{"id":18811790,"url":"https://github.com/jetkai/breachcheck-python","last_synced_at":"2026-01-11T15:30:16.756Z","repository":{"id":109393609,"uuid":"363543789","full_name":"jetkai/BreachCheck-python","owner":"jetkai","description":"Simple API to check if you have been breached within an RSPS Database (Python)","archived":false,"fork":false,"pushed_at":"2021-07-30T04:33:53.000Z","size":4148,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-12-30T00:13:35.471Z","etag":null,"topics":["api","breach","breach-check","checker","database","hash","md5","python","python39","rsps","rsps-database-leaks","sha1","sha256","sha512"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jetkai.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-05-02T01:39:14.000Z","updated_at":"2023-08-08T01:45:22.000Z","dependencies_parsed_at":"2023-04-25T00:33:15.847Z","dependency_job_id":null,"html_url":"https://github.com/jetkai/BreachCheck-python","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jetkai%2FBreachCheck-python","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jetkai%2FBreachCheck-python/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jetkai%2FBreachCheck-python/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jetkai%2FBreachCheck-python/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jetkai","download_url":"https://codeload.github.com/jetkai/BreachCheck-python/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239748248,"owners_count":19690232,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","breach","breach-check","checker","database","hash","md5","python","python39","rsps","rsps-database-leaks","sha1","sha256","sha512"],"created_at":"2024-11-07T23:27:42.082Z","updated_at":"2026-01-11T15:30:16.664Z","avatar_url":"https://github.com/jetkai.png","language":"Python","readme":"[up-shield]: https://img.shields.io/uptimerobot/status/m788787797-6044d62f9e978ab17c5fd1b9?style=flat-square\n[up-url]: https://api.rsps.tools\n[uptime-shield]: https://img.shields.io/uptimerobot/ratio/m788787797-6044d62f9e978ab17c5fd1b9?style=flat-square\n[uptime-url]: https://api.rsps.tools\n\n# RSPS/Gaming Database Breach Checker\n[![Status][up-shield]][up-url]\n[![Uptime][uptime-shield]][uptime-url]\n\n`(~Uptime affected by updates)`\n\n## About\n\n**Please do not abuse or misuse this tool as this is a free tool intended for the large amount of RSPS players who have compromised passwords (~60%).**\n\nThis tool will allow you to check if a user's password/hash is compromised from a known-list of leaked RSPS databases.\nThe password will be hashed using SHA-1 by default and sent to an API that will compare the hash. JSON data will be returned, mentioning if the password is in a breach.\n\nAll passwords are hashed on the back-end and include around ~800K unique passwords from various RSPS database leaks (from 2009 - present)\n\nYou can implement this to your LoginDecoder (on account creation) or a ChangePassword command for example. [THROTTLE THESE REQUESTS]\n\nCalls to the API are not logged and I would HIGHLY recommend sending hashed passwords and NOT plain-text.\nAPI is Cloudflare Rate Limited and is set to 1000 requests a minute (PER IP). If you require more requests per minute, message me. If you are receiving error \"429\", please adjust your usage.\n\n## API - api.rsps.tools/jetkai/breachcheck\n\n### Supported algorithms:\n- MD5, SHA-1, SHA-256, SHA-512 \u0026 PLAIN-TEXT\n\n**BCrypt is not available.** Further hashing algorithms added upon request.