Email

Methodology

Start with a google search (“Who is in THIS role at THIS company?”) Then go to phonebook.cz, hunter.io or equivalent to identify the email formatting. Try to find the person and discover or guess the pattern or format. Go to tools.emailhippo.com or equivalent to verify the emails, but sometimes you get false positives. You probably will only be verifying emails and not doing any kind of interaction. Clearbit Connect is limited so be careful how much you use it.

Discovering Email Addresses

Methodology

Start with a google search. If you’re looking for a specific person or person with a role/position - “Who is in THIS role at THIS company?”
Go to phonebook.cz, hunter.io or equivalent to identify the email formatting.
Try to find the person and discover or guess the format.
Go to tools.emailhippo.com or equivalent to verify the emails. Sometimes you get false positives.
You’ll mostly likely be just verifying emails with any interaction.
Clearbit Connect (is limited so be careful how much you use it).

Format Research

Research format of email addresses.
Use gmail login to see if an email is valid. Enter email and see if it’s already taken. You can also try to reset gmail password to get hints of the recovery email.
- Don’t underestimate forgot password.

Emails that you have found or know about:

Password spraying.
Credential stuffing.

Email Research

hunter.io - Enter domain to get patterns and emails.
phonebook.cz (Site not loading)
voilanorbert.com
mailmeteor.com/email-permutator

Verify emails

Clearbit Connect Chrome extension:
chromewebstore.google.com/detail/clearbit-connect-free-ver/pmnhcgfcafcnkbengdcanjablaabjplo

theHarvester tool gathers names, emails, IPs, subdomains, and URLs:
github.com/laramies/theHarvester

Hunting for breached passwords (think of the method not the tool):
dehashed.com (paid service)

Check if an email was breached.

Tools by themayor - dievus