Skip to main content

What is OathNet?

OathNet is an enterprise-grade data intelligence platform that provides programmatic access to one of the world’s largest collections of breach data, stealer logs, and OSINT information. Our API enables security researchers, threat intelligence teams, and enterprises to:
  • Detect compromised credentials before they’re exploited
  • Investigate security incidents with comprehensive data
  • Monitor brand exposure across breach databases
  • Build custom security tools with reliable data feeds

Platform Capabilities

Breach Database

50+ billion records from thousands of breach sources, searchable by email, username, password, IP, or domain. Updated daily with new data.

Stealer Logs (V2)

Access raw stealer log data with victim profiles, file trees, and credential extraction. Search by domain, email, Discord ID, or hardware ID.

OSINT Lookups

Instant lookups for 10+ platforms: Discord, Steam, Xbox, Roblox, Google, and more. Get usernames, avatars, account history, and linked accounts.

API Architecture

OathNet’s API follows REST conventions with predictable resource-oriented URLs: 
https://oathnet.org/api/service/{service-name}

Base URL

All API requests are made to: 
https://oathnet.org/api

Authentication

Every request requires an API key passed in the x-api-key header: 
curl -H "x-api-key: YOUR_API_KEY" https://oathnet.org/api/service/search-breach?q=test

Response Format

All responses follow a consistent envelope: 
{
  "success": true,
  "message": "Human-readable status",
  "data": { ... },
  "lookups_left": 999,
  "search_session": {
    "id": "sess_abc123"
  }
}

Service Categories

CategoryEndpointsDescription
Search Session1Initialize quota-tracked search sessions
Breach Search1Search leaked credentials and data
Stealer (V2)3Enhanced stealer log search with filtering
Victims (V2)4Victim profiles, file trees, and downloads
File Search (V2)2Regex/wildcard search within victim files
Export (V2)3Async export to JSONL or CSV
OSINT12Platform-specific lookups (Discord, Steam, Xbox, Roblox, Minecraft, etc.)
Utility3Database autocomplete, health check, analytics

Interactive Playground

Every endpoint page includes an interactive playground where you can test API requests directly in your browser. Simply enter your API key and parameters, then click Send to see live responses.

Explore API Endpoints

Try the interactive playground on any endpoint

Use Cases

Monitor your organization’s domains for leaked credentials. Get alerts when employee emails appear in new breaches.
# Check if any company emails are in breaches
response = requests.get(
    "https://oathnet.org/api/service/search-breach",
    params={"q": "@company.com"},
    headers={"x-api-key": API_KEY}
)
Investigate compromised accounts by tracing credentials across breaches and stealer logs.
# Get full victim profile and files
response = requests.get(
    f"https://oathnet.org/api/service/v2/victims/{log_id}",
    headers={"x-api-key": API_KEY}
)
Build comprehensive profiles by linking Discord, Steam, Roblox, and other platform accounts.
# Get Discord user info and linked Roblox
discord = requests.get(
    "https://oathnet.org/api/service/discord-userinfo",
    params={"discord_id": "123456789"},
    headers={"x-api-key": API_KEY}
)
Extract IOCs from stealer logs including passwords, cookies, and configuration files.
# Search within victim files
response = requests.post(
    "https://oathnet.org/api/service/v2/file-search",
    json={
        "expression": "api[_-]?key",
        "search_mode": "regex"
    },
    headers={"x-api-key": API_KEY}
)

Next Steps

Get Your API Key

Sign up and generate your API key from the dashboard

Quickstart Guide

Make your first API call in under 5 minutes