Skip to main content

User Intel | Python SDK

init

UserIntel()

download-file

UserIntel.download_file()

is-password-breached

UserIntel.is_password_breached()

Look up breached passwords

UserIntel.password_breached(hash_type, hash_prefix, verbose, raw, provider)

Determine if a password has been exposed in a security breach using a 5 character prefix of the password hash.

required parameters

str

Hash type to be looked up

str

The prefix of the hash to be looked up.

optional parameters

bool

Echo the API parameters in the response

bool

Include raw data from this provider

str

Use reputation data from this provider: "crowdstrike"

Response Object

A PangeaResponse where the sanctioned source(s) are in the response.result field. Available response fields can be found in our API documentation

response = user_intel.password_breached(
    hash_prefix="5baa6",
    hash_type=HashType.SHA256,
    provider="spycloud",
)

Look up breached passwords V2

UserIntel.password_breached_bulk(hash_type, hash_prefixes, verbose, raw, provider)

Determine if a password has been exposed in a security breach using a 5 character prefix of the password hash.

required parameters

str

Hash type to be looked up

List[str]

The list of prefixes of the hashes to be looked up.

optional parameters

bool

Echo the API parameters in the response

bool

Include raw data from this provider

str

Use reputation data from this provider: "crowdstrike"

Response Object

A PangeaResponse where the sanctioned source(s) are in the response.result field. Available response fields can be found in our API documentation

response = user_intel.password_breached_bulk(
    hash_prefixes=["5baa6"],
    hash_type=HashType.SHA256,
    provider="spycloud",
)

Poll result

UserIntel.poll_result(exception)

Returns request's result that has been accepted by the server

required parameters

AcceptedRequestException

Exception raise by SDK on the call that is been processed.

Response Object

PangeaResponse

response = service.poll_result(exception)

Look up breached users

UserIntel.user_breached(email, username, ip, phone_number, start, end, verbose, raw, provider)

Determine if an email address, username, phone number, or IP address was exposed in a security breach.

required parameters

str

An email address to search for

str

An username to search for

str

An ip to search for

str

A phone number to search for. minLength: 7, maxLength: 15.

str

Earliest date for search

str

Latest date for search

optional parameters

bool

Echo the API parameters in the response

bool

Include raw data from this provider

str

Use reputation data from this provider: "spycloud"

Response Object

A PangeaResponse where the sanctioned source(s) are in the response.result field. Available response fields can be found in our API documentation

response = user_intel.user_breached(
    phone_number="8005550123",
    provider="spycloud",
    verbose=True,
    raw=True,
)

Look up breached users V2

UserIntel.user_breached_bulk(emails, usernames, ips, phone_numbers, start, end, verbose, raw, provider)

Determine if an email address, username, phone number, or IP address was exposed in a security breach.

required parameters

List[str]

A list of email addresses to search for

List[str]

A list of usernames to search for

List[str]

A list of ips to search for

List[str]

A list of phone numbers to search for. minLength: 7, maxLength: 15.

str

Earliest date for search

str

Latest date for search

optional parameters

bool

Echo the API parameters in the response

bool

Include raw data from this provider

str

Use reputation data from this provider: "spycloud"

Response Object

A PangeaResponse where the sanctioned source(s) are in the response.result field. Available response fields can be found in our API documentation

response = user_intel.user_breached_bulk(
    phone_numbers=["8005550123"],
    provider="spycloud",
    verbose=True,
    raw=True,
)