haveibeenpwned-downloader is a dotnet tool to download all Pwned Passwords hash ranges and save them offline so they can be used without a dependency on the k-anonymity API.
An alternative to running this tool is to use Zsolt Müller's cURL approach in #79 that makes use of a glob pattern and parallelism.
You'll need to install the latest LTS (Long Term Support) or STS (Short Term Support) version of the .NET SDK to be able to install and run the tool.
- Open a command line window
- Run
dotnet tool install --global haveibeenpwned-downloader
- Open a command line window
- Run
dotnet tool update --global haveibeenpwned-downloader
If the installer is unable to resolve the package, then you can run the following and then try again.
dotnet nuget add source https://api.nuget.org/v3/index.json -n nuget.org
haveibeenpwned-downloader.exe pwnedpasswords
haveibeenpwned-downloader.exe pwnedpasswords -s false
haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm
haveibeenpwned-downloader pwnedpasswords
haveibeenpwned-downloader pwnedpasswords -s false
haveibeenpwned-downloader -n pwnedpasswords_ntlm
| Parameter | Default value | Description |
|---|---|---|
| -s/--single | true | Determines whether to download hashes to a single file or as individual .txt files into another directory |
| -p/--parallelism | Same as Environment.ProcessorCount |
Determines how many hashes to download at a time |
| -o/--overwrite | false | Determines if output files should be overwritten or not |
| -n | (none) | When set, the downloader fetches NTLM hashes instead of SHA1 |
Download all hashes to individual txt files into a custom directory called hashes using 64 threads to download the hashes
haveibeenpwned-downloader.exe hashes -s false -p 64
Download all hashes to a single txt file called pwnedpasswords.txt using 64 threads, overwriting the file if it already exists
haveibeenpwned-downloader.exe pwnedpasswords -o -p 64