pwnedOrNot is a python script which checks if the email account has been compromised in a data breach if the email account is compromised it proceeds to find passwords for the compromised account.
It uses haveibeenpwned v2 API to test email accounts and searches for the password in Pastebin Dumps.
haveibeenpwned offers a lot of information about the compromised email, some useful information is displayed by this script:
- Name of Breach
- Domain Name
- Date of Breach
- Fabrication status
- Verification Status
- Retirement status
- Spam Status
And with all this information pwnedOrNot can easily find passwords for compromised emails if the dump is accessible and it contains the password.
Ubuntu and Kali
git clone https://github.com/thewhiteh4t/pwnedOrNot.git
Copyright (C) 2018 thewhiteh4t