Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.oathnet.org/llms.txt

Use this file to discover all available pages before exploring further.

What is OathNet?

OathNet is a data intelligence platform that provides programmatic access to breach data, stealer logs, victim files, and OSINT enrichment. Teams use the API to:
  • detect compromised credentials before they are abused
  • investigate incidents with breach and stealer context
  • monitor new exposure with automated scanners
  • build custom security workflows on top of a single API surface

Platform Capabilities

Breach Database

Search large breach datasets by email, domain, username, password, phone, DB name, and more.

Stealer Logs

Search credential records, pivot into victim manifests, inspect files, and download archives.

Scanners

Monitor newly indexed stealer or breach data and deliver alerts to email, Discord, or custom webhooks.

OSINT Lookups

Run point lookups for Discord, Steam, Xbox, Roblox, Google, Minecraft, email presence, and IP intelligence.

API Architecture

OathNet exposes three customer-facing API families: 
https://oathnet.org/api/service/*
https://oathnet.org/api/service/v2/*
https://oathnet.org/api/scanners/*

Base URL

All API requests are made to: 
https://oathnet.org/api

Authentication

Every request requires an API key passed in the x-api-key header: 
curl -H "x-api-key: YOUR_API_KEY" https://oathnet.org/api/service/v2/breach/search?q=test@example.com

Response Patterns

Successful responses are not all shaped the same way anymore:
  • many search and legacy lookup endpoints return success, message, and data
  • many v2 utility and job endpoints return raw JSON payloads
  • download endpoints return raw text or binary streams
Errors are generally normalized into a standard error envelope.

Service Categories

CategorySurfaceDescription
Legacy Search & OSINT/service/*Search sessions, legacy breach and stealer search, and point lookups
Current Search & Jobs/service/v2/*Breach, stealer, victims, autocomplete, AI filter, file search, exports, bulk search, analytics, and health
Scanners/scanners/*Automated monitoring, delivery tests, webhook security, and run history

Interactive Playground

Every endpoint page includes an interactive playground where you can test requests directly in your browser.

Explore API Endpoints

Browse the API reference and use the playground

Use Cases

Search current breach or stealer data for domains, emails, usernames, or passwords, then move to scanners when you need recurring monitoring.
Pivot from a stealer credential hit into the victim manifest, inspect captured files, and download the archive when deeper review is needed.
Enrich identities and accounts with Discord, Roblox, Steam, Xbox, Google, email, and IP lookups.
Use exports, bulk search, file search, and scanner webhooks to automate enrichment and alerting pipelines.

Next Steps

Get Your API Key

Generate an API key from the dashboard

Quickstart Guide

Make your first API call in under 5 minutes