High-performance Windows desktop suite for IMAP validation, email forensics,
cloud storage audit, crypto key recovery and perceptual image fingerprinting.
| 📡 3,000,000+ built-in IMAP servers | 🔑 Seed · Hex · EVM · WIF detection | 🌐 Works without proxies |
|---|---|---|
| 📷 On-device OCR — no API, no internet | 👁️ Anti-Public stores only ~1 KB per photo | ⚡ Up to 3,000 threads |
|
Bulk credential validation against IMAP servers. |
Microsoft account audit via Web API. |
|
Deep forensic harvesting from any mailbox. |
Cloud storage enumeration via Microsoft Live API. |
|
Crypto credentials from images — on-device OCR. |
Detects unique images using 6-signal fingerprinting. |
| Signal | Algorithm | Resistant To |
|---|---|---|
| SHA-256 | Exact byte-level file hash | — |
| pHash ×5 | DCT perceptual hash in 5 orientations | Resize · JPEG · format convert · rotation · flip |
| dHash | Horizontal gradient hash | Brightness / contrast adjustments |
| aHash | Average luminance hash | Global structure changes |
| edge-pHash | pHash on Canny edge map | Colour grading · heavy filters |
| Histogram | Bhattacharyya colour coefficient | Any spatial transformation |
┌─────────────────────────────────────────────────────────────────┐
│ RUN 1 — BUILD MODE │
│ │
│ ▸ Feed your "known / public" photo library │
│ ▸ Only hash fingerprints saved (~1 KB per image) │
│ ▸ Original photos are untouched. Nothing is moved. │
├─────────────────────────────────────────────────────────────────┤
│ RUN 2+ — DETECTION MODE │
│ │
│ ▸ KNOWN (found in DB) → stays in place │
│ ▸ UNKNOWN (not in DB) → Anti-Public → moved to Result\ │
└─────────────────────────────────────────────────────────────────┘
Detection rules — first match wins:
Rule 1 SHA-256 exact file match
Rule 2 best pHash ≤ 8 (all 5 rotation/flip variants)
Rule 3 pHash ≤ 14 AND dHash ≤ 10 AND aHash ≤ 10
Rule 4 edge-pHash ≤ 6 AND histogram BC ≥ 0.95
Rule 5 dHash ≤ 5 AND aHash ≤ 5 AND histogram BC ≥ 0.97
|
7 days All 6 modules |
30 days All 6 modules |
Forever All 6 modules |
💬 To purchase or ask a question →
@cyberpaladin
A free demo is available in this repository with limited functionality:
| Feature | Demo | Professional |
|---|---|---|
| IMAP valid check (Mode M) | ✅ up to 50 threads | ✅ up to 3,000 threads |
| Hotmail valid check (Mode H) | ✅ up to 50 threads | ✅ up to 3,000 threads |
| Email & attachment download | ❌ | ✅ |
| Seed phrase / key scanner | ❌ | ✅ |
| OneDrive, Anti-Public, Photo OCR | ❌ | ✅ |
1. Download the latest release from the Releases tab
2. Extract to any folder — portable, no installation required
3. Run Email Grabber.exe and enter your license key
📄 Configuration files (click to expand)
imap_accounts.txt
user@gmail.com:password
user@outlook.com:password
imap_servers.txt — 3M+ built-in, custom override optional
# Tag-based
[DOMAINS]gmail.com[/DOMAINS][SERVER]imap.gmail.com[/SERVER][PORT]993[/PORT][SSL]true[/SSL]
# INI format
outlook.com = imap-mail.outlook.com:993proxies.txt — optional, works without proxies
192.168.1.1:1080
user:pass@host:1080
socks5://user:pass@proxy.example.com:1080
app-folder/
│
├── AntiPublic/ ← permanent hash DB, never cleared
│ ├── phash_database.txt ← ~1 KB per image, no photos stored
│ └── AntiPublic_features.txt
│
└── Result/
├── Valid_Email.txt
├── Hotmail_DD_MM_YYYY_HH_MM_SS/
│ ├── emails/
│ └── attachments/
├── IMAP_DD_MM_YYYY_HH_MM_SS/
├── OneDrive_DD_MM_YYYY_HH_MM_SS/
├── PhotoSeed&PK_DD_MM_YYYY_HH_MM_SS/
│ ├── Seed.txt · Hex.txt · Evm.txt · Wif.txt
└── Anti-Public_DD_MM_YYYY_HH_MM_SS/
| OS | Windows 10 (build 22621+) or Windows 11 |
| Runtime | .NET 9 — bundled inside the release binary |
| CPU | x64 · 4+ cores recommended |
| RAM | 4 GB minimum · 8 GB recommended |
| Proxy | Optional — direct connection fully supported |
| OCR | Windows OCR packs (Settings → Time & Language → Language) |
| Layer | Technology |
|---|---|
| Language | C# 13 on .NET 9 |
| UI | WPF + ModernWpf (Windows 11 design language) |
| IMAP | MailKit |
| Image processing | Magick.NET (ImageMagick) |
| OCR | Windows.Media.Ocr — on-device, zero latency, no API key |
| Crypto | NBitcoin — BIP-39 checksum validation |
| Config | System.Text.Json |
This software is intended exclusively for authorized security research, penetration testing, corporate IT audits, and lawful OSINT operations.
You must hold explicit written permission before using this tool against any system you do not own.
The authors accept no liability for misuse.
Questions? Ready to purchase?
Built for security professionals · Windows 10 / 11 · .NET 9


