README
¶
Enzoic Go Client Library
TOC
This README covers the following topics:
- Installation
- Create Enzoic Client
- Passwords API Examples
- Credentials API Examples
- Exposures API Examples
- Breach Monitoring by User API Examples
- Breach Monitoring by Domain API Examples
Installation
$ go get github.com/enzoic/enzoic-go-client
Create Enzoic Client
The first step to use the API is to instantiate the Enzoic Client with your API key and secret.
enzoicClient, err := enzoic.NewClient("API_KEY", "API_SECRET")
if err != nil {panic(err)}
Passwords API Examples
See https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/passwords-api
// Check whether a password has been compromised
passwordCompromised, err := enzoicClient.CheckPassword("password-to-test")
if err != nil {panic(err)}
if passwordCompromised {
fmt.Println("Password is compromised")
} else {
fmt.Println("Password is not compromised")
}
Credentials API Examples
See https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/credentials-api
// Check whether a specific set of credentials are compromised
credsCompromised, err := enzoicClient.CheckCredentials("test@enzoic.com", "password-to-test")
if err != nil {panic(err)}
if credsCompromised {
fmt.Println("Credentials are compromised")
} else {
fmt.Println("Credentials are not compromised")
}
// Enhanced version of checkCredentials offering more control over performance.
// The call introduces 3 additional parameters:
//
// lastCheckDate:
// The timestamp for the last check you performed for this user.
// If the date/time you provide for the last check is greater than the timestamp Enzoic has for the last
// breach affecting this user, the check will not be performed. This can be used to substantially increase performance.
//
// excludeHashAlgorithms:
// An array of PasswordTypes to ignore when calculating hashes for the credentials check.
// By excluding computationally expensive PasswordTypes, such as BCrypt, it is possible to balance the performance of this
// call against security.
//
// useRawCredentials:
// For accounts that have been approved for raw credentials access, this changes the way Enzoic identifies compromised
// credentials. Rather than passing partial hashes of the calculated credentials up to the Enzoic API, it will instead
// pull all credentials that Enzoic has for that user and compares them locally. This can be important for customers
// who have some sensitivity or compliance issues with passing even partial credential hashes to a third party.
//
// this would be a stored value for last time we checked these credentials
lastCheckDate := time.Date(2018, 3, 1, 0, 0, 0, 0, time.UTC)
credsCompromised, err = enzoicClient.CheckCredentialsEx("test@enzoic.com", "password-to-test", &lastCheckDate,
[]enzoic.PasswordType {BCrypt, SCrypt}, false)
if err != nil {panic(err)}
if credsCompromised {
fmt.Println("Credentials are compromised")
} else {
fmt.Println("Credentials are not compromised")
}
// get all passwords Enzoic has for the specified user. Your account must have approval to call this API.
// returns results per
//https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/credentials-api/cleartext-credentials-api
userPasswords, err := enzoicClient.GetUserPasswordsWithExposureDetails("eicar_0@enzoic.com")
if err != nil {panic(err)}
// print user passwords
for i := 0; i < len(userPasswords.Passwords); i+= 1 {
fmt.Println("Password: " + userPasswords.Passwords[i].Password)
}
Exposures API Examples
See https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api
// get all exposures for the given user
exposuresForUser, err := enzoicClient.GetExposuresForUser("test@enzoic.com")
if err != nil {panic(err)}
fmt.Println(exposuresForUser.Count, "exposures found for test@enzoic.com")
// now get the full details for the first exposure returned in the list
exposureDetails, err := enzoicClient.GetExposureDetails(exposuresForUser.Exposures[0])
if err != nil {panic(err)}
fmt.Println("First exposure for test@enzoic.com was", exposureDetails.Title)
// get all exposures for a given domain
// returns paged results per
//https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api/get-exposures-for-a-domain
exposuresForDomain, err := enzoicClient.GetExposuresForDomainIncludeDetails("enzoic.com", 20, "")
if err != nil {panic(err)}
// print first page of results
for i := 0; i < len(exposuresForDomain.Exposures); i+= 1 {
fmt.Println("Domain Exposure: " + exposuresForDomain.Exposures[i].Title)
}
// get second page of results
if (exposuresForDomain.PagingToken != "") {
exposuresForDomain, err = enzoicClient.GetExposuresForDomainIncludeDetails("enzoic.com", 20, exposuresForDomain.PagingToken)
if err != nil {panic(err)}
// process second page of results, etc.
