Documentation Index Fetch the complete documentation index at: https://docs.oathnet.org/llms.txt
Use this file to discover all available pages before exploring further.
Installation npm (Global)
npx (No Install)
Go
Authentication Set your API key using environment variable (recommended):
export OATHNET_API_KEY = "your-api-key"
Or pass it with each command:
oathnet -k "your-api-key" search breach -q "user@example.com"
Global Options Option Description -k, --api-key <key>OathNet API key -f, --format <format>Output format: table (default) or json -h, --helpDisplay help -V, --versionDisplay version
Commands Overview Command Description searchSearch breach and stealer databases stealerV2 Stealer search commands victimsV2 Victims commands file-searchV2 File search commands exportV2 Export commands osintOSINT lookups utilUtility commands
Search Commands Breach Search oathnet search breach -q "user@example.com" # With database filter oathnet search breach -q "user@example.com" --dbnames "linkedin_2012" # Save to file oathnet search breach -q "user@example.com" -o results.json # JSON output oathnet search breach -q "user@example.com" -f json
Stealer Search (Legacy) oathnet search stealer -q "user@example.com"
Initialize Session oathnet search init -q "user@example.com"
V2 Stealer Commands Search # Basic search oathnet stealer search -q "user@example.com" # With domain filter oathnet stealer search -q "user@example.com" --domain "google.com" # Only results with log IDs oathnet stealer search -q "user@example.com" --has-log-id # Wildcard search oathnet stealer search -q "user@example.com" --wildcard # Custom page size oathnet stealer search -q "user@example.com" --page-size 50 # Auto file-search on results oathnet stealer search -q "user@example.com" --file-search "password" --file-search-mode literal
Subdomain Extraction oathnet stealer subdomain -d "example.com"
V2 Victims Commands Search Victims # Basic search oathnet victims search -q "user@example.com" # With email filter oathnet victims search --email "user@example.com" # With IP filter oathnet victims search --ip "192.168.1.1" # With Discord ID oathnet victims search --discord-id "123456789012345678" # Wildcard mode oathnet victims search -q "user@example" --wildcard # Auto file-search on results oathnet victims search -q "user@example.com" --file-search "password"
Get Manifest oathnet victims manifest < log_i d >
Download Archive oathnet victims archive < log_i d > -o ./victim_archive.zip
V2 File Search Commands Create Job # Literal search oathnet file-search create -e "password" # Regex search oathnet file-search create -e "pass.*word" --mode regex # Wildcard search oathnet file-search create -e "pass*" --mode wildcard
Check Status oathnet file-search status < job_i d >
Search and Wait # Create job and wait for results oathnet file-search search -e "password" --mode literal # With timeout oathnet file-search search -e "password" --timeout 300000
V2 Export Commands Create Export # Export stealer data oathnet export create --type stealer --format jsonl --limit 1000 # Export victims data oathnet export create --type victims --format csv # With search query oathnet export create --type stealer -q "example.com"
Check Status oathnet export status < job_i d >
Download Export oathnet export download < job_i d > -o ./export.jsonl
Create, Wait, and Download oathnet export run --type stealer -o ./export.jsonl --limit 1000
OSINT Commands IP Info Steam Profile oathnet osint steam 76561198012345678
Xbox Profile oathnet osint xbox "GamerTag123"
Discord Lookups # User info oathnet osint discord user 123456789012345678 # Username history oathnet osint discord history 123456789012345678 # Discord to Roblox link oathnet osint discord roblox 123456789012345678
Roblox User Info # By user ID oathnet osint roblox --user-id 123456789 # By username oathnet osint roblox --username "PlayerName"
Holehe (Email Account Detection) oathnet osint holehe user@example.com
GHunt (Google Account) oathnet osint ghunt user@gmail.com
Subdomain Extraction # All subdomains oathnet osint subdomain example.com # Only alive subdomains oathnet osint subdomain example.com --alive
Minecraft History oathnet osint minecraft PlayerName
Utility Commands Database Name Autocomplete oathnet util dbnames -q "link"
oathnet search breach -q "user@example.com"
Found 15 results (showing 15) ━━━ Result 1 ━━━ email: user@example.com password: mypassword123 dbname: linkedin_2012 ... ━━━ Result 2 ━━━ ...
oathnet search breach -q "user@example.com" -f json
This is CLI output shape, not the raw HTTP response body.
{ "success" : true , "data" : { "results_found" : 15 , "results_shown" : 15 , "results" : [ ... ] } }
Examples Complete Workflow: Find Credentials and Search Files # 1. Search for stealer data with log IDs oathnet stealer search -q "user@example.com" --has-log-id # Output shows: # ═══ LOG IDs (use with file-search/victims) ═══ # abc123def456 # xyz789ghi012 # 2. Search within those logs for passwords oathnet file-search search -e "password" --mode literal # 3. Get the victim manifest oathnet victims manifest abc123def456 # 4. Download the full archive oathnet victims archive abc123def456 -o ./victim.zip
Export Large Dataset # Create and download export in one command oathnet export run --type stealer -q "@company.com" --limit 10000 -o ./company_export.jsonl
OSINT Investigation # Check IP reputation oathnet osint ip 185.220.101.1 # Look up Discord user oathnet osint discord user 123456789012345678 # Check if Discord links to Roblox oathnet osint discord roblox 123456789012345678 # Check email on various services oathnet osint holehe target@email.com
Bulk Processing # Create a file with emails (one per line) cat > emails.txt << EOF user1@example.com user2@example.com user3@example.com EOF # Process with xargs cat emails.txt | xargs -I {} oathnet search breach -q "{}" -f json >> all_results.json
Tips Pretty Print JSON oathnet search breach -q "user@example.com" -f json | jq .
Save Results with Timestamp oathnet stealer search -q "user@example.com" -o "results_$( date +%Y%m%d_%H%M%S).json"
Use in Scripts #!/bin/bash export OATHNET_API_KEY = "your-api-key" result = $( oathnet search breach -q " $1 " -f json ) count = $( echo " $result " | jq '.data.results_found' ) echo "Found $count results for $1 "
Environment Variables # Set API key export OATHNET_API_KEY = "your-api-key"
cURL Examples Next: cURL examples
