email2phonenumber is an OSINT tool that uncovers a target's phone number using only their email address by exploiting password reset weaknesses on various websites.
A OSINT tool to obtain a target's phone number just by having his email address
This tool is primarily used by security researchers and threat intelligence analysts to automate the discovery of phone numbers linked to email addresses through OSINT techniques. It helps identify phone numbers by scraping password reset flows and generating valid phone numbers based on numbering plans, aiding in social engineering or penetration testing engagements.
This tool is a proof-of-concept and some supported services have implemented protections such as email verification codes and captchas to prevent abuse. Users should be aware of legal and ethical considerations when using this tool. Contributions to support additional websites are welcome. For more advanced phone number generation features, consider the author's newer tool Phonerator.
Ensure Python 3.x is installed
Install required Python libraries using pip: pip3 install beautifulsoup4 requests
Download or clone the email2phonenumber repository from GitHubpython3 email2phonenumber.py scrape -e target@email.com
Scrapes supported websites to extract phone number digits by initiating password reset using the target's email address
python3 email2phonenumber.py generate -m 555XXX1234 -o /tmp/dic.txt
Generates a dictionary of valid phone numbers based on a phone number mask
python3 email2phonenumber.py bruteforce -m 555XXX1234 -e target@email.com -p /tmp/proxies.txt -q
Performs bruteforce password reset attempts using a phone number mask and proxies to find the target's phone number by correlating masked emails