Best Have I Been Pwned MCP Servers

Have I Been Pwned is a free online service that allows users to check if their personal data has been compromised in data breaches. It was created by Troy Hunt, a security researcher, to help people discover if their email addresses or passwords have been exposed in known data breaches.

View all Have I Been Pwned MCP Servers

Why this server?
Allows AI agents to search for breached accounts, credentials, and pastes using the Have I Been Pwned API.
darknet-mcp-server
Security Blockchain
badchars
A
license
A
quality
A
maintenance
Dark web & threat intelligence for AI agents. HIBP, ThreatFox, ransomware tracking, Tor .onion access, blockchain intel, exploit search, stealer logs, malware analysis — unified into a single MCP server.
Last updated 2026-06-24
66
4
MIT
Why this server?
Provides tools to check if email addresses have been found in data breaches, verify if passwords have been exposed, get detailed information about specific data breaches, and list all breaches in the system with optional domain filtering.
Have I Been Pwned MCP Server
Security Databases
Cyreslab-AI
A
license
A
quality
D
maintenance
A Model Context Protocol (MCP) server that provides integration with the Have I Been Pwned API to check if your accounts or passwords have been compromised in data breaches.
Last updated 2025-04-25
4
2
MIT
Why this server?
Provides tools for accessing Have I Been Pwned breach data classes, enabling agents to list canonical data class tags for filtering breaches.
mcp-hibp
Security Search Open Data
pipeworx-io
A
license
-
quality
C
maintenance
Enables users to query Have I Been Pwned data classes and check breaches via Pipeworx MCP gateway, allowing natural language interaction.
Last updated 2026-06-02
5
MIT
Why this server?
Functions as a security scanner for MCP servers, auditing them against the OWASP MCP Top 10 and producing letter grades similar to Have I Been Pwned's breach notification service.
mcpwatch
Security Testing & QA Tools Developer Tools
lazymac2x
A
license
-
quality
B
maintenance
MCP server that audits other MCP servers. Run MCPWatch security scans from inside Claude Code or any MCP-compatible agent with 10 OWASP MCP Top 10 aligned checks and A-F letter grades.
Last updated 2026-05-28
MIT
Why this server?
Enables checking email addresses for known data breaches as part of Maltego investigations.
maltego-mcp
Open Data Data Visualization Search
SulimanAbdulrazzaq
A
license
-
quality
B
maintenance
Turns an LLM into a Maltego CE investigation copilot, enabling AI-assisted OSINT investigations by building, analyzing, and exporting Maltego graph files.
Last updated 2026-06-15
MIT
Why this server?
Checks if a password has been breached using the Have I Been Pwned API with k-anonymity; the password never leaves the local machine.
GuardX
Security Code Analysis
harshzagade
A
license
-
quality
B
maintenance
A keyless, defensive code-security auditor that scans codebases for hardcoded secrets, audits dependencies for known CVEs, and checks passwords against breach data using k-anonymity.
Last updated 2026-06-22
1
MIT
Why this server?
Provides integration with Have I Been Pwned API to check for known data breaches associated with email addresses.
MCP OSINT Server
Security Command Line Search
lliwi
F
license
-
quality
B
maintenance
Enables AI agents to perform controlled OSINT tasks (domain, IP, email, phone, username recon; metadata analysis; breach checks) in a Docker sandboxed Kali Linux environment.
Last updated 2026-06-13

darknet-mcp-server

Have I Been Pwned MCP Server

mcp-hibp

mcpwatch

maltego-mcp

GuardX

MCP OSINT Server