}
// get all users exposed for a given domain
// returns paged results per
//https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api/get-exposures-for-all-email-addresses-in-a-domain
exposedUsersForDomain, err := enzoicClient.GetExposedUsersForDomain("enzoic.com", 20, "")
if err != nil {panic(err)}
// print first page of results
for i := 0; i < len(exposedUsersForDomain.Users); i+= 1 {
fmt.Println("Exposed User: " + exposedUsersForDomain.Users[i].Username)
}
// if pagingToken present, get next page of results
if (exposedUsersForDomain.PagingToken != "") {
exposedUsersForDomain, err = enzoicClient.GetExposedUsersForDomain("enzoic.com", 20, exposedUsersForDomain.PagingToken)
if err != nil {panic(err)}
// process second page of results, etc.
}
Breach Monitoring by User API Examples
// couple of email addresses you wish to monitor
usernames := []string{"eicar_0@enzoic.com", "eicar_1@enzoic.com"}
// subscribe for alerts for these users
addResponse, err := enzoicClient.AddUserAlertSubscriptions(usernames, "exampleCustomData")
if err != nil {panic(err)}
fmt.Println("New subscriptions added: " + strconv.Itoa(addResponse.Added))
fmt.Println("Subscriptions already existing: " + strconv.Itoa(addResponse.AlreadyExisted))
// delete subscriptions for these users
deleteResponse, err := enzoicClient.DeleteUserAlertSubscriptions(usernames)
if err != nil {panic(err)}
fmt.Println("Subscriptions deleted: " + strconv.Itoa(deleteResponse.Deleted))
fmt.Println("Subscriptions not found: " + strconv.Itoa(deleteResponse.NotFound))
// check whether a user is already subscribed
subscribed, err := enzoicClient.IsUserSubscribedForAlerts(usernames[0])
if err != nil {panic(err)}
if (subscribed) {
fmt.Println("User already subscribed")
} else {
fmt.Println("User not already subscribed")
}
// get all users subscribed for alerts on this account
// returns paged results per https://www.enzoic.com/docs-exposure-alerts-service-api/#get-exposure-subscriptions
subscriptionsResponse, err := enzoicClient.GetUserAlertSubscriptions(4 /* page size */, "" /* paging token - empty on first call */)
if err != nil {panic(err)}
// print first page of results
for i := 0; i < len(subscriptionsResponse.UsernameHashes); i += 1 {
fmt.Println("Username Hash: " + subscriptionsResponse.UsernameHashes[i])
}
// if PagingToken present, get next page of results
if subscriptionsResponse.PagingToken != "" {
subscriptionsResponse, err = enzoicClient.GetUserAlertSubscriptions(4, subscriptionsResponse.PagingToken)
// process second page of results, etc.
}
Breach Monitoring by Domain API Examples
// test domains for alert subscriptions
domains := []string{"testdomain1.com", "testdomain2.com"}
// subscribe for alerts for these domains
addResponse, err = enzoicClient.AddDomainAlertSubscriptions(domains)
if err != nil {panic(err)}
fmt.Println("New subscriptions added: " + strconv.Itoa(addResponse.Added))
fmt.Println("Subscriptions already existing: " + strconv.Itoa(addResponse.AlreadyExisted))
// delete subscriptions for these domains
deleteResponse, err = enzoicClient.DeleteDomainAlertSubscriptions(domains)
if err != nil {panic(err)}
fmt.Println("Subscriptions deleted: " + strconv.Itoa(deleteResponse.Deleted))
fmt.Println("Subscriptions not found: " + strconv.Itoa(deleteResponse.NotFound))
// check whether a domain is already subscribed
subscribed, err = enzoicClient.IsDomainSubscribedForAlerts(domains[0])
if err != nil {panic(err)}
if subscribed {
fmt.Println("Domain already subscribed")
} else {
fmt.Println("Domain not already subscribed")
}
// get all domains subscribed for alerts on this account
// returns pages results per https://www.enzoic.com/docs-exposure-alerts-service-api/#get-exposure-subscriptions-domains
domainSubsResponse, err = enzoicClient.GetDomainAlertSubscriptions(4 /* page size */, "" /* paging token - empty on first call */)
if err != nil {panic(err)}
// print first page of results
for i := 0; i < len(domainSubsResponse.Domains); i += 1 {
fmt.Println("Domain: " + domainSubsResponse.Domains[i])
}
// if pagingToken present, get next page of results
if domainSubsResponse.PagingToken != "" {
domainSubsResponse, err = enzoicClient.GetDomainAlertSubscriptions(4, domainSubsResponse.PagingToken)
// process second page of results, etc.
