Module Name: Have I been pwned? Breach Search
Module path: recon/contacts-credentials/hibp_breach
Name: Have I been pwned? Breach Search
Path: modules/recon/contacts-credentials/hibp_breach.py
Author: Tim Tomes (@LaNMaSteR53) & Tyler Halfpop (@tylerhalfpop)
Description:
Leverages the haveibeenpwned.com API to determine if email addresses are associated with breached credentials. Adds compromised email addresses to the 'credentials' table.
Options:
| Name |
Current Value |
Required |
Description |
| SOURCE |
default |
yes |
source of input (see 'show info' for details) |
Source Options:
| default |
SELECT DISTINCT email FROM contacts WHERE email IS NOT NULL |
| <string> |
string representing a single input |
| <path> |
path to a file containing a list of inputs |
| query <sql> |
database query returning one column of inputs |