API

Dark Web Exposure API

The Dark Web Exposure API lets developers and security teams check if passwords have been compromised in known data breaches. By querying against massive breach datasets (powered by Have I Been Pwned and similar sources), it reveals whether a password has been leaked and how many times it has appeared.

This API helps businesses and users strengthen account security, enforce better password policies, and prevent credential stuffing attacks. Future updates will extend support to email, username, and domain scans for full dark web monitoring.

The API caters to a wide range of programming languages, including but not limited to: C, Clojure, C#, GO, Java, JavaScript, Kotlin, Node.js, Objective-C, OCaml, PHP, PowerShell, Python, R, RapidQL, Ruby, Shell, and Swift.

Subscribe to Dark Web Exposure API

Introduction

API Overview

The Dark Web Exposure API is designed for real-time password safety checks. It accepts a password input and returns the number of times it has been exposed in breaches. A result of 0 means the password is safe, while higher counts indicate significant exposure risks.

Key Features:

✅ Password Breach Detection – Instantly checks if a password has been leaked
✅ Breach Count Reporting – Shows how many times a password was exposed in known datasets
✅ Secure Queries – Processes requests safely without storing raw passwords
✅ Future-Proof – Roadmap includes support for email, username, and domain scans
✅ Easy Integration – Works with sign-up forms, login systems, and enterprise security flows
✅ REST API – Simple POST requests with clean JSON responses

Additional Highlights:

🔹 Account Security Enforcement – Prevent users from choosing weak or compromised passwords
🔹 Credential Stuffing Protection – Block attackers who reuse breached passwords
🔹 Compliance-Friendly – Helps meet security best practices for password hygiene
🔹 Developer Ready – Lightweight, fast, and scalable for modern applications
🔹 Future Expansion – Planned endpoints will add full dark web exposure monitoring

Endpoints

/password

Endpoints Overview

Check Password Exposure

Scan a password against dark-web breach datasets to determine if it has been exposed. Returns exposure status, hit counts, and (when available) sources or breach names. Great for signup flows, password-strength UIs, and security hygiene checks.

Endpoint:

POST: /password

Parameters:

Name	Type	Required	Description
`password`	string	✅ Yes	The password to check (plaintext or hashed depending on your implementation / API spec). Example: `"mypassword123"`

Python Requests Example:

import requests
url = "https://dark-web-exposure-api.p.rapidapi.com/password"
payload = {"password": "mypassword123"}
headers = {
"content-type": "application/json",
"x-rapidapi-host": "dark-web-exposure-api.p.rapidapi.com",
"x-rapidapi-key": "YOUR_RAPIDAPI_KEY"
}
response = requests.post(url, json=payload, headers=headers)
print(response.json())

Response Example:

{
"breach_count": 11246,
"ok": true
}

Subscribe to Dark Web Exposure API

Subscribe on RapidAPI

Head over to our API listing on RapidAPI and click the “Subscribe” button. Choose a plan that fits your needs — from free testing to full-scale production.

Get Your API Key

Once subscribed, grab your unique X-RapidAPI-Key from the "Endpoints" tab. You’ll use this key to authenticate all your requests securely.

Start Making Requests

Use the provided code snippets or integrate directly into your app. Send requests to any available endpoint and enjoy seamless access to our powerful API features.

Dark Web Exposure API

API

Dark Web Exposure API

Introduction

API Overview

Key Features:

Additional Highlights:

Endpoints

Endpoints Overview

Check Password Exposure

Subscribe on RapidAPI

Get Your API Key

Start Making Requests

Frequently Asked Questions

What does the Dark Web Exposure API do?

Can this API scan emails and usernames?

How secure is the password check?

Who can use this API?

What does breach_count: 0 mean?

Let's Get Started Today!