# dehashed-API
[dehashed-API](https://github.com/hmaverickadams/DeHashed-API-Tool) is awesome for parsing creds snagged with [dehashed.com](https://dehashed.com).

## Install
I had good luck spinning up a [venv](/cmd/linux/venv/) and then installing with pipx:

```
pipx install git+https://github.com/hmaverickadams/DeHashed-API-Tool
````

## Set API key
```
nano venv/lib/python3.12/site-packages/dehashapitool/config.txt
```

Paste in your API key in the file, then save and close the file.

## Search for leaked creds - JUST passwords

```
sudo venv/bin/dehashapitool -d domain.com -o domain-pwned-pwz.txt --only-passwords
```

## Search for general info about a domain

```
sudo venv/bin/dehashapitool -d domain.com -o all-the-things-and-stuff.txt
```

## Clean up credential output to prepare for credential spraying
If you're going to spray these credentials using something like [go365](/pentesting/external/go365), this 

```
sed -n "1d; s/\['\([^']*\)'\],\['\([^']*\)'\]/\1:\2/p" | sort | uniq > output-from-dehashed.txt
```

### Snip out shorter passwords
If you know what your target's password length requirements are, you can trim out shorter passwords from this user/pass list.  For example, if you want to get a list of users with passwords 14 characters or more, do: 

```
awk -F: 'length($2) >= 14' users-and-passwords.txt
```