}
Documentation
¶
Overview ¶
Copyright 2017 The Go Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.
Adapted from Go bcrypt implementation - https://github.com/golang/crypto/blob/23b1b90df264a1df9c6403fa1ad13fda18fdb152/bcrypt/base64.go
Copyright 2017 The Go Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.
Index ¶
- Constants
- func CalcPasswordHash(passwordType PasswordType, password string, salt string) (string, error)
- type AccountsResponse
- type AddSubscriptionsResponse
- type Client
- func (e *Client) AddDomainAlertSubscriptions(domains []string) (*AddSubscriptionsResponse, error)
- func (e *Client) AddUserAlertSubscriptions(usernames []string, customData string) (*AddSubscriptionsResponse, error)
- func (e *Client) CheckCredentials(username, password string) (bool, error)
- func (e *Client) CheckCredentialsEx(username, password string, lastCheckDate *time.Time, ...) (bool, error)
- func (e *Client) CheckPassword(password string) (bool, error)
- func (e *Client) CheckPasswordHash(passwordHash string, hashType PasswordType) (bool, error)
- func (e *Client) CheckPasswordWithExposure(password string, revealedInExposure *bool, exposureCount *int) (bool, error)
- func (e *Client) DeleteDomainAlertSubscriptions(domains []string) (*DeleteSubscriptionsResponse, error)
- func (e *Client) DeleteUserAlertSubscriptions(usernames []string) (*DeleteSubscriptionsResponse, error)
- func (e *Client) DeleteUserAlertSubscriptionsByCustomData(customData string) (*DeleteSubscriptionsResponse, error)
- func (e *Client) GetDomainAlertSubscriptions(pageSize int, pagingToken string) (*GetDomainSubscriptionsResponse, error)
- func (e *Client) GetExposedUsersForDomain(domain string, pageSize int, pagingToken string) (*ExposedUsersForDomain, error)
- func (e *Client) GetExposureDetails(exposureID string) (*ExposureDetails, error)
- func (e *Client) GetExposuresForDomain(domain string, pageSize int, pagingToken string) (*ExposuresForDomain, error)
- func (e *Client) GetExposuresForDomainIncludeDetails(domain string, pageSize int, pagingToken string) (*ExposuresForDomainIncludeDetails, error)
- func (e *Client) GetExposuresForUser(username string) ([]string, error)
- func (e *Client) GetUserAlertSubscriptions(pageSize int, pagingToken string) (*GetSubscriptionsResponse, error)
- func (e *Client) GetUserAlertSubscriptionsByCustomData(customData string, pageSize int, pagingToken string) (*GetSubscriptionsResponse, error)
- func (e *Client) GetUserPasswords(username string) (*UserPasswords, error)
- func (e *Client) GetUserPasswordsByDomain(domain string, pageSize int, pagingToken string) (*UserPasswordsByDomainResponse, error)
- func (e *Client) GetUserPasswordsUsingPartialHash(username string) (*UserPasswords, error)
- func (e *Client) GetUserPasswordsWithExposureDetails(username string) (*UserPasswordsWithExposureDetails, error)deprecated
- func (e *Client) IsDomainSubscribedForAlerts(domain string) (bool, error)
- func (e *Client) IsUserSubscribedForAlerts(username string) (bool, error)
- func (e *Client) RetrieveCandidatesForPartialPasswordHash(partialPasswordHash string, hashType PasswordType) ([]string, error)
- type CredentialsHashSpecification
- type DeleteSubscriptionsResponse
- type ExposedUserForDomain
- type ExposedUsersForDomain
