Skip to main content

Read-only breach-intelligence MCP: reports THAT a domain was breached and which data types leaked, from public feeds (HaveIBeenPwned, ransomwatch). Never the leaked data.

Project description

data-breach-detector

A read-only breach-intelligence MCP server. It answers "has this domain been breached, what's the recent breach news, how severe is this threat text" from public threat-intelligence disclosure feeds — and reports intelligence, not contents: the existence, timing, scale, category and exposed data-types of a breach, never the leaked records themselves.

Built for defenders. Comparable in spirit to HaveIBeenPwned's own directory.

What it does not do

  • No arbitrary URL fetch, no crawl, no proxy — no general scraping primitives.
  • No .onion marketplace access, no transactions.
  • Never returns the raw text of a dump, paste or leak. A redaction layer strips emails, hashes, IPs, crypto addresses and credential-shaped tokens from every string returned.

Sources (public, no key)

  • HaveIBeenPwned /api/v3/breaches — the public breach directory: domain, breach date, pwn count, and the categories of data exposed.
  • ransomwatch (joshhighet/ransomwatch) — public ransomware leak-site tracker.

Tools

tool what it returns
breach_news(since_days, sector, limit) recent disclosures — entity, date, scale, exposed data types, severity
check_exposure(query) does a domain/company appear in breach data — yes/no + metadata
assess_threat(text) classify a piece of security text — level, categories, action (no network)
feed_sources() which feeds are aggregated + cache freshness

Run

pip install data-breach-detector

data-breach-detector           # stdio (for MCP clients)
data-breach-detector --http    # streamable-HTTP on 127.0.0.1:8790/mcp

Or point an MCP client at the config:

{ "mcpServers": { "data_breach_detector": {
  "command": "data-breach-detector"
} } }

License

MIT. The breach data belongs to its sources (HaveIBeenPwned, ransomwatch); this tool only aggregates their public disclosure metadata, with attribution.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

data_breach_detector-0.1.0.tar.gz (8.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

data_breach_detector-0.1.0-py3-none-any.whl (9.9 kB view details)

Uploaded Python 3

File details

Details for the file data_breach_detector-0.1.0.tar.gz.

File metadata

  • Download URL: data_breach_detector-0.1.0.tar.gz
  • Upload date:
  • Size: 8.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for data_breach_detector-0.1.0.tar.gz
Algorithm Hash digest
SHA256 dba2ee43c8a5925b2360beb5e787aa124ed142022fb9549a9b439e582a136c79
MD5 d739f72aeaf7392ec7fcc01ceb7d4519
BLAKE2b-256 8cd792705586826426f8f7e05141b319e5ee3fbc136d1acaed929c0e2b8a9845

See more details on using hashes here.

Provenance

The following attestation bundles were made for data_breach_detector-0.1.0.tar.gz:

Publisher: publish-pypi.yml on beepboop2025/data-breach-detector

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file data_breach_detector-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for data_breach_detector-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e2c1eda08342ef01090ad7723658b4798db649beb1d2e4c002f1c6aa5ca02e62
MD5 ae9ce326aa50d6779127cbabdf017d31
BLAKE2b-256 41c103a1453aa3f11a7a032ad1d6ae11add7535c47ada9b34321305b2eba3b89

See more details on using hashes here.

Provenance

The following attestation bundles were made for data_breach_detector-0.1.0-py3-none-any.whl:

Publisher: publish-pypi.yml on beepboop2025/data-breach-detector

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page