After the Dunkin Donuts credential stuffing breach I went on the lookout for a tool to search for and find leaked credentials. I came across Cr3dOv3r, a nice little Python script that let’s you search for an email address to see which sites leaked it and when. It also let’s you search to find out if a plaintext password was leaked. You can then enter the leaked password, or any password of your choosing, across a broad array of sites and the utility will automatically test to see if it is still valid.
A simple tool and could also be applied nicely in an enterprise environment to proactively detect email addresses that were leaked.