- type ExposureDetails
- type ExposuresForDomain
- type ExposuresForDomainIncludeDetails
- type ExposuresResponse
- type GetDomainSubscriptionsResponse
- type GetSubscriptionsResponse
- type HashType
- type PasswordDetails
- type PasswordDetailsWithExposureDetails
- type PasswordHashSpecification
- type PasswordType
- type UserPasswords
- type UserPasswordsByDomainResponse
- type UserPasswordsCandidateFromUsingPartialHash
- type UserPasswordsCandidatesFromUsingPartialHash
- type UserPasswordsWithExposureDetails
- type UsersWithPasswords
- type UsersWithPasswordsByDomain
Constants ¶
const ( Plaintext PasswordType = 0 MD5 = 1 SHA1 = 2 SHA256 = 3 TripleDES = 4 IPBoard_MyBB = 5 BCrypt = 8 CRC32 = 9 PHPBB3 = 10 CustomAlgorithm1 = 11 SCrypt = 12 CustomAlgorithm2 = 13 SHA512 = 14 CustomAlgorithm3 = 15 MD5Crypt = 16 CustomAlgorithm4 = 17 CustomAlgorithm5 = 18 DESCrypt = 20 MySQLPre4_1 = 21 MySQLPost4_1 = 22 PeopleSoft = 23 PunBB = 24 CustomAlgorithm6 = 25 PartialMD5_20 = 26 AVE_DataLife_Diferior = 27 DjangoMD5 = 28 DjangoSHA1 = 29 PartialMD5_29 = 30 PliggCMS = 31 RunCMS_SMF1_1 = 32 NTLM = 33 SHA1Dash = 34 SHA384 = 35 CustomAlgorithm7 = 36 CustomAlgorithm8 = 37 CustomAlgorithm9 = 38 SHA512Crypt = 39 CustomAlgorithm10 = 40 HMACSHA1_SaltAsKey = 41 AuthMeSHA256 = 42 SHA256Crypt = 43 Unknown = 97 UnusablePassword = 98 None = 99 )
Variables ¶
This section is empty.
Functions ¶
func CalcPasswordHash ¶
func CalcPasswordHash(passwordType PasswordType, password string, salt string) (string, error)
Types ¶
type AccountsResponse ¶
type AccountsResponse struct {
LastBreachDate time.Time
CredentialsHashes []CredentialsHashSpecification
PasswordHashesRequired []PasswordHashSpecification
Salt string
}
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
func NewClient ¶
NewClient creates a new instance of the Enzoic Client, taking your API key and secret as parameters.
func NewClientWithCustomBaseURL ¶
NewClientWithCustomBaseURL creates a new instance of the Enzoic Client, taking your API key and secret as parameters.
func (*Client) AddDomainAlertSubscriptions ¶
func (e *Client) AddDomainAlertSubscriptions(domains []string) (*AddSubscriptionsResponse, error)
AddDomainAlertSubscriptions takes an array of domains (e.g. enzoic.com) and adds them to the list of domains your account monitors for new credentials exposures. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-domain#add-breach-alert-subscriptions
func (*Client) AddUserAlertSubscriptions ¶
func (e *Client) AddUserAlertSubscriptions(usernames []string, customData string) (*AddSubscriptionsResponse, error)
AddUserAlertSubscriptions takes an array of email addresses and adds them to the list of users your account monitors for new credentials exposures. The customData parameter can optionally be used with any string value to tag the new subscription items with a custom value. This value will be sent to your webhook when a new alert is found for one of these users and can also be used to lookup or delete entries. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-user#add-breach-alert-subscriptions
func (*Client) CheckCredentials ¶
CheckCredentials checks whether the username/password provided in the parameters are in the Enzoic database of compromised user credentials. If so, it will return true.
