/haveibeenpwned_api

No description, website, or topics provided.
  1. Python 100.0%
Switch branches/tags
Nothing to show
Find file
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Download ZIP

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching Xcode...

If nothing happens, download Xcode and try again.

Launching Visual Studio...

If nothing happens, download the GitHub extension for Visual Studio and try again.

Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md
image.png
pwned_api.py

README.md

haveibeenpwned_api

Description:

This script has been developed to aid penetration testers and red teams in the discovery of breached accounts. All data obtained from this script is sourced from the HaveIBeenPwned.com API provided by Troy Hunt.

Features:

  • Leverages cfscrape in order to obtain CloudFlare cookies to aid in querying the API programatically.
  • Queries the API to identify if certain email addresses have been pwned (supports file and single input)
  • Can obtain pastes from the API if they exists on email address that have been determined to have been breached.
  • Queries the API searching for certain breaches (supports file and single input)
  • Can pull down all breached sites in the API.

Usage Example:

$ python pwned_api.py -af emails -p

alt text

Requirements:

$ pip install cfscrape