Skip to main content
Glama
enesjakozh

Have I Been Pwned MCP Server

by Cyreslab-AI
GitHub
JavaScript
MIT License
  • Apple
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

¿Me han pirateado el servidor MCP?

Un servidor de Protocolo de Contexto de Modelo (MCP) que proporciona integración con la API Have I Been Pwned para verificar si sus cuentas o contraseñas se han visto comprometidas en violaciones de datos.

Características

Este servidor MCP proporciona cuatro herramientas principales:

  1. check_email : Comprueba si una dirección de correo electrónico se ha encontrado en violaciones de datos
  2. check_password : Comprueba si una contraseña ha sido expuesta en violaciones de datos (utilizando k-anonymity)
  3. get_breach_details : Obtenga información detallada sobre una violación de datos específica
  4. list_all_breaches : enumera todas las infracciones en el sistema, opcionalmente filtradas por dominio

Instalación

Instalación mediante herrería

Para instalar hibp-mcp-server para Claude Desktop automáticamente a través de Smithery :

npx -y @smithery/cli install @Cyreslab-AI/hibp-mcp-server --client claude

Prerrequisitos

Configuración

  1. Clonar este repositorio:
    git clone https://github.com/Cyreslab-AI/hibp-mcp-server.git cd hibp-mcp-server
  2. Instalar dependencias:
    npm install
  3. Construir el servidor:
    npm run build
  4. Configure el servidor en su archivo de configuración MCP:Para la extensión VSCode de Claude, agregue a ~/Library/Application Support/Code/User/globalStorage/saoudrizwan.claude-dev/settings/cline_mcp_settings.json :
    { "mcpServers": { "hibp": { "command": "node", "args": ["/path/to/hibp-mcp-server/build/index.js"], "env": { "HIBP_API_KEY": "YOUR_API_KEY_HERE" }, "disabled": false, "autoApprove": [] } } }
    Para la aplicación de escritorio Claude, agréguela a ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) o una ruta similar en otras plataformas.

Ejemplos de uso

Una vez configurado el servidor, puedes usarlo con Claude para comprobar si hay violaciones de datos:

Revisar el correo electrónico

User: Has my email address example@gmail.com been pwned? Claude: Good news! This email address has not been found in any known data breaches.

O si el correo electrónico fue encontrado en infracciones:

User: Has my email address breached@example.com been pwned? Claude: ⚠️ This email address was found in 3 data breaches. Breach details: 1. Adobe (2013-10-04) Domain: adobe.com Description: In October 2013, 153 million Adobe accounts were breached... Compromised data: Email addresses, Password hints, Passwords, Usernames 2. LinkedIn (2012-05-05) Domain: linkedin.com Description: In May 2016, LinkedIn had 164 million email addresses and passwords exposed... Compromised data: Email addresses, Passwords 3. Dropbox (2012-07-01) Domain: dropbox.com Description: In mid-2012, Dropbox suffered a data breach which exposed... Compromised data: Email addresses, Passwords Recommendations: - Change your password for these services immediately - If you used the same password elsewhere, change those too - Enable two-factor authentication where available - Consider using a password manager

Comprobar contraseña

User: Has the password "password123" been exposed in any breaches? Claude: ⚠️ This password has been exposed in data breaches 123,456 times! Recommendations: - Stop using this password immediately - Change it on any site where you use it - Use a unique, strong password for each account - Consider using a password manager

Obtenga detalles de la infracción

User: Tell me about the LinkedIn data breach Claude: # LinkedIn Data Breach **Date:** 2012-05-05 **Domain:** linkedin.com **Accounts affected:** 164,611,595 **Verified:** Yes **Data leaked:** Email addresses, Passwords **Description:** In May 2016, LinkedIn had 164 million email addresses and passwords exposed. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data. **Recommendations:** - If you had an account on this service, change your password - If you used the same password elsewhere, change those too - Monitor your accounts for suspicious activity - Be cautious of phishing attempts that may use this leaked information

Listar todas las infracciones

User: List all Adobe data breaches Claude: Found 1 breaches for domain adobe.com: 1. Adobe (2013-10-04) Domain: adobe.com Accounts affected: 152,445,165 Compromised data: Email addresses, Password hints, Passwords, Usernames

Notas de seguridad

  • La función de verificación de contraseñas utiliza k-anonimato para verificar contraseñas sin enviar la contraseña completa a la API Have I Been Pwned
  • Solo se envían a la API los primeros 5 caracteres del hash SHA-1 de la contraseña
  • La API devuelve una lista de sufijos hash que coinciden con el prefijo y la verificación se completa localmente.

Configuración de la clave API

Este servidor requiere una clave API de Have I Been Pwned para la mayoría de las funciones (excepto la verificación de contraseñas). Puedes obtener una clave API en haveibeenpwned.com/API/Key .

La clave API debe proporcionarse como una variable de entorno denominada HIBP_API_KEY en la configuración de MCP.

Licencia

Instituto Tecnológico de Massachusetts (MIT)

Install Server
A
security – no known vulnerabilities
A
license - permissive license
A
quality - confirmed to work

How are these scores calculated?

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Tools

Un servidor de Protocolo de Contexto de Modelo (MCP) que proporciona integración con la API Have I Been Pwned para verificar si sus cuentas o contraseñas se han visto comprometidas en violaciones de datos.

  1. Características
    1. Instalación
      1. Instalación mediante herrería
      2. Prerrequisitos
      3. Configuración
    2. Ejemplos de uso
      1. Revisar el correo electrónico
      2. Comprobar contraseña
      3. Obtenga detalles de la infracción
      4. Listar todas las infracciones
    3. Notas de seguridad
      1. Configuración de la clave API
        1. Licencia

          Related MCP Servers

          • mcp-hn

            erithwik
            A
            security
            A
            license
            A
            quality
            A Model Context Protocol (MCP) server that provides tools for searching and fetching information from Hacker News.
            Last updated -
            4
            6
            Python
            MIT License
            • Apple

          • mcp-turso-cloud

            spences10
            A
            security
            A
            license
            A
            quality
            🗂️ A Model Context Protocol (MCP) server that provides integration with Turso databases for LLMs. This server implements a two-level authentication system to handle both organization-level and database-level operations, making it easy to manage and query Turso databases directly from LLMs.
            Last updated -
            8
            26
            6
            TypeScript
            MIT License
            • Linux

          • MCP API Service

            nstanw
            A
            security
            F
            license
            A
            quality
            A Model Context Protocol (MCP) server that interacts with system APIs, allowing users to check connections, search employees, register breakfast, and update chemical information by shifts.
            Last updated -
            21
            37
            JavaScript

          • SSH MCP Server

            mfangtao
            -
            security
            F
            license
            -
            quality
            A server that enables remote command execution over SSH through the Model Context Protocol (MCP), supporting both password and private key authentication.
            Last updated -
            JavaScript

          View all related MCP servers

          New MCP Servers

          MCP directory API

          We provide all the information about MCP servers via our MCP API.

          curl -X GET 'https://glama.ai/api/mcp/v1/servers/Cyreslab-AI/hibp-mcp-server'

          If you have feedback or need assistance with the MCP directory API, please join our Discord server