\n\n— Can use HTTP or HTTPS protocol\n\n— Data is sorted by most commonly used passwords and hashed\n\n— Returns hashPos (this is how common the hash is, such as 123 being 0 - the most common)\n\n— Option to view/download up-to 100,000 of the most common hashes (as json format)\n\nRequest Example 1. Query if Hash/Password is on Breach List:\n---\n### Request Data Example:\n```\n(required) token : \u003cString\u003e\n(optional-default=\"\") hash : \u003cString\u003e [HASHES ONLY]\n(optional-default=\"\") password : \u003cString\u003e [PLAN TEXT PASSWORDS ONLY]\n\n//MD5\nhttps://api.rsps.tools/jetkai/breachcheck?token=39439e74fa27c09a4\u0026hash=25ab1f0f2d6386a2702867cd82573ada\n\n//SHA-1\nhttps://api.rsps.tools/jetkai/breachcheck?token=39439e74fa27c09a4\u0026hash=403926033d001b5279df37cbbe5287b7c7c267fa\n\n//SHA-256\nhttps://api.rsps.tools/jetkai/breachcheck?token=39439e74fa27c09a4\u0026hash=ed8779a2222dc578f2cffbf308411b41381a94ef25801f9dfbe04746ea0944cd\n\n//SHA-512\nhttps://api.rsps.tools/jetkai/breachcheck?token=39439e74fa27c09a4\u0026hash=0e2d148eff53f3b82ee3aa6f62c9ef8e3ceeddff865a733c294db55023b121e81f5ffdde83dc07e274c7389d1e1e430c20d582889a6399c32811fff47f260be6\n\n//PLAIN-TEXT\nhttps://api.rsps.tools/jetkai/breachcheck?token=39439e74fa27c09a4\u0026password=123123\n```\n### Return Data Example:\n```\n{\n\t\"token\": \"39439e74fa27c09a4\",\n\t\"hash\": \"ed8779a2222dc578f2cffbf308411b41381a94ef25801f9dfbe04746ea0944cd\",\n\t\"hashPos\": 2,\n\t\"severity\": \"Top 100 Common Passwords\",\n\t\"databaseBreach\": \"Stoned 2021 ~800K Unique Passwords (15+ RSPS Databases)\",\n\t\"hashType\": \"SHA-256\",\n\t\"breached\": true\n}\n```\n\nRequest Example 2. View/Download X amount of hashes as a JSON, sorted by most commonly used: [New Feature]\n---\n### Request Data Example:\n```\n(required) viewhashes : true, false\n(required) hashtype : md5, sha1, sha256, sha512\n(optional-default=0) amount : 0 -\u003e 100000\n(optional-default=false) download : true, false\n\n//Top 5 most common MD5 Hashes\nhttps://api.rsps.tools/jetkai/breachcheck?viewhashes=true\u0026hashtype=md5\u0026amount=5\n\n//Top 5 most common SHA-1 Hashes\nhttps://api.rsps.tools/jetkai/breachcheck?viewhashes=true\u0026hashtype=sha1\u0026amount=5\n\n//Top 5 most common SHA-256 Hashes\nhttps://api.rsps.tools/jetkai/breachcheck?viewhashes=true\u0026hashtype=sha256\u0026amount=5\n\n//Top 5 most common SHA-512 Hashes\nhttps://api.rsps.tools/jetkai/breachcheck?viewhashes=true\u0026hashtype=sha512\u0026amount=5\n```\n### Return Data Example:\n```\n{\n     \"hashes\": [\n        \"7c4a8d09ca3762af61e59520943dc26494f8941b\",\n        \"40bd001563085fc35165329ea1ff5c5ecbdbbeef\",\n        \"99efc50a9206bde3d7a8e694aad8e138ca7dc3f7\",\n        \"403926033d001b5279df37cbbe5287b7c7c267fa\",\n        \"8cb2237d0679ca88db6464eac60da96345513964\"\n     ]\n}\n```\nImplement this into a Server Source (Example):\n---\nThis is an Example implemententation... I would recommend still giving an option for players to use these passwords, just use this as a message warning. This example shows how to block newly created accounts from using ANY breached password.\n1. Copy the **BreachCheckAPI.java** file over to the utils folder\n2. Copy the **commons-codec-1.15.jar** library file over to your libs filder\n3. Add the **commons-codec-1.15.jar** library to your compiler / IDE\n4. Open the **PlayerLoading.java** file\n5. Find:\n```\n\t\tif (!file.exists()) {\n\t\t\treturn LoginResponses.NEW_ACCOUNT;\n\t\t}\n```\n6. Replace with\n```\n\t\tif (!file.exists()) {\n\t\t\tBreachCheckAPI bca = new BreachCheckAPI();\n\t\t\tbca.setPassword(player.getPassword());\n\t\t\treturn bca.isBreached() ? LoginResponses.LOGIN_COULD_NOT_COMPLETE : LoginResponses.NEW_ACCOUNT;\n\t\t}\n```\n7. Edit response 13 within your Client.java file (on your client) and change the message to resemble \"Your password is too weak, use another password\" or \"This is a commonly used password, please use another\".\n8. Finished product:\n\n![image](https://user-images.githubusercontent.com/26250917/126927573-6b1f3ddc-b232-451e-90fd-acead577463d.png)\n\n9. You can also add this to the ::changepassword command as-well, refusing to allow the password to be changed (or warn)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjetkai%2Fbreachcheck-python","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjetkai%2Fbreachcheck-python","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjetkai%2Fbreachcheck-python/lists"}