Awesome-Mirrors/security-apis
1
0
Fork 0
mirror of https://github.com/jaegeral/security-apis.git synced 2024-10-01 05:05:45 -04:00
Code Issues Packages Projects Releases Wiki Activity
9524744aec
security-apis/apidocs/haveIBeenPwned.md
Manuel Schneider 62cb76d6de unofficial HIBP endpoint: domainsearch
2018-05-19 12:52:14 +02:00

1.1 KiB
Raw Blame History

Unofficial API-Endpoints for HIBP

DomainSearch

When using the domain search feature from HIBP you receive email notifications with a token to get all breaches for all accounts within the domain.

Currently (April 2018), to get the search results for this token, the workflow and endpoints are:

  • The token can be extracted from a link of the form https://haveibeenpwned.com/DomainSearch/${token}, which is contained in the mail from HIBP
  • Trigger a mail with links to the search-result: GET https://haveibeenpwned.com/api/multidomainsearch/${token} Response should be "ReadyForVerificationToken"
  • In the new mail, look for a link of the form https://haveibeenpwned.com/DomainSearch/${token}/json and GET it. It contains the full result of your search in json format:
{
    "BreachSearchResults": [ { DomainName: "...", Alias: "...", Breaches: [ <See breach model from https://haveibeenpwned.com/API/v2#BreachModel> ] }]
    "PasteSearchResults": [ { DomainName: "...", Alias: "...", Pastes: [ <See paste model from https://haveibeenpwned.com/API/v2#PasteModel> ] }]
}