Scripts get details of breaches and breached accounts using 'Have I Been Pwned' API

get_hibp_breach_details.sh

#!/bin/bash
DELIM="|"
OUT_FILE="out-hibp-breach-details.txt"
USER_AGENT="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36"
HIBP_ENDPOINT="https://haveibeenpwned.com/api/v3"
SLEEP_INTERVAL=3
CURL_TIMEOUT=6
USAGE="[-] 
Syntax:
    $0 <breaches_list/breaches_file>  [hibp_api_key=$HIBP_KEY] [sleep_interval=$SLEEP_INTERVAL] [out_file=$OUT_FILE]
Description:
    Get details of breaches using 'Have I Been Pwned' API
Args:
    breaches_list/breaches_file: List of breaches separated by comma OR file with breaches list.
    hibp_key: Have I Been Pwned key. Defaults to env var value of \$HIBP_KEY
    sleep_interval: Number of secs to sleep between username checks. Defaults, $SLEEP_INTERVAL.
    out_file: Output file where to write data. Default, $OUT_FILE
Examples:
    To get details of each breachs, VK:
        $0 VK \$HIBP_KEY
    To get a list of breaches for breaches in file, breaches.txt:
        $0 breaches.txt \$HIBP_KEY
    To get a list of breaches in file, breaches.txt, and key abcdefghijklmnopqrstuvwxyz:
        $0 breaches.txt abcdefghijklmnopqrstuvwxyz
"
if [ $# -lt 1 ]; then
    echo "$USAGE"
    exit 1
fi
breaches_list="$1"
hibp_api_key=${2:-"$HIBP_KEY"}
sleep_interval=${3:-"$SLEEP_INTERVAL"}
out_file=${4:-"$OUT_FILE"}

echo "[*] Checking if HIBP Key is specified..."
if [ -z "$hibp_api_key" ]; then
    echo "[-] HIBP API Key not specified."
    exit 1
fi

echo "[*] Reading breaches list..."
if [ -f "$breaches_list" ]; then
    echo "[*] Reading breaches from file: $breaches_list..."
    breaches=$(cat "$breaches_list")
else
    echo "[*] Parsing breaches list as-is..."
    breaches=$(echo "$breaches_list" | tr -s "," "\n")
fi

num_breaches=$(echo "$breaches" | wc -l)
echo "[*] Number of breaches found: $num_breaches"

echo "[*] Removing output file: $out_file if it exists..."
[ -f "$out_file" ] && rm "$out_file"

echo "[*] Running checks in HIBP for each breaches..."
IFS=$'\n'
for breach in $breaches; do
    hibp_output=""

    i=$(($i + 1))
    echo "[*] $i/$num_breaches: Getting breach data for breach: $breach..."
    hibp_output=$(curl -m "$CURL_TIMEOUT" --http1.1 -s -k -H "hibp-api-key: $HIBP_KEY" -A "$USER_AGENT" "$HIBP_ENDPOINT/breach/$breach")

    echo "[*] $i/$num_breaches: Writing breach info for $breach to $out_file..."
    echo "$breach$DELIM$hibp_output" >> "$out_file"

    echo "[*] $i/$num_breaches: Sleeping for $sleep_interval seconds..."
    sleep $sleep_interval
done

get_hibp_username_details.sh

#!/bin/bash
DELIM="|"
OUT_FILE="out-hibp-username-details.txt"
USER_AGENT="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36"
HIBP_ENDPOINT="https://haveibeenpwned.com/api/v3"
SLEEP_INTERVAL=3
CURL_TIMEOUT=6
USAGE="[-] 
Syntax:
    $0 <usernames_list/usernames_file>  [hibp_api_key=$HIBP_KEY] [sleep_interval=$SLEEP_INTERVAL] [out_file=$OUT_FILE]
Description:
    Get list of breaches where the compromised account appears using 'Have I Been Pwned' API
Args:
    usernames_list/usernames_file: List of usernames separated by comma OR file with usernames list.
    hibp_key: Have I Been Pwned key. Defaults to env var value of \$HIBP_KEY
    sleep_interval: Number of secs to sleep between username checks. Defaults, $SLEEP_INTERVAL.
    out_file: Output file where to write data. Default, $OUT_FILE
Examples:
    To get a list of breaches for username, tony:
        $0 tony \$HIBP_KEY
    To get a list of breaches for usernames in file, usernames.txt:
        $0 usernames.txt \$HIBP_KEY
    To get a list of breaches for usernames in file, usernames.txt, and key abcdefghijklmnopqrstuvwxyz:
        $0 usernames.txt abcdefghijklmnopqrstuvwxyz
"
if [ $# -lt 1 ]; then
    echo "$USAGE"
    exit 1
fi
usernames_list="$1"
hibp_api_key=${2:-"$HIBP_KEY"}
sleep_interval=${3:-"$SLEEP_INTERVAL"}
out_file=${4:-"$OUT_FILE"}

echo "[*] Checking if HIBP Key is specified..."
if [ -z "$hibp_api_key" ]; then
    echo "[-] HIBP API Key not specified."
    exit 1
fi

echo "[*] Reading usernames list..."
if [ -f "$usernames_list" ]; then
    echo "[*] Reading usernames from file: $usernames_list..."
    usernames=$(cat "$usernames_list")
else
    echo "[*] Parsing usernames list as-is..."
    usernames=$(echo "$usernames_list" | tr -s "," "\n")
fi

num_usernames=$(echo "$usernames" | wc -l)
echo "[*] Number of usernames found: $num_usernames"

echo "[*] Removing output file: $out_file if it exists..."
[ -f "$out_file" ] && rm "$out_file"

echo "[*] Running checks in HIBP for each username..."
IFS=$'\n'
for username in $usernames; do
    breach_info=""; hibp_output=""

    i=$(($i + 1))
    echo "[*] $i/$num_usernames: Getting breach data for username: $username..."
    hibp_output=$(curl -m "$CURL_TIMEOUT" --http1.1 -s -k -H "hibp-api-key: $HIBP_KEY" -A "$USER_AGENT" "$HIBP_ENDPOINT/breachedaccount/$username")
    
    echo "[*] $i/$num_usernames: Parsing breach names for username: $username..."
    breach_info=$(echo "$hibp_output" | grep -ioE '"Name"\s*:\s*"[^"]+' | cut -d'"' -f4 | tr -s "\n" ";")
    
    echo "[*] $i/$num_usernames: Writing breach info for $username to $out_file..."
    echo "$username$DELIM$breach_info" >> "$out_file"

    echo "[*] $i/$num_usernames: Sleeping for $sleep_interval s..."
    sleep $sleep_interval
done