Merge pull request #518 from Killer2OP/GoNot

[ADDED]: GoNot Tool

Author: avinashkranjan

GoNot/README.md

@@ -0,0 +1,30 @@
+# GoNot - Enhanced "Have I Been Pwned" Checker
+GoNot is a Python script that interacts with the "Have I Been Pwned" API to check if email addresses or domains have been involved in data breaches. This enhanced version of the script includes optimized code, improved features, and enhanced efficiency.
+
+## Features
+- Check breach status for a specific email address.
+- Check breach status for a specific domain.
+- Get detailed information about a specific breach.
+- Fetch and display dump data for breached email addresses.
+## Requirements
+- Python 3.x
+- requests library (pip install requests)
+- html2text library (pip install html2text)
+## Usage
+Run the script with appropriate command-line arguments to utilize its features.
+
+```
+python3 gonot.py -e <email_address>
+python3 gonot.py -e <email_address> -d <domain>
+python3 gonot.py -b <breach_name>
+```
+- -e or --email: Check breach status for a specific email address.
+- -d or --domain: Check breach status for a specific domain.
+- -b or --breach: Get detailed information about a specific breach.
+
+# API Key
+To use the script, replace the API_KEY variable in the script with your actual Have I Been Pwned API key. If you don't have an API key, you can obtain one by visiting Have I Been Pwned API Key
+
+# Output
+The script provides clear and formatted output regarding the breach status and relevant information for email addresses and domains. It also displays dump data for breached email addresses, if available.
+

GoNot/gonot.py

@@ -0,0 +1,129 @@
+#!/usr/bin/env python3
+
+import requests
+import argparse
+from time import time, sleep
+from json import loads
+from html2text import html2text
+
+API_BASE_URL = "https://haveibeenpwned.com/api/v3"
+API_KEY = ""  # Your API Key
+
+R = '\033[31m'  # red
+G = '\033[32m'  # green
+C = '\033[36m'  # cyan
+W = '\033[0m'   # white
+Y = '\033[33m'  # yellow
+
+version = '1.3.0.1'
+
+response_codes = {
+    200: "OK",
+    400: "Bad request",
+    401: "Unauthorised",
+    403: "Forbidden",
+    404: "Not Pwned",
+    429: "Too many requests",
+    503: "Service unavailable",
+}
+
+def banner():
+    banner_text = r'''
+      ______       _   __      __
+     / ____/___   / | / /___  / /_
+    / / __/ __ \ /  |/ / __ \/ __/
+   / /_/ / /_/ // /|  / /_/ / /_
+   \____/\____//_/ |_/\____/\__/
+  '''
+    print(G + banner_text + W)
+    print(f'{G}[>]{C} Created by : {W}thewhiteh4t')
+    print(f'{G}[>]{C} Version    : {W}{version}\n')
+
+def get_api_headers():
+    headers = {'User-Agent': 'pwnedOrNot', 'hibp-api-key': API_KEY}
+    return headers
+
+def check_breach(email):
+    url = f"{API_BASE_URL}/breachedaccount/{email}"
+    headers = get_api_headers()
+
+    response = requests.get(url, headers=headers, params={'truncateResponse': 'false'})
+    return response
+
+def check_domain_breach(email, domain):
+    url = f"{API_BASE_URL}/breachedaccount/{email}?domain={domain}"
+    headers = get_api_headers()
+
+    response = requests.get(url, headers=headers, params={'truncateResponse': 'false'})
+    return response
+
+def get_breach_info(breach_name):
+    url = f"{API_BASE_URL}/breach/{breach_name}"
+    headers = get_api_headers()
+
+    response = requests.get(url, headers=headers)
+    return response
+
+def get_paste_account(email):
+    url = f"{API_BASE_URL}/pasteaccount/{email}"
+    headers = get_api_headers()
+
+    response = requests.get(url, headers=headers)
+    return response
+
+def print_breach_info(breach_data):
+    print(f'{G}[+] {C}Breach      : {W}{breach_data["Title"]}')
+    print(f'{G}[+] {C}Domain      : {W}{breach_data["Domain"]}')
+    print(f'{G}[+] {C}Date        : {W}{breach_data["BreachDate"]}')
+    print(f'{G}[+] {C}Pwn Count   : {W}{breach_data["PwnCount"]}')
+    print(f'{G}[+] {C}Fabricated  : {W}{breach_data["IsFabricated"]}')
+    print(f'{G}[+] {C}Verified    : {W}{breach_data["IsVerified"]}')
+    print(f'{G}[+] {C}Retired     : {W}{breach_data["IsRetired"]}')
+    print(f'{G}[+] {C}Spam        : {W}{breach_data["IsSpamList"]}')
+    print(f'{G}[+] {C}Data Types  : {W}{", ".join(breach_data["DataClasses"])}')
+    print(f'{G}[+] {C}Description : {W}{html2text(breach_data["Description"])}')
+
+def main():
+    banner()
+
+    parser = argparse.ArgumentParser(description="Check email or domain against Have I Been Pwned database.")
+    parser.add_argument("-e", "--email", help="Email address to check")
+    parser.add_argument("-d", "--domain", help="Domain name to filter breaches")
+    parser.add_argument("-b", "--breach", help="Get information about a breach")
+    args = parser.parse_args()
+
+    if args.breach:
+        response = get_breach_info(args.breach)
+        if response.status_code == 200:
+            breach_data = response.json()
+            print_breach_info(breach_data)
+        else:
+            print(f'{R}[-] {C}Error: {W}{response_codes.get(response.status_code, "Unknown error")}')
+
+    elif args.email:
+        if args.domain:
+            response = check_domain_breach(args.email, args.domain)
+        else:
+            response = check_breach(args.email)
+
+        if response.status_code == 200:
+            breach_data = response.json()
+            print_breach_info(breach_data)
+            if args.email:
+                paste_response = get_paste_account(args.email)
+                if paste_response.status_code == 200:
+                    paste_data = paste_response.json()
+                    print(f'\n{G}[+] {C}Dumps Found:{W}')
+                    for paste in paste_data:
+                        print(f'{G}[+] {W}{paste["Id"]}')
+                elif paste_response.status_code == 404:
+                    print(f'{G}[+] {C}No dumps found for {W}{args.email}')
+                else:
+                    print(f'{R}[-] {C}Error fetching paste data: {W}{paste_response.status_code}')
+        elif response.status_code == 404:
+            print(f'{G}[+] {C}No breaches found for {W}{args.email}')
+        else:
+            print(f'{R}[-] {C}Error: {W}{response_codes.get(response.status_code, "Unknown error")}')
+
+if __name__ == "__main__":
+    main()

GoNot/requirements.txt

@@ -0,0 +1,2 @@
+requests
+html2text