API Documentation
Creds - focuses on 3rd party breaches that contain credentials
Darkweb - focuses on company data being leaked or sold on the darkweb
Sessions - focuses on credentials sniffed from malware infected computers
Stealer - focuses on credentials sniffed from malware infected computers
Endpoint :
| Domain Name | Path | ||
|---|---|---|---|
| api.breachsense.io | /creds |
Supported Parameters :
| Parameter | Description | |
|---|---|---|
| action | manage monitored domains must be set to add, del or list |
|
| attr | display a short description of the breach | |
| date | only display results newer that this value. Value set in YYYYMMDD or unixtime formats | |
| dom | add/delete the domain you wish to monitor must be used in conjunction with the action parameter |
|
| hash | return a 0 if the password is in hashed format and a 1 if the password has been decrypted | |
| import | display the date the breach was imported into the database | |
| json | display results in JSON format (default is CSV) | |
| lic | license key can be sent via a GET parameter or request header |
|
| list | list the breaches and dates they were imported | |
| notify | add/delete the email address you wish to receive alerts on must be used in conjunction with the action parameter |
|
| p | results are limited to 500 credentials per request when an HTTP 206 response status is returned, pagination is required to view the remaining results. p is a numeric page value |
|
| r | return the number of remaining monthly queries allowed | |
| search | accepts a domain name or email address | |
| update | return the Unix timestamp the creds database was last updated | |
| uniq | return a list of all unique email addresses and plaintext passwords | |
| unixtime | display the import date in unixtime (aliases: unix,epoch |
Endpoint :
| Domain Name | Path | ||
|---|---|---|---|
| api.breachsense.io | /darkweb |
Supported Parameters :
| Parameter | Description | |
|---|---|---|
| date | only display results newer that this value. Value set in YYYYMMDD or unixtime formats | |
| lic | license key can be sent via a GET parameter or request header |
|
| notify | add/delete the email address you wish to receive alerts on must be used in conjunction with the action parameter |
|
| r | return the number of remaining monthly queries allowed | |
| search | search term - accepts a domain name | |
| update | return the Unix timestamp the darkweb database was last updated | |
| unixtime | display the import date in unixtime (aliases: unix,epoch |
Endpoint :
| Domain Name | Path | ||
|---|---|---|---|
| api.breachsense.io | /sessions |
Supported Parameters :
| Parameter | Description | |
|---|---|---|
| date | only display results newer that this value. Value set in YYYYMMDD or unixtime formats | |
| lic | license key can be sent via a GET parameter or request header |
|
| notify | add/delete the email address you wish to receive alerts on must be used in conjunction with the action parameter |
|
| r | return the number of remaining monthly queries allowed | |
| search | search term - accepts a domain name, email address or IP address | |
| update | return the Unix timestamp the stealer database was last updated | |
| unixtime | display the import date in unixtime (aliases: unix,epoch |
Endpoint :
| Domain Name | Path | ||
|---|---|---|---|
| api.breachsense.io | /stealer |
Supported Parameters :
| Parameter | Description | |
|---|---|---|
| date | only display results newer that this value. Value set in YYYYMMDD or unixtime formats | |
| lic | license key can be sent via a GET parameter or request header |
|
| notify | add/delete the email address you wish to receive alerts on must be used in conjunction with the action parameter |
|
| r | return the number of remaining monthly queries allowed | |
| search | search term - accepts a domain name, email address or IP address | |
| update | return the Unix timestamp the stealer database was last updated | |
| unixtime | display the import date in unixtime (aliases: unix,epoch |