func (*Client) CheckCredentialsEx ¶
func (e *Client) CheckCredentialsEx(username, password string, lastCheckDate *time.Time, excludeHashTypes []PasswordType, useRawCredentials bool) (bool, error)
CheckCredentialsEx checks whether the username/password provided in the parameters are in the Enzoic database of compromised user credentials. If so, it will return true. It also accepts the following parameters:
lastCheckDate - if provided, the timestamp for the last check you performed for this user. If the date/time you provide for the last check is greater than the timestamp Enzoic has for the last breach affecting this user, the check will not be performed. This can be used to substantially increase performance. Can be set to nil if no last check was performed or the credentials have changed since.
excludeHashTypes - if provided, only credentials which do not include any of the specified hash types will be checked. By excluding computationally expensive PasswordTypes, such as BCrypt, it is possible to balance the performance of this call against security. Can be set to empty array if you do not wish to exclude any hash types.
useRawCredentials - if true, the Raw Credentials variant of the Credentials API. The Raw Credentials version of the Credentials API allows you to check usernames and passwords for compromise without passing even a partial hash to Enzoic. This works by pulling down all of the Credentials Hashes Enzoic has for a given username and calculating/comparing locally. The only thing that gets passed to Enzoic in this case is a SHA-256 hash of the username. Raw Credentials requires a separate approval to unlock. If you're interested in getting approved, please contact us through our website.
func (*Client) CheckPassword ¶
CheckPassword checks whether the password provided in the password parameter is in the Enzoic database of known, compromised passwords. If so it will return true. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/passwords-api
func (*Client) CheckPasswordHash ¶ added in v1.3.0
func (e *Client) CheckPasswordHash(passwordHash string, hashType PasswordType) (bool, error)
CheckPasswordHash checks whether the password provided in the passwordHash parameter is in the Enzoic database of known, compromised passwords. If so it will return true. The passwordHash can be a hash in any of the formats supported by the Enzoic Passwords API (PasswordType.MD5, PasswordType.SHA1, PasswordType.SHA256 or PasswordType.NTLM). The passwordType parameter should be set to the type of hash being provided using the PasswordType enum. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/passwords-api
func (*Client) CheckPasswordWithExposure ¶
func (e *Client) CheckPasswordWithExposure(password string, revealedInExposure *bool, exposureCount *int) (bool, error)
CheckPasswordWithExposure checks whether the password provided in the password parameter is in the Enzoic database of known, compromised passwords. If so it will return true. Also updates the revealedInExposures and exposureCount parameters with the results of the check, indicating if this is a password which is just weak (revealedInExposure false) or was actually exposed in a breach. The exposureCount parameter will be set to the number of exposures it has been found in and can be used as a relative measure of the risk of the password. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/passwords-api
func (*Client) DeleteDomainAlertSubscriptions ¶
func (e *Client) DeleteDomainAlertSubscriptions(domains []string) (*DeleteSubscriptionsResponse, error)
DeleteDomainAlertSubscriptions takes an array of domains you wish to remove from monitoring for new credentials exposures. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-domain#remove-breach-alert-subscriptions
func (*Client) DeleteUserAlertSubscriptions ¶
func (e *Client) DeleteUserAlertSubscriptions(usernames []string) (*DeleteSubscriptionsResponse, error)
DeleteUserAlertSubscriptions takes an array of email addresses you wish to remove from monitoring for new credentials exposures. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-user#remove-breach-alert-subscriptions
func (*Client) DeleteUserAlertSubscriptionsByCustomData ¶
func (e *Client) DeleteUserAlertSubscriptionsByCustomData(customData string) (*DeleteSubscriptionsResponse, error)
DeleteUserAlertSubscriptions takes a customData value and deletes all alert subscriptions that have that value. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-user#remove-breach-alert-subscriptions
func (*Client) GetDomainAlertSubscriptions ¶
func (e *Client) GetDomainAlertSubscriptions(pageSize int, pagingToken string) (*GetDomainSubscriptionsResponse, error)
GetDomainAlertSubscriptions returns a list of all the domains your account is monitoring for new credentials exposures. The results of this call are paginated. pageSize can be