Leaked.Domains LogoWhat is Leaked.Domains?


Leaked.Domains is much more than just a credential depot.

The ability to have quick access to multiple datasets all in one place saves time and resources.
Quality datasets can aid in the process of either Digitally Profiling an organization, Performing a Phishing Campaign, or even a full RedTeam.
Leaked.Domains contains a number of useful OSINT tools and datasets to help researchers perform passive intelligence gathering on customer domains.

* Research users must be approved and Researcher Contract Agreement must be signed before full access is given.


Leaked Credential Search Functions are available to Researcher Users only

Researcher users have access to numerous datasets that can be used for Digital Profiling, Phishing Campaigns, and RedTeaming.
Details about credentials dataset:

  • With over 8 billion lines and growing, the potential for valid credentials being leaked online grows with every day.
  • Staying on top of new and old credentials alike, either by running continuous comparison scans against an AD or blacklisting known leaked passwords is an important security process in today's rapidly evolving environments.
  • Leaked.Domains can provide you with an advantage that gets you ahead of the threat before it is used against you.


Dataset records: Leaked Origin, First Name, Last Name, Email Address, Cleartext Password, Hashed Password (salt), Username, Secret Question, and IP
Details for Searching via Domain:

  • Researcher users can perform domain searches on any domain they have permission to gather information on.
  • Researchers have unlimited search queries.
  • Results will be displayed in its own dashboard.
  • Domain will be added to the current session which can be cleared manually or automatically after logout.

Details for WildCard Domain Searches:

  • Wildcard searches allow a Researcher to find credentials from additional domains that may not have the same TLD (Top Level Domain).
  • Searches are formatted with an astrix in the place of the TLD.
  • Most additional domains can be identified by the website's logo.
  • Other domains can be researched manually or using any of the other Researcher tools.
  • WildCard searches are not added to the current session unless the researcher views the domain's dashboard.

Details for Multi-Domain Searches:

  • Multi-domain search allows a Researcher to past in a list of domains.
  • The Researcher will then have table which will allow them to view the domain's dashboard or download the associated leaked credentials.
  • Multi-domain searches are not added to the current session unless the researcher views the domain's dashboard.

Details for Searching via Email:

  • Another tool only accessible by Research users is being able to search for a specific email address.
  • Useful when an email address is identified that belongs to a specific target, but is not apart of the customer's domains.
  • Email searches are not added to the current session.

Whois DB Search

This search contains nearly 300 million Whois records. This is a search that will return Domain, Registered Email, and Registering Organization.
If there is enough interest, the search could be expanded to include all Whois info going back to 2012.
This is a great tool for RedTeams to quickly track down additional domains that are associated with a target customer.

Dataset records: 289,954,607
Dataset data: Domain, Registered Email, and Registering Organization.

LinkedIn Profile Search

Built off of a LinkedIn scrape, this dataset contains over 300 million records.
While not totally inclusive of all LinkedIn users, this data can provide a lot of interesting information about an organization based off what information their employees put into their LinkedIn profiles.
This information can also be used to build a massive targeted phishing campaign against a customers' organization.

Dataset records: 289,776,984
Dataset data: Name, Email, LinkedIn ID, LinkedIn URL, and Location

Facebook Profile Search

In the news in 2021, this scrap of public Facebook profiles was leaked online containing nearly 400 million records.
It was determined that Facebook was not hacked, but a malicious user abused a function in the Facebook API to scrape public information from profiles.
Dataset records: 391,425,491
Dataset data: Birthday, Country, Date Registered, Email, First Name, Last Name, Gender, Hometown, Current Location, Phone Number, Relationship Status, Work

HashDB Lookup

Find the cleartext hashes instantly
Leaked.Domains contains a dataset of over 2 billion passwords that came from real database leaks.
Currently Hash Lookup only supports MD5 and Sha1.
We are working to extend Hash Lookup to an number of other hash types such as NTLM and MySQL.

Dataset records : 2,160,138,164
Dataset data: Cleartext Password, MD5 Hash, Sha1 Hash

Customized Reports

Any domain a user has access to can generate a PDF report for that domain
Reports are a C-level style report giving a break down of the following:

  • What data is exposed
  • Where the data came from
  • Details on user password habits
  • Analytics on the cleartext passwords
Reports can also be customized to a Researcher's organization with logo and colors of their choosing.

More tools! More data!

Current datasets are being updated with fresh data, new databases are being imported, and additional tools being added all the time.
Check back often to see what's new at Leaked.Domains