-
-
Notifications
You must be signed in to change notification settings - Fork 39
Configuration
Set up API keys and configure leaker for maximum coverage
Leaker reads API keys from a YAML configuration file. The default location is:
-
Linux/macOS:
$HOME/.config/leaker/provider-config.yaml -
Custom path: Use the
-pflag or set theLEAKER_PROVIDER_CONFIGenvironment variable
The file is generated automatically on first run. Add your API keys to enable paid sources.
breachdirectory: [YOUR_RAPIDAPI_KEY]
dehashed: [YOUR_DEHASHED_API_KEY]
hudsonrock: [YOUR_CAVALIER_API_KEY]
intelx: [free.intelx.io:YOUR_INTELX_UUID]
leakcheck: [YOUR_LEAKCHECK_API_KEY]
leaklookup: [YOUR_LEAKLOOKUP_API_KEY]
leaksight: [YOUR_LEAKSIGHT_TOKEN]
osintleak: [YOUR_OSINTLEAK_API_KEY]
snusbase: [YOUR_SNUSBASE_ACTIVATION_CODE]
weleakinfo: [YOUR_PUBLIC_KEY:YOUR_PRIVATE_KEY]
whiteintel: [YOUR_WHITEINTEL_API_KEY]Each source accepts a list of API keys. Leaker will distribute requests across them:
leakcheck: [key1, key2, key3]
dehashed: [key_a, key_b]This is useful for:
- Spreading API quota across multiple accounts
- Avoiding rate limits on high-volume scans
- Redundancy if one key expires
These sources work without any configuration:
| Source | Notes |
|---|---|
| ProxyNova | Free, no key required |
| Hudson Rock | Free tier available without key, paid Cavalier API with key |
| Source | Key Format | How to Get |
|---|---|---|
| BreachDirectory | RapidAPI key | Sign up on RapidAPI and subscribe to BreachDirectory API |
| DeHashed | API key | Paid subscription at dehashed.com |
| Hudson Rock | Cavalier API key | Paid Cavalier API subscription |
| Intelligence X | HOST:API_KEY |
Free tier available at intelx.io |
| LeakCheck | API key | Paid subscription at leakcheck.io |
| Leak-Lookup | API key | Paid subscription at leak-lookup.com |
| LeakSight | Token | Paid subscription at leaksight.com |
| OSINTLeak | API key | Paid subscription at osintleak.com |
| Snusbase | Activation code | Paid subscription at snusbase.com |
| WeLeakInfo | PUBLIC_KEY:PRIVATE_KEY |
Paid subscription at weleakinfo.io |
| WhiteIntel | API key | Paid subscription at whiteintel.io |
Intelligence X uses a HOST:API_KEY format. The host depends on your subscription tier:
# Free tier
intelx: [free.intelx.io:your-uuid-here]
# Paid tier
intelx: [2.intelx.io:your-uuid-here]WeLeakInfo requires both a public and private key separated by a colon:
weleakinfo: [your_public_key:your_private_key]Not all sources support all search types. The table below shows which search types each source handles:
| Source | Username | Domain | Keyword | Phone | |
|---|---|---|---|---|---|
| BreachDirectory | ✅ | ✅ | ✅ | ✅ | ✅ |
| DeHashed | ✅ | ✅ | ✅ | ✅ | ✅ |
| Hudson Rock | ✅ | ✅ | ✅ | - | - |
| Intelligence X | ✅ | ✅ | ✅ | ✅ | ✅ |
| LeakCheck | ✅ | ✅ | ✅ | ✅ | ✅ |
| Leak-Lookup | ✅ | ✅ | ✅ | ✅ | ✅ |
| LeakSight | ✅ | ✅ | ✅ | ✅ | ✅ |
| OSINTLeak | ✅ | ✅ | ✅ | ✅ | ✅ |
| ProxyNova | ✅ | ✅ | ✅ | ✅ | ✅ |
| Snusbase | ✅ | ✅ | ✅ | ✅ | ✅ |
| WeLeakInfo | ✅ | ✅ | ✅ | ✅ | ✅ |
| WhiteIntel | ✅ | ✅ | ✅ | - | - |
Sources that don't support a given search type will fall back to the closest available type (usually username) to maximize coverage.
| Variable | Description |
|---|---|
LEAKER_PROVIDER_CONFIG |
Override the default provider config file path |
After adding your keys, verify which sources are active:
leaker -LSources with configured keys will appear without the * marker. You can also run a test search to confirm everything works:
leaker email test@example.com -vThe -v flag shows which source each result came from, confirming active sources.
Leaker has a modular source architecture. Each source implements the Source interface:
type Source interface {
Run(context.Context, string, ScanType, *Session) <-chan Result
Name() string
UsesKey() bool
NeedsKey() bool
AddApiKeys([]string)
RateLimit() int
}To add a new source, create a new file in runner/sources/ implementing this interface and register it in the AllSources slice in runner/sources.go.
Contributions are welcome - open a PR on GitHub.