Karma : Find Leaked Emails with Your Passwords

Karma is a tool used for find leaked emails with your passwords. Usage this program for attacking targets without prior consent is illegal.

It’s the end user’s responsibility to obey allapplicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Also Read – Decker : Declarative Penetration Testing Orchestration Framework


sudo apt install tor python3 python3-pip
sudo service tor start
git clone https://github.com/decoxviii/karma.git ; cd karma
sudo -H pip3 install -r requirements.txt
python3 bin/karma.py –help


All the tests were done in Debian/Ubuntu.

  • Search emails with the password: 12345678

python3 bin/karma.py search ‘123456789’ –password -o test1

  • Search emails with the local-part: johndoe

python3 bin/karma.py search ‘johndoe’ –local-part -o test2

  • Search emails with the domain: hotmail.com

python3 bin/karma.py search ‘hotmail.com’ –domain -o test3

  • Search email password: johndoe@unknown.com

python3 bin/karma.py target ‘johndoe@unknown.com’ -o test4