Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Add-On for HaveIBeenPwned app icon

Add-On for HaveIBeenPwned

A Splunk® add-on providing a custom search command "haveibeenpwned" to query Troy Hunt's Have I Been Pwned API (https://haveibeenpwned.com/api/v3/) for known breaches of your (company's) domains or your friends'/family's/enemies'/hardly distantly related someone's/employees'/colleagues' mail adresses. Please respect people's privacy and adhere to the service's acceptable use (https://haveibeenpwned.com/API/v3#AcceptableUse). I tried respecting the limits posed on the API's use in the command's source code, which is why you'll have to have a little patience when querying for large amounts of mail addresses. I was unsatisfied with the publicly available Splunk add-ons already providing this functionality as they either didn't allow control over what and how is queried for or didn't format the output to my wishes. So I came up with my own Splunk add-on implementing these missing features. Cross-compatible with Python 2 and 3. Tested on Splunk Enterprise 9.0.2 and 8.2.3 on Windows, Linux and Splunk Cloud. Licensed under http://www.apache.org/licenses/LICENSE-2.0. Feel free to submit issues via https://github.com/hRun/SA-haveibeenpwned/issues.

Built by Harun Kuessner
splunk product badge
Latest Version 2.3.1
February 10, 2025
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
Rating

0

(0)

Log in to rate this app
Support
Add-On for HaveIBeenPwned support icon
Not Supported
Ranking

#15

in Threat Intel
A Splunk® add-on providing a custom search command "haveibeenpwned" to query Troy Hunt's Have I Been Pwned API (https://haveibeenpwned.com/api/v3/) for known breaches of your (company's) domains or your friends'/family's/enemies'/hardly distantly related someone's/employees'/colleagues' mail adresses. Please respect people's privacy and adhere to the service's acceptable use (https://haveibeenpwned.com/API/v3#AcceptableUse). I tried respecting the limits posed on the API's use in the command's source code, which is why you'll have to have a little patience when querying for large amounts of mail addresses. I was unsatisfied with the publicly available Splunk add-ons already providing this functionality as they either didn't allow control over what and how is queried for or didn't format the output to my wishes. So I came up with my own Splunk add-on implementing these missing features. Cross-compatible with Python 2 and 3. Tested on Splunk Enterprise 9.0.2 and 8.2.3 on Windows, Linux and Splunk Cloud. Licensed under http://www.apache.org/licenses/LICENSE-2.0. Feel free to submit issues via https://github.com/hRun/SA-haveibeenpwned/issues.

Categories

Created By

Harun Kuessner

Source Code

Type

addon

Downloads

2,129

Licensing

Splunk Answers

Resources

Login to report this app listing