Features • Usage • Install • Configuration
Created by Maksim Radaev/@vflame6
leaker is a leak discovery tool that returns valid credential leaks using passive online sources. It supports searching by email, username, domain, keyword, and phone number.
- 9 sources — aggregates results from multiple leak databases
- 5 search types — email, username, domain, keyword, phone
- Deduplication — removes duplicate results across sources
- JSONL output — structured output for pipelines (
-j) - Rate limiting — built-in per-source rate limits (disable with
-N) - Proxy support — route traffic through HTTP proxy (
--proxy) - Multiple API keys — load balancing across keys per source
| Source | API Key | Search Types | Pricing |
|---|---|---|---|
| ProxyNova | No | all | Free |
| LeakCheck | Yes | email, username, domain, keyword, phone | Paid |
| OSINTLeak | Yes | email, username, domain, keyword, phone | Paid |
| Intelligence X | Yes | all | Free tier available |
| BreachDirectory | Yes | all (auto-detect) | Free via RapidAPI |
| Leak-Lookup | Yes | email, username, domain, keyword, phone | Paid |
| DeHashed | Yes | email, username, domain, keyword, phone | Paid |
| Snusbase | Yes | email, username, domain, keyword, phone | Paid |
| LeakSight | Yes | email, username, domain, keyword, phone | Paid |
leaker -hUsage: leaker <command> [flags]
leaker is a leak discovery tool that returns valid credential leaks for emails,
using passive online sources.
Flags:
-h, --help Show context-sensitive help.
-s, --sources=all,... Specific sources to use for enumeration (default
all). Use --list-sources to display all available
sources.
--timeout=30s Seconds to wait before timing out (default 30s)
-N, --no-rate-limit Disable rate limiting (DANGER)
-j, --json Output results as JSONL (one JSON object per line)
--no-deduplication Disable deduplication of results across sources
--no-filter Disable results filtering, include every result
-o, --output=STRING File to write output to
--overwrite Force overwrite of existing output file
-p, --provider-config="provider-config.yml"
Provider config file
--proxy=STRING HTTP proxy to use with leaker
-A, --user-agent=STRING Custom user agent
--insecure Disable TLS certificate verification (use with
caution)
--version Print version of leaker
-q, --quiet Suppress output, print results only
-v, --verbose Show sources in results output
-D, --debug Enable debug mode
-L, --list-sources List all available sources
Commands:
domain Search by domain name.
email Search by email address.
keyword Search by keyword.
phone Search by phone number.
username Search by username.
Run "leaker <command> --help" for more information on a command.Search by email:
leaker email user@example.comSearch by domain using specific sources and piped input:
echo "example.com" | leaker domain -s leakcheck,dehashedSearch by phone number with JSONL output:
leaker phone 1234567890 -j -o results.jsonlleaker requires go1.24 to install successfully.
go install -v github.com/vflame6/leaker@latestCompiled binaries are available on the Releases page.
Build from source:
go build -o leaker main.goBuild with Docker:
docker build -t leaker .leaker generates a provider-config.yml file on first launch. Add your API keys there:
leakcheck: [YOUR_LEAKCHECK_API_KEY]
osintleak: [YOUR_OSINTLEAK_API_KEY]
intelx: [2.intelx.io:YOUR_INTELX_API_KEY]
breachdirectory: [YOUR_RAPIDAPI_KEY]
leaklookup: [YOUR_LEAKLOOKUP_API_KEY]
dehashed: [YOUR_DEHASHED_API_KEY]
snusbase: [YOUR_SNUSBASE_ACTIVATION_CODE]
leaksight: [YOUR_LEAKSIGHT_TOKEN]Each source accepts a list of API keys for load balancing:
leakcheck: [key1, key2, key3]Intelligence X uses HOST:API_KEY format to support different tiers:
intelx: [free.intelx.io:your-uuid] # free tier
intelx: [2.intelx.io:your-uuid] # paid tierFeel free to open an issue if something does not work, or if you have any ideas to improve the tool.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
