Public/Get-EmailRep.ps1
function Get-EmailRep { <# .SYNOPSIS Query the EmailRep.io API for a report on an email address. .DESCRIPTION EmailRep uses hundreds of data points from social media profiles, professional networking sites, dark web credential leaks, data breaches, phishing kits, phishing emails, spam lists, open mail relays, domain age and reputation, deliverability, and more to predict the risk of an email address. https://emailrep.io/docs/#emailrep-alpha-api .PARAMETER EmailAddress Email address to be queried. .PARAMETER Summary When set to $true, a summary about the email address will be returned. .PARAMETER Raw The original API response will be displayed. By default, the 'details' object is not a nested object. .EXAMPLE Get-EmailRep -EmailAdress bill@microsoft.com email : bill@microsoft.com reputation : high suspicious : False references : 79 blacklisted : False malicious_activity : False malicious_activity_recent : False credentials_leaked : True credentials_leaked_recent : False data_breach : True first_seen : 07/01/2008 last_seen : 05/24/2019 domain_exists : True domain_reputation : high new_domain : False days_since_domain_creation : 10354 suspicious_tld : False spam : False free_provider : False disposable : False deliverable : True accept_all : True valid_mx : True spoofable : False spf_strict : True dmarc_enforced : True profiles : {twitter, vimeo, angellist, linkedin...} .EXAMPLE Get-EmailRep -EmailAdress bill@microsoft.com -Raw email : bill@microsoft.com reputation : high suspicious : False references : 79 details : @{blacklisted=False; malicious_activity=False; malicious_activity_recent=False; credentials_leaked=True; credentials_leaked_recent=False; data_breach=True; first_seen=07/01/2008; last_seen=05/24/2019; domain_exists=True; domain_reputation=high; new_domain=False; days_since_domain_creation=10354; suspicious_tld=False; spam=False; free_provider=False; disposable=False; deliverable=True; accept_all=True; valid_mx=True; spoofable=False; spf_strict=True; dmarc_enforced=True; profiles=System.Object[]} .EXAMPLE "bill@microsoft.com" | Get-EmailRep .EXAMPLE "bill@microsoft.com","john@microsoft.com" | Get-EmailRep | ft email,reputation,credentials_leaked email reputation credentials_leaked ----- ---------- ------------------ bill@microsoft.com high True john@microsoft.com high True .NOTES https://emailrep.io/docs/#emailrep-alpha-api #> [Cmdletbinding()] param( [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = 'Email address to query' )] [ValidatePattern('^([\w-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([\w-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$')] [string[]] $EmailAddress, [Parameter( HelpMessage = 'Return a summary property in the response' )] [switch] $Summary, [Parameter( HelpMessage = 'Return the raw response returned by the API' )] [switch] $Raw ) begin { $baseUrl = "https://emailrep.io" $headers = @{ "Accept" = "application/json" } } process { foreach ($Email in $EmailAddress) { if ($summary) { $queryUrl = "{0}/{1}?summary=true" -f $baseUrl, $Email } else { $queryUrl = "{0}/{1}" -f $baseUrl, $Email } try { $r = Invoke-WebRequest -Method GET -Uri $queryUrl -Headers $headers $j = $r.content | ConvertFrom-Json switch ( $r.StatusCode ) { 200 { $Status = 'OK' } 400 { $Status = 'Bad Request: Invalid email' } 401 { $Status = 'Unauthorized: invalid api key (for authenticated requests)' } 429 { $Status = 'Too Many Requests: too many requests. contact us for an api key' } } if ($r.StatusCode -ne 200) { Write-Host $Status break } } catch { $_.Exception } if ($raw) { return $j } else { $report = [PSCustomObject]@{ email = $j.email reputation = $j.reputation suspicious = $j.suspicious references = $j.references } if ($Summary) { $report | Add-Member -MemberType NoteProperty -Name 'summary' -Value $j.summary } foreach ($p in $j.details.psobject.properties) { $report | Add-Member -MemberType NoteProperty -Name $p.Name -Value $p.Value } return $report } } } } |