Add Logging, Email Permutation, Improved Multithreaded Performance, Random password generation, Buffered credential generation, test server

[leolion3]

• Added an old script of mine for generating email permutations, which generates thousands of emails per second.
• Used Faker for generating random data.
• Improved upon @sarimbinwaseem Using faker to generate data #3 implementation by shuffling email components (first, last names, numbers, symbols).
• Changed password generation to use random amount of characters and random combination.
• Used randomised user agents in each request

[JanEickholt]

The idea of email permutation usually comes from developing bots, use a mail multiple times, to confirm registrations
These are usually filtered by every decent company / developer, via a duplicate check, if you don't need to confirm the registration that you send to the phishing site, there is really no use to this feature

[leolion3]

The idea of email permutation usually comes from developing bots, use a mail multiple times, to confirm registrations These are usually filtered by every decent company / developer, via a duplicate check, if you don't need to confirm the registration that you send to the phishing site, there is really no use to this feature

Thats why first shuffling the email components. Plus its not entirely true, as I've personally used these permutations on various websites that provide a new customer bonus per email address.

Its actually only a gmail feature that dots get ignored in the username and that the gmail and googlemail domains are seen as identical.
The upper/lowercase is turned on but can be turned off. The main objective of the permutation is turning an email like test@gmail.com into t.est t.e.st t.e.s.t, etc. and using various domains.

You can check out the demo here: https://github.com/leolion3/Portfolio/tree/master/Python/GmailPermutationGenerator

[JanEickholt]

For legitimate Services this might sometimes be the case (sometimes legal in nature), but if you want to "flood" a database with "legit looking" data, just adding dots and suffixes doesn't help, if it can be countered with a regex or simple script.

A simple script to filter out "dots" for gmail accounts (append as you wish), to counter-act your script
-> a "phishkiller" should focus on legitimate looking data, limited by the ISP anyways

#!/usr/bin/env python3

unique = []

with open("export.txt", "r") as file:
    emails = file.readlines()
    for mail in emails:
        mail = mail.strip()
        mail = mail.lower()
        if mail.endswith("@googlemail.com"):
            mail = mail.replace("@googlemail.com", "@gmail.com")
        if mail.endswith("@gmail.com"):
            mail = mail.replace("@gmail.com", "")
            mail = mail.replace(".", "")
            mail = mail.split("+")[0]
            mail = mail + "@gmail.com"
            if mail not in unique:
                unique.append(mail)

print(unique)

[JanEickholt]

Thats why first shuffling the email components. Plus its not entirely true, as I've personally used these permutations on various websites that provide a new customer bonus per email address.

shuffling the components is valid

[leolion3]

@JanEickholt I changed the dots into email permutations, wanna take a look? :) @CybrZone other than that its ready for merge, code contains latest changes as well