explaingit

katrielmoses/mailaccess

Analysis updated 2026-06-24

13PythonAudience · ops devopsComplexity · 3/5LicenseSetup · moderate

TLDR

Self-hostable OSINT platform that investigates a single email address across breach databases, social sign-in pages, DNS, and web sources and returns a 0-100 exposure score.

Mindmap

mindmap
  root((MailAccess))
    Inputs
      Email address
      Optional API keys
    Outputs
      JSON CSV PDF
      STIX and Maltego XML
      Webhook alerts
    Use Cases
      OSINT investigation
      Breach exposure check
      Pentest recon
    Tech Stack
      Python
      Docker
      SQLite
      WebSocket
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Run an OSINT investigation on a target email and export findings as PDF or STIX

USE CASE 2

Self-host a backend that accepts email queries over HTTP for bulk checks

USE CASE 3

Pipe a list of emails into the CLI and stream JSONL results for triage

USE CASE 4

Add a new social platform check by dropping in a YAML definition

What is it built with?

PythonDockerSQLitePostgresWebSocketYAML

How does it compare?

katrielmoses/mailaccess1lystore/awaekactashui/sjtu-ppt-template-skill
Stars131313
LanguagePythonPythonPython
Setup difficultymoderatemoderatemoderate
Complexity3/52/52/5
Audienceops devopsvibe coderresearcher

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

Some modules like HIBP, SerpAPI, and GHunt require external API keys before they return useful results.

MIT license, meaning you can use, modify, and redistribute the code with attribution.

In plain English

MailAccess is a self-hostable open source investigation platform that takes a single email address and tries to learn as much as possible about it from public sources. It checks the address against breach databases, social network sign in pages, DNS records, and general web searches, then combines all the hits into a single exposure score from 0 to 100 with a low, medium, high, or critical label. The README is upfront that the project is for security researchers, OSINT analysts, and penetration testers operating under authorization, and points new readers at a separate DISCLAIMER file before use. Installation has three flavors. The simplest is pip install mailaccess on Python 3.11 or newer, followed by mailaccess investigate against an email address. There is also a serve mode that keeps a backend running on port 8000 if you want to make many calls from another terminal or from a script. For the full experience with a web UI, you clone the repo and run docker compose up, which brings up backend on 8000 and frontend on 3000. The feature list focuses on breadth. Each investigation runs many modules at once and streams partial results over a WebSocket as they come back. The module catalog covers Gravatar lookups, Have I Been Pwned breach checks, EmailRep reputation, Hudson Rock infostealer logs, Google dorks via SerpAPI, domain and Shodan info, DNS and WHOIS, social account discovery via tools like Holehe and WhatsMyName, phone and messaging app footprint checks, Gmail deep intel via GHunt, and a permutation generator that produces 60 email variants. The README says all opt in modules together check more than 800 platforms. Results can come out as JSON, CSV, PDF, Markdown, STIX 2.1, or Maltego XML. There is a local Maltego transform endpoint so you can run investigations directly from the Maltego desktop app, and webhook hooks for Slack, Discord, or any HTTP endpoint. The tool is pipeline friendly: it reads emails from stdin, streams JSONL, and uses different exit codes for clean, findings, breaches, and error states. SQLite is the default storage, with a Postgres option in Docker Compose. The project is also written to be extended without code. Social style platform checks are defined as YAML files in backend/platforms, so contributors can add a new site by copying a template, editing fields, and opening a pull request. New Python modules drop into backend/modules and auto register on startup. Some modules need API keys, like HIBP and SerpAPI, but most run without any keys. The README links out to more detail in docs/self-hosting.md, docs/integrations.md, and CONTRIBUTING.md. The project is MIT licensed.

Copy-paste prompts

Prompt 1
Give me a 5-minute install guide for MailAccess using pip on Python 3.11
Prompt 2
Show me the docker compose command to bring up MailAccess backend on 8000 and frontend on 3000
Prompt 3
How do I add a new platform check to MailAccess by writing a YAML file in backend/platforms
Prompt 4
Write a shell pipeline that feeds emails from a file into mailaccess investigate and filters by exit code
Prompt 5
Explain how MailAccess combines module hits into the 0-100 exposure score

Frequently asked questions

What is mailaccess?

Self-hostable OSINT platform that investigates a single email address across breach databases, social sign-in pages, DNS, and web sources and returns a 0-100 exposure score.

What language is mailaccess written in?

Mainly Python. The stack also includes Python, Docker, SQLite.

What license does mailaccess use?

MIT license, meaning you can use, modify, and redistribute the code with attribution.

How hard is mailaccess to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is mailaccess for?

Mainly ops devops.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.