-
-
Notifications
You must be signed in to change notification settings - Fork 37
Usage
Maksim Radaev edited this page Mar 8, 2026
·
1 revision
Learn leaker usage including commands, flags, and options
leaker -hLeaker uses subcommands to specify the search type:
| Command | Description | Example |
|---|---|---|
email |
Search by email address | leaker email user@example.com |
username |
Search by username | leaker username johndoe |
domain |
Search by domain name | leaker domain example.com |
keyword |
Search by keyword | leaker keyword "company name" |
phone |
Search by phone number | leaker phone 1234567890 |
Each command accepts the target as a positional argument or via STDIN.
Usage: leaker <command> [flags]
leaker is a leak discovery tool that returns valid credential leaks
for emails, using passive online sources.
Flags:
-h, --help Show context-sensitive help.
-s, --sources=all,... Specific sources to use for enumeration (default all).
Use --list-sources to display all available sources.
--timeout=30s Seconds to wait before timing out (default 30s)
-N, --no-rate-limit Disable rate limiting (DANGER)
-j, --json Output results as JSONL (one JSON object per line)
--no-deduplication Disable deduplication of results across sources
--no-filter Disable results filtering, include every result
-o, --output=STRING File to write output to
--overwrite Force overwrite of existing output file
-V, --verify Verify credentials using HIBP password check
and hash identification
-p, --provider-config="provider-config.yml" Provider config file
--proxy=STRING HTTP proxy to use with leaker
-A, --user-agent=STRING Custom user agent
--insecure Disable TLS certificate verification
--version Print version of leaker
-q, --quiet Suppress output, print results only
-v, --verbose Show sources in results output
-D, --debug Enable debug mode
-L, --list-sources List all available sources
Commands:
domain Search by domain name.
email Search by email address.
keyword Search by keyword.
phone Search by phone number.
username Search by username.
Run "leaker <command> --help" for more information on a command.
| Flag | Description |
|---|---|
<command> <target> |
Specify the search type and target as positional arguments |
| STDIN | Pipe a target via STDIN (e.g., echo "user@example.com" | leaker email) |
| Flag | Short | Description |
|---|---|---|
--sources |
-s |
Comma-separated list of sources to use (default: all) |
--list-sources |
-L |
Display all available sources with key requirements |
| Flag | Short | Description |
|---|---|---|
--output |
-o |
Write results to a file |
--overwrite |
Force overwrite if output file exists | |
--json |
-j |
Output in JSONL format (one JSON object per line) |
--verbose |
-v |
Include source name in each result line |
--quiet |
-q |
Suppress banner and info messages, print results only |
| Flag | Description |
|---|---|
--no-filter |
Disable result filtering (include results that don't contain the target) |
--no-deduplication |
Disable cross-source deduplication |
| Flag | Short | Description |
|---|---|---|
--verify |
-V |
Enable HIBP password breach check and hash type identification |
When enabled, plaintext passwords are checked against the HIBP Pwned Passwords API using k-anonymity (only the first 5 characters of the SHA-1 hash are sent). Hash fields are identified by format (md5, sha1, sha256, sha512, bcrypt, argon2, etc.).
| Flag | Description |
|---|---|
--proxy |
HTTP proxy URL (e.g., http://127.0.0.1:8080) |
--user-agent |
Custom User-Agent header for all requests |
--insecure |
Skip TLS certificate verification |
--timeout |
Per-source timeout (default: 30s) |
--no-rate-limit |
Disable built-in rate limiting (use with caution) |
| Flag | Short | Description |
|---|---|---|
--provider-config |
-p |
Path to provider config file |
| Flag | Short | Description |
|---|---|---|
--debug |
-D |
Enable debug-level logging |
--version |
Print version and exit |