanner/email_scan/entertainment/myanimelist.py
@@ -0,0 +1,61 @@
+import httpx
+from user_scanner.core.result import Result
+
+async def _check(email: str) -> Result:
+    show_url = "https://myanimelist.net"
+    url = "https://myanimelist.net/signup/email/validate"
+
+    payload = {
+        'email': email
+    }
+
+    headers = {
+        'User-Agent': "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Mobile Safari/537.36",
+        'Accept': "application/json, text/plain, */*",
+        'Accept-Encoding': "identity",
+        'sec-ch-ua-platform': '"Android"',
+        'x-requested-with': "XMLHttpRequest",
+        'origin': "https://myanimelist.net",
+        'sec-fetch-site': "same-origin",
+        'sec-fetch-mode': "cors",
+        'sec-fetch-dest': "empty",
+        'referer': "https://myanimelist.net/register.php?",
+        'accept-language': "en-US,en;q=0.9",
+        'priority': "u=1, i"
+    }
+
+    try:
+        async with httpx.AsyncClient(timeout=7.0) as client:
+            response = await client.post(url, data=payload, headers=headers)
+
+            if response.status_code == 403:
+                return Result.error("Caught by WAF or IP Block (403)")
+
+            if response.status_code == 429:
+                return Result.error("Rate limited wait for few minutes")
+
+            if response.status_code != 200:
+                return Result.error(f"HTTP Error: {response.status_code}")
+
+            data = response.json()
+            errors = data.get("errors", [])
+            resp_data = data.get("data")
+
+            if errors and any("already have an account" in err.get("message", "") for err in errors):
+                return Result.taken(url=show_url)
+
+            elif isinstance(resp_data, list) and len(resp_data) == 0:
+                return Result.available(url=show_url)
+
+            else:
+                return Result.error("Unexpected response body structure, report it via GitHub issues")
+
+    except httpx.ConnectTimeout:
+        return Result.error("Connection timed out! maybe region blocks")
+    except httpx.ReadTimeout:
+        return Result.error("Server took too long to respond (Read Timeout)")
+    except Exception as e:
+        return Result.error(e)
+
+async def validate_myanimelist(email: str) -> Result:
+    return await _check(email)
diff --git a/user_scanner/email_scan/hosting/neocities.py b/user_scanner/email_scan/hosting/neocities.py
@@ -0,0 +1,58 @@
+import httpx
+from user_scanner.core.result import Result
+
+
+async def _check(email: str) -> Result:
+    show_url = "https://neocities.org"
+    url = "https://neocities.org/create_validate"
+
+    payload = {
+        'field': "email",
+        'value': email,
+        'is_education': "false"
+    }
+
+    headers = {
+        'User-Agent': "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Mobile Safari/537.36",
+        'Accept': "application/json, text/plain, */*",
+        'Accept-Encoding': "identity",
+        'sec-ch-ua-platform': '"Android"',
+        'x-requested-with': "XMLHttpRequest",
+        'origin': "https://neocities.org",
+        'referer': "https://neocities.org/",
+        'accept-language': "en-US,en;q=0.9"
+    }
+
+    try:
+        async with httpx.AsyncClient(timeout=10.0) as client:
+            response = await client.post(url, data=payload, headers=headers)
+
+            if response.status_code == 403:
+                return Result.error("Caught by WAF or IP Block (403)")
+
+            if response.status_code == 429:
+                return Result.error("Rate limited wait for few minutes")
+
+            if response.status_code != 200:
+                return Result.error(f"HTTP Error: {response.status_code}")
+
+            data = response.json()
+
+            if "error" in data:
+                if "already exists" in data["error"]:
+                    return Result.taken(url=show_url)
+                return Result.error(f"Neocities error: {data['error']}")
+
+            if data.get("result") == "ok":
+                return Result.available(url=show_url)
+
+            return Result.error("Unexpected response body structure, report it via GitHub issues")
+
+    except httpx.ConnectTimeout:
+        return Result.error("Connection timed out! maybe region blocks")
+    except Exception as e:
+        return Result.error(e)
+
+
+async def validate_neocities(email: str) -> Result:
+    return await _check(email)
diff --git a/user_scanner/email_scan/music/deezer.py b/user_scanner/email_scan/music/deezer.py
@@ -0,0 +1,88 @@
+import httpx
+import json
+from user_scanner.core.result import Result
+
+
+async def _check(email: str) -> Result:
+    show_url = "https://www.deezer.com"
+    gw_url = "https://www.deezer.com/ajax/gw-light.php"
+
+    headers = {
+        'User-Agent': "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Mobile Safari/537.36",
+        'Accept-Encoding': "identity",
+        'Content-Type': "text/plain;charset=UTF-8",
+        'Origin': "https://account.deezer.com",
+        'Referer': "https://account.deezer.com/"
+    }
+
+    try:
+        async with httpx.AsyncClient(timeout=10.0, follow_redirects=True) as client:
+            handshake_params = {
+                'method': "deezer.getUserData",
+                'input': "3",
+                'api_version': "1.0",
+                'api_token': ""
+            }
+            handshake_payload = {"APP_NAME": "Deezer"}
+
+            r_handshake = await client.post(
+                gw_url,
+                params=handshake_params,
+                content=json.dumps(handshake_payload),
+                headers=headers
+            )
+
+            if r_handshake.status_code == 403:
+                return Result.error("Caught by WAF or IP Block (403) during Handshake")
+
+            handshake_data = r_handshake.json()
+            api_token = handshake_data.get("results", {}).get("checkForm")
+
+            if not api_token:
+                return Result.error("Failed to retrieve api_token (checkForm) from Deezer")
+
+            validate_params = {
+                'method': "user_checkRegisterConstraints",
+                'input': "3",
+                'api_version': "1.0",
+                'api_token': api_token
+            }
+
+            validate_payload = {
+                "APP_NAME": "Deezer",
+                "EMAIL": email
+            }
+
+            response = await client.post(
+                gw_url,
+                params=validate_params,
+                content=json.dumps(validate_payload),
+                headers=headers
+            )
+
+            if response.status_code == 403:
+                return Result.error("Caught by WAF or IP Block (403) during Validation")
+
+            if response.status_code != 200:
+                return Result.error(f"HTTP Error: {response.status_code}")
+
+            data = response.json()
+            errors = data.get("results", {}).get("errors", {})
+
+            if errors.get("email", {}).get("error") == "email_already_used":
+                return Result.taken(url=show_url)
+
+            elif "country" in errors and "email" not in errors:
+                return Result.available(url=show_url)
+
+            else:
+                return Result.error("Unexpected response body structure, report it via GitHub issues")
+
+    except httpx.ConnectTimeout:
+        return Result.error("Connection timed out! maybe region blocks")
+    except Exception as e:
+        return Result.error(e)
+
+
+async def validate_deezer(email: str) -> Result:
+    return await _check(email)
