pwnedOrNot is an OSINT tool that identifies compromised email accounts and searches for associated passwords in public dumps using the HaveIBeenPwned API.
OSINT Tool for Finding Passwords of Compromised Email Addresses
This tool is primarily used by security researchers, penetration testers, and threat intelligence analysts to verify if email addresses have been breached and to discover exposed passwords from public data dumps. It helps organizations and individuals assess the risk of compromised credentials and take proactive security measures.
An API key from HaveIBeenPwned is required to use this tool, which must be purchased from their website. The effectiveness of password searches depends on the availability and accessibility of public dumps, which may sometimes be removed or contain only email addresses without passwords. Windows users are recommended to run the tool in a Linux environment such as Kali Linux WSL2 or a virtual machine for compatibility.
git clone https://github.com/thewhiteh4t/pwnedOrNot.git
cd pwnedOrNot
chmod +x install.sh
./install.sh
For BlackArch Linux: pacman -S pwnedornot
For Docker: git clone https://github.com/thewhiteh4t/pwnedOrNot.git
docker build -t pon .
docker run -it ponpython3 pwnedornot.py -e <email>
Check a single email address for breaches and password dumps
python3 pwnedornot.py -f <file name>
Check multiple email addresses listed in a file
python3 pwnedornot.py -e <email> -d <domain name>
Filter breach results for a specific domain
python3 pwnedornot.py -e <email> -n
Retrieve only breach information and skip password dump searches
python3 pwnedornot.py -l
Get a list of all breached domains
python3 pwnedornot.py -h
Display help and usage information
cd pwnedOrNot && git pull
Update the tool to the latest version