pwnedOrNot
by thewhiteh4t
pwnedOrNot is an OSINT tool that identifies compromised email accounts and searches for associated passwords in public dumps using the HaveIBeenPwned API.
OSINT Tool for Finding Passwords of Compromised Email Addresses
Primary Use Case
This tool is primarily used by security researchers, penetration testers, and threat intelligence analysts to verify if email addresses have been breached and to discover exposed passwords from public data dumps. It helps organizations and individuals assess the risk of compromised credentials and take proactive security measures.
- Checks email addresses against HaveIBeenPwned v3 API for breach data
- Searches public dumps for exposed passwords linked to email accounts
- Displays detailed breach information including breach name, domain, date, and status flags
- Supports single email or bulk email checks via file input
- Filters results by domain name
- Option to skip password dump checks and only retrieve breach info
- Provides a list of all pwned domains
- Compatible with multiple Linux distributions and Termux
Installation
- git clone https://github.com/thewhiteh4t/pwnedOrNot.git
- cd pwnedOrNot
- chmod +x install.sh
- ./install.sh
- For BlackArch Linux: pacman -S pwnedornot
- For Docker: git clone https://github.com/thewhiteh4t/pwnedOrNot.git
- docker build -t pon .
- docker run -it pon
Usage
>_ python3 pwnedornot.py -e <email>Check a single email address for breaches and password dumps
>_ python3 pwnedornot.py -f <file name>Check multiple email addresses listed in a file
>_ python3 pwnedornot.py -e <email> -d <domain name>Filter breach results for a specific domain
>_ python3 pwnedornot.py -e <email> -nRetrieve only breach information and skip password dump searches
>_ python3 pwnedornot.py -lGet a list of all breached domains
>_ python3 pwnedornot.py -hDisplay help and usage information
>_ cd pwnedOrNot && git pullUpdate the tool to the latest version
- Integrate pwnedOrNot into phishing simulation campaigns to validate compromised credentials.
- Use the tool to automate periodic credential exposure checks in enterprise environments.
- Combine with SIEM alerts for early detection of credential-based attacks.
- Leverage bulk email scanning to prioritize password resets and MFA enforcement.
- Incorporate findings into threat intelligence reports to enhance organizational risk posture.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about pwnedOrNot. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
sherlock
sherlock-project/sherlock
Hunt down social media accounts by username across social networks
web-check
Lissy93/web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
hosts
StevenBlack/hosts
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
awesome-osint
jivoi/awesome-osint
:scream: A curated list of amazingly awesome OSINT
social-analyzer
qeeqbox/social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
maigret
soxoj/maigret
🕵️♂️ Collect a dossier on a person by username from thousands of sites