Labsco
Cyreslab-AI logo

Have I Been Pwned

โ˜… 2

from Cyreslab-AI

Check if an account or password has been compromised in a data breach using the Have I Been Pwned API.

๐Ÿ”ฅ๐Ÿ”ฅ๐Ÿ”ฅโœ“ VerifiedAccount requiredNeeds API keys

Have I Been Pwned MCP Server

smithery badge

A Model Context Protocol (MCP) server that provides integration with the Have I Been Pwned API to check if your accounts or passwords have been compromised in data breaches.

Features

This MCP server provides four main tools:

  1. check_email: Check if an email address has been found in data breaches
  2. check_password: Check if a password has been exposed in data breaches (using k-anonymity)
  3. get_breach_details: Get detailed information about a specific data breach
  4. list_all_breaches: List all breaches in the system, optionally filtered by domain

Security Notes

  • The password checking feature uses k-anonymity to check passwords without sending the full password to the Have I Been Pwned API
  • Only the first 5 characters of the SHA-1 hash of the password are sent to the API
  • The API returns a list of hash suffixes that match the prefix, and the check is completed locally