Cyreslab-AI_hibp-mcp-server

Cyreslab-AI_hibp-mcp-server

0
securitymonitoring

The Have I Been Pwned MCP Server is a tool for verifying whether emails or passwords have been compromised using the Have I Been Pwned API. It includes features for checking emails, passwords, and obtaining breach details, with security measures like k-anonymity for password checking.

Have I Been Pwned MCP Server

A Model Context Protocol (MCP) server providing integration with the Have I Been Pwned API to check for account or password compromises in data breaches.

Features

  • check_email: Verify if an email is found in data breaches
  • check_password: Validate if a password has been exposed using k-anonymity
  • get_breach_details: Retrieve detailed info about a specific data breach
  • list_all_breaches: Display all breaches in the system, with optional domain filtering

Installation

Prerequisites

  • Node.js (v14 or higher)
  • npm (v6 or higher)
  • Have I Been Pwned API key

Steps

  1. Clone the repository and install dependencies.
  2. Build the server and configure it in your MCP settings.

API Key Configuration

The API key must be set as an environment variable named HIBP_API_KEY.