Poastal - the Email OSINT tool
Discover more from The OSINT Newsletter
Poastal - the Email OSINT tool
A new open source email OSINT tool
Over the past several weeks, much like others, I’ve been exploring the exploding world of AI using tools like ChatGPT and Midjourney. In the past, I’ve written several Python utilities to help me automate certain tasks for OSINT collection or data analysis; however, because I’m not particularly proficient in JavaScript, I’ve never crossed the chasm into writing a full web application.
Fortunately for me, ChatGPT is surprisingly good at writing front-end code. One thing I’ve learned is that giving ChatGPT many instructions upfront leads to undesirable results. Building more iteratively, like a typical software development shop, helps guide the AI to building what you actually want.
Introducing Poastal, the Email OSINT tool.
So what is it anyway?
I’ve been doing a ton of research lately exploring the possibilities of what sort of information you can collect about an email address without producing false positives or using an expensive third-party service.
Here’s a snapshot of a few of my findings so far.
Email to Hulu
Email to WordPress
Email to Adobe/Apple ID/Facebook
Email to Snapchat
The Problem
Because there were so many individual methods I had to check, it was really time-consuming for me to run them all one by one to determine if an email address was active, old, a burner, associated with certain demographics, suspicious, etc.
I needed a way to enter an email address once and find all the information I needed in a single query.
There are wonderful tools out there that do this. Epieos, Defastra, and Seon are all freemium/inexpensive tools that you can use to do this type of work. The only issue I had with these tools is that I’m an OSINT researcher that’s constantly finding new methods. These tools don’t have all of the methods I use and I don’t expect them to. Their priorities are rightfully different than mine.
I also wanted the challenge of building my own tool and giving back to the OSINT community with an open-source tool. So I just rolled up my sleeves and did it, with a little help from my digital friend.
The Solution
I started off by doing what I already knew how to do, write Python code that could combine several methods together and allow me to solve the core issue which was the time-consuming process of running several requests for the same task. I ended up writing specific modules for each method to make them easier to adjust and enhance over time and “gluing” them together with a Flask app. Here’s what it originally looked like.
This was the raw JSON output of my Flask app which at the time I called Email Search. I ended up pointing the Flask app to port 8080 and was running the query regularly for several investigative tasks. I loaded localhost:8080/?email= into Postman and my problem was solved.
But then I realized, since I wanted to give back to the OSINT community, that not everyone in the community would be comfortable with handling a Flask app, configuring it, and reading through JSON for insights. There are several CLI tools already out there and many non-technical investigators wanted something they could interact with more easily that had a better user experience.
So, I set out to make my first Flask-powered web application with a user interface, with the help of ChatGPT.
Phase 1 - Email Search
The first thing I did was give ChatGPT my Flask app’s code and a sample JSON. Then, I told it I wanted an input field that would allow me to enter an email address and pass it to the Flask app running on port 8080. Finally, I told it I wanted the results of the JSON to be printed in a table on the page.
Here’s the result:
This, on its own, was exactly what I wanted to do. I could have closed the case here, wrapped it up, and published this on GitHub. But, let’s be honest, this is super boring and really ugly. I wanted to create an app that felt premium, even if it was really simple under the hood. So, I continued on.
Phase 2 - Email Detective
In order to make it feel more premium, it needed a different name than “Email Search”. I considered “Email OSINT” but I think I’ve exhausted my straight-to-the-point branding choices (The OSINT Podcast, The OSINT Newsletter). I settled on Email Detective despite hundreds of detective-themed tools already in existence (I’ve accepted my creative limitations at this point). I added a logo I jacked from a free Icon website and added some other icons I jacked from the same website for “true” and “false” results, and presto, a more premium-looking app.
Here’s the result:
Phase 3 - Poastal
I could have stopped there, but no! There was a comment or two that sort of rubbed me wrong. It said “is this like Sherlock” or something like that. I didn’t want to run over the cool branding of an awesome tool like Sherlock and the detective theme was extremely overplayed at this point. So I mulled it over for a couple of days while continuing to enhance the tool.
There were other problems, outside of branding, that I had to address including:
Starting a new search didn’t hide the results of the first search.
I had to handle names, locations, and other features differently than the true/false results of platform checks
Certain modules died off after a couple of days when cookies or other things expired
Other issues in scalability
I eventually ended up adding some new modules, removing others, and modifying a few to make them more sustainable. The least sustainable ones I kept out of the open-source version to avoid massive spam and/or OPSEC concerns.
While I did that, I considered these names: Mageic, Premail, Email OSINT (again), and a few other nonsensical phonetic fake words. I ended up landing on Poastal because many of the methods this tool uses make POST requests and after trying to be creative I realized Postal is related to the mail (email), POST requests are being made, and Postal rhymes with Coastal. Easy.
I looked up the domain poastal.com and it wasn’t taken. Unreal, a 7-letter domain name that doesn’t suck was still available. I scooped that up immediately and started tailoring the 27+ module tool down to a sustainable 10-module version for the community.
Here’s the result:
I had to remove Instagram as a source because of some CSRF token issues and the spam issue I mentioned before. I added an orange box highlight to match the new logo, changed the icons in the results to create a better UX, and added a shameless plug to the search results to subscribe to this newsletter.
It’s ready for primetime.
Thanks for reading my story. If you’re interested in giving Poastal a spin, here’s a link to the Github repo. I’ve also added a detailed ReadMe to ensure a super easy setup. Please consider giving it a star if you enjoy it.
My goal was to make this tool as accessible as possible to investigators from all walks of life and technical backgrounds and I hope you don’t run into any issues along the way; however, if you do, don’t hesitate to reach out and ask me for a hand.
It’s still TBD on how many modules I will release. I want to make sure I’m doing things ethically and not creating a problem for these platforms that the tool checks but also continuously adding value to the OSINT community wherever I can.
If you have any requests or ideas, let me know!
Poastal - the Email OSINT tool
Open the index.html file in the root directory, run the flask app, and enter an email in your web browser
helpp