pwnedOrNot v1.2.6 - OSINT Tool to Find Passwords for Compromised Email Addresses


OSINT Tool to Find Passwords for Compromised Email Accounts
pwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps.

Featured

Get In Touch

Changelog

Features
haveibeenpwned offers a lot of information about the compromised email, some useful information is displayed by this script:
  • Name of Breach
  • Domain Name
  • Date of Breach
  • Fabrication status
  • Verification Status
  • Retirement status
  • Spam Status
And with all this information pwnedOrNot can easily find passwords for compromised emails if the dump is accessible and it contains the password

Tested on
  • Kali Linux 2019.1
  • BlackArch Linux
  • Ubuntu 18.04
  • Kali Nethunter
  • Termux

Installation
Ubuntu / Kali Linux / Nethunter / Termux
git clone https://github.com/thewhiteh4t/pwnedOrNot.git
cd pwnedOrNot
pip3 install requests
BlackArch Linux
pacman -S pwnedornot

Updates
cd pwnedOrNot
git pull

Usage
python3 pwnedornot.py -h

usage: pwnedornot.py [-h] [-e EMAIL] [-f FILE] [-d DOMAIN] [-n] [-l]
                     [-c CHECK]

optional arguments:
  -h, --help                  show this help message and exit
  -e EMAIL, --email EMAIL     Email Address You Want to Test
  -f FILE, --file FILE        Load a File with Multiple Email Addresses
  -d DOMAIN, --domain DOMAIN  Filter Results by Domain Name
  -n, --nodumps               Only Check Breach Info and Skip Password Dumps
  -l, --list                  Get List of all pwned Domains
  -c CHECK, --check CHECK     Check if your Domain is pwned

# Examples

# Check Single Email
python3 pwnedornot.py -e <email>
#OR
python3 pwnedornot.py --email <email>

# Check Multiple Emails from File
python3 pwnedornot.py -f <file name>
#OR
python3 pwnedornot.py --file <file name>

# Filter Result for a Domai   n Name [Ex : adobe.com]
python3 pwnedornot.py -e <email> -d <domain name>
#OR
python3 pwnedornot.py -f <file name> --domain <domain name>

# Get only Breach Info, Skip Password Dumps
python3 pwnedornot.py -e <email> -n
#OR
python3 pwnedornot.py -f <file name> --nodumps

# Get List of all Breached Domains
python3 pwnedornot.py -l
#OR
python3 pwnedornot.py --list

# Check if a Domain is Pwned
python3 pwnedornot.py -c <domain name>
#OR
python3 pwnedornot.py --check <domain name>

Demo



pwnedOrNot v1.2.6 - OSINT Tool to Find Passwords for Compromised Email Addresses pwnedOrNot v1.2.6 - OSINT Tool to Find Passwords for Compromised Email Addresses Reviewed by Zion3R on 8:37 AM Rating: 5