HaveIBeenPwnd – PowerShell Function

Ryan YatesConsultant

Just a person in their 30's doing things in Tech & trying to break the stigma's around talking about Mental Health

I recently became aware of a site called HaveIBeenPwnd - https://haveibeenpwned.com - run by @troyhunt and wanted to create a simple PowerShell Function for being able to check against this Database on whether your Email address (or like me addresses) has been likely to have been Pwnd!

The function is in a Module called Check-HaveIBeenPwndStatus & the current function is called Check-HaveIBeenPwndStatus with only the 1 parameter –Account in which you pass your email account across

So you would call it via Check-HaveIBeenPwndStatus –Account ‘[email protected]’ and you’ll either get back 1 of 2 messages – A warning if it is found like the below

WARNING: We have your account [email protected] marked as having been pwnd on the following sites 000webhost Adobe Black Hat World Flashback Gawker MPGH Stratfor - Please Check and change your passwords across other sites as soon as you can!

Or you’ll get back the following (obviously with your account details)

Although [email protected] has not been found in this database of PwndSites we advise that you change passwords regularly for any other accounts that may be linked to [email protected] for your own protection

Hopefully adding in this function into a profile script that will run once a month (or week or even daily if you need it) will save you some possible headaches in future.

You can find the module on GitHub at http://bit.ly/1MbnFTD