Domain Exposure Monitor
Live Demo Get in touch
Air‑gapped ready • VAPT‑native

Find compromised credentials without leaking anything

A private, offline credential‑exposure appliance. Import vetted exposure bundles, query users across email/phone/username with HMAC‑salted lookups, and trigger response flows—fully within your network.

Request access See VAPT integration
logo logo logo
POST /v1/check
{
  "accounts": [
    {"id": "alice@yourco.com", "kind": "email"},
    {"id": "+15551234567", "kind": "phone"},
    {"id": "devops-alice", "kind": "username"}
  ]
}
Response
[
  {"id":"alice@yourco.com","kind":"email","exposures":[{"breach":"Vendor‑X","first_seen":"2025‑05‑02","pw_present":true}]},
  {"id":"+15551234567","kind":"phone","exposures":[{"breach":"Service‑Y","first_seen":"2025‑04‑10","pw_present":false}]},
  {"id":"devops-alice","kind":"username","exposures":[]}
]
Password‑only signals
curl -s http://appliance.local/v1/password-check \
 -H 'Content-Type: application/json' \
 -d '{"passwords":["Hunter2!2024","S0larWinds!"]}'

Why teams choose Domain Exposure Monitor

🔒

Air‑gapped by Design

Runs fully offline. Import signed exposure bundles via sneaker‑net. No outbound calls.

🔑

Privacy‑Preserving Lookups

HMAC‑salted identifier keys (email/phone/username) and optional Bloom filters. No clear identifiers or passwords at rest.

⚙️

VAPT‑Native

Ships with REST API + CLI for seamless checks inside your VAPT pipelines and CI/CD.

💾

Lean Footprint

MB‑level filters or low‑GB HMAC rows. 1–5k lookups/sec on modest hardware.

🛡️

RBAC + Audit

Role‑based access, immutable audit trail, and approvals for bulk checks.

🔌

Drop‑in Password Hygiene

Local Pwned Passwords range API for sign‑up/reset checks—fully offline.

How it works

⬇️
Import
Load signed exposure bundles generated by your collectors or partners.
🧮
Normalize
Identifiers (email/phone/username) are normalized and HMAC‑salted; optional Bloom filters built per breach.
🔍
Check
SOC/HR or VAPT tools call /v1/check to see if users appear in exposures.
📊
Act
Trigger resets, 2FA reviews, and awareness flows via your SOAR/SIEM.

Bundle with your VAPT platform

Pipeline Hooks

  • Pre‑engagement: screen client identifiers (email/phone/username) for historical exposure volume.
  • Password policy checks via local Pwned Passwords range API and password‑only alerts.
  • Post‑engagement: export exposure + password‑only summary for remediation reports.

Simple REST

curl -s http://appliance.local/v1/check \
 -H 'Content-Type: application/json' \
 -d '{"accounts":[{"id":"user@client.com","kind":"email"}]}'

What you get

  • Air‑gapped import UI with signed bundle verification
  • RBAC, audit trail, approval workflows
  • SIEM/SOAR webhooks and JSON exports

FAQ

Do you store clear identifiers or passwords?
No. Emails/phones/usernames are normalized then HMAC‑salted with a rotating secret. Passwords are never stored; only a boolean flag for presence may be kept.
Can it run fully offline?
Yes. All updates are delivered as signed bundles, imported through the admin UI. No outbound connectivity is required.
How does it integrate with VAPT?
The REST API and CLI make it easy to add pre‑check and reporting steps in your pipelines. JSON exports plug into your reporting templates.
Are rainbow tables still relevant?
For legacy, unsalted fast hashes (e.g., NTLM, MD5) they can drastically speed recovery. For modern salted/KDF hashes (bcrypt/argon2id/PBKDF2), they’re ineffective; we use safe verification and password‑only checks instead.

Ready to keep exposures private?

Book a walkthrough or request a trial build for your lab. Email sales@yourco.com.

View demo Contact sales