Coming Soon POST /v1/breach 20 credits per scan

Know When Your Data
Leaks. Before Anyone Else Does.

CrawlHQ monitors paste sites, dark web forums, and data dumps for your domain, employee emails, and API keys. Structured alerts. Source-attributed. Audit-ready.

terminal 
curl -X POST https://api.crawlhq.dev/v1/breach \
  -H "X-API-Key: $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "domain": "yourcompany.com",
    "watch": true,
    "webhook": "https://yourapp.com/alerts"
  }'
response 
{
  "findings": [{
    "type": "credential_leak",
    "source": "pastebin",
    "severity": "high",
    "detected_at": "2026-03-28T..."
  }]
}
200 OK 20 credits per scan

What makes it production-grade

Every module is built for pipelines that run without you watching.

🔍

Paste Site Monitoring

Continuous monitoring of Pastebin, Ghostbin, and 50+ paste sites for your domain, email patterns, and API key prefixes.

📊

Structured Findings

Every finding includes type, source, severity, sample data (redacted), and detection timestamp. Not just an email — a structured alert.

🔔

Real-Time Webhooks

Findings fire to your webhook immediately on detection. Integrate with PagerDuty, Slack, or any incident management system.

🛡️

Severity Classification

Findings are classified as critical, high, medium, or low. Focus your response on what matters — leaked production credentials vs. old test emails.

📝

Audit-Ready Reports

Generate compliance reports showing breach detection history, response times, and remediation actions. Ready for SOC 2 and ISO 27001 audits.

🔑

API Key Monitoring

Monitor for leaked API keys, access tokens, and connection strings. Detect key exposure before they're used maliciously.

Use Cases

What teams build with breach

Security Operations Centre

Add breach monitoring as a continuous signal to your SOC. Detect leaked credentials before they're weaponised.

Employee Credential Monitoring

Monitor employee email patterns. Alert the security team when corporate emails appear in new data dumps.

Customer PII Alerting

Monitor for customer email domains in breach data. Alert affected customers proactively — before they find out themselves.

Compliance Evidence

Demonstrate to auditors that you have continuous breach monitoring in place. Export structured finding reports for SOC 2, ISO 27001, and DPDPA.

Third-Party Risk

Monitor domains of key vendors and partners. Know if a supplier's credentials leaked and assess your exposure before they do.

Red Team Intelligence

Security teams can use breach data to understand what credentials, source code, and internal data is already public before an engagement.

Frequently asked questions

When is breach launching?
Targeting Q3 2026 alongside darkweb. Join the waitlist for early access and free credits.
How is this different from HaveIBeenPwned?
HIBP covers historical, already-catalogued breaches. CrawlHQ breach monitors live sources in near-real-time — paste sites as new content is posted, not after it's been indexed. You also get structured, API-accessible findings rather than a web lookup.
Will you show me the actual leaked data?
Findings include enough context to verify and respond (source, sample pattern, severity) but we redact full credential strings. This prevents the intelligence tool from becoming a credential aggregator.
Does it monitor the dark web too?
Dark web monitoring is a separate module (/v1/darkweb). Breach focuses on the clearnet paste sites and public hacker forums. Together they give you full coverage.

Be first when breach ships

Join the waitlist. We'll give you early access and free credits when it launches.

Join Waitlist →