Download
WhatBreach is an open source OSINT (Open Source Intelligence) tool designed to help users discover whether an email address has appeared in known data breaches. It simplifies the process of investigating compromised credentials by allowing users to search for a single email address or analyze multiple email addresses at once. It gathers breach information from various sources and APIs to identify where the email has been exposed in leaked databases or online paste sites. Once breaches are discovered, WhatBreach can provide additional context such as the databases associated with those leaks and any related paste dumps containing the email address. If the breach databases are publicly available, the tool can attempt to download them for further analysis. It also supports deeper investigation of email domains and related profiles, making it useful for researchers, security analysts, and penetration testers conducting reconnaissance or breach analysis.
Features
- Searches for data breaches associated with a single email address or multiple emails
- Uses external services such as HaveIBeenPwned and other breach sources to identify exposures
- Detects paste dumps where an email address may appear in publicly shared data leaks
- Can download publicly available breached databases for further analysis
- Supports domain investigation and discovery of related email accounts
- Integrates with multiple OSINT and breach-search services to expand investigation results
Project Samples
