User Intel | Python SDK

Initializes a new Pangea service client.

UserIntel(token, config, logger_name)

required parameters

token

str

Pangea API token.

optional parameters

config

PangeaConfig | None

Configuration.

logger_name

str

Logger name.

download-file

UserIntel.download_file()

is-password-breached

UserIntel.is_password_breached()

Look up breached passwords

UserIntel.password_breached(hash_type, hash_prefix, verbose, raw, provider)

Determine if a password has been exposed in a security breach using a 5 character prefix of the password hash.

required parameters

hash_type

str

Hash type to be looked up

hash_prefix

str

The prefix of the hash to be looked up.

optional parameters

verbose

bool

Echo the API parameters in the response

raw

bool

Include raw data from this provider

provider

str

Use reputation data from this provider: "crowdstrike"

Response Object

A PangeaResponse where the sanctioned source(s) are in the response.result field. Available response fields can be found in our API documentation

response = user_intel.password_breached(
    hash_prefix="5baa6",
    hash_type=HashType.SHA256,
    provider="spycloud",
)

Look up breached passwords V2

UserIntel.password_breached_bulk(hash_type, hash_prefixes, verbose, raw, provider)

Determine if a password has been exposed in a security breach using a 5 character prefix of the password hash.

required parameters

hash_type

str

Hash type to be looked up

hash_prefixes

List[str]

The list of prefixes of the hashes to be looked up.

optional parameters

verbose

bool

Echo the API parameters in the response

raw

bool

Include raw data from this provider

provider

str

Use reputation data from this provider: "crowdstrike"

Response Object

A PangeaResponse where the sanctioned source(s) are in the response.result field. Available response fields can be found in our API documentation

response = user_intel.password_breached_bulk(
    hash_prefixes=["5baa6"],
    hash_type=HashType.SHA256,
    provider="spycloud",
)

Poll result

UserIntel.poll_result(exception)

Returns request's result that has been accepted by the server

optional parameters

exception

Optional[AcceptedRequestException]

Exception that was previously raised by the SDK on a call that is being processed.

Response Object

PangeaResponse

response = service.poll_result(exception)

Look up breached users

UserIntel.user_breached(email, username, ip, phone_number, start, end, verbose, raw, provider)

Determine if an email address, username, phone number, or IP address was exposed in a security breach.

optional parameters

email

str

An email address to search for

username

str

An username to search for

ip

str

An ip to search for

phone_number

str

A phone number to search for. minLength: 7, maxLength: 15.

start

str

Earliest date for search

end

str

Latest date for search

verbose

bool

Echo the API parameters in the response

raw

bool

Include raw data from this provider

provider

str

Use reputation data from this provider: "spycloud"

Response Object

A PangeaResponse where the sanctioned source(s) are in the response.result field. Available response fields can be found in our API documentation

response = user_intel.user_breached(
    phone_number="8005550123",
    provider="spycloud",
    verbose=True,
    raw=True,
)

Look up breached users V2

UserIntel.user_breached_bulk(emails, usernames, ips, phone_numbers, domains, start, end, verbose, raw, provider)

Determine if an email address, username, phone number, or IP address was exposed in a security breach.

optional parameters

emails

List[str]

A list of email addresses to search for

usernames

List[str]

A list of usernames to search for

ips

List[str]

A list of ips to search for

phone_numbers

List[str]

A list of phone numbers to search for. minLength: 7, maxLength: 15.

domains

List[str]

Search for user under these domains.

start

str

Earliest date for search

end

str

Latest date for search

verbose

bool

Echo the API parameters in the response

raw

bool

Include raw data from this provider

provider

str

Use reputation data from this provider: "spycloud"

Response Object

A PangeaResponse where the sanctioned source(s) are in the response.result field. Available response fields can be found in our API documentation

response = user_intel.user_breached_bulk(
    phone_numbers=["8005550123"],
    provider="spycloud",
    verbose=True,
    raw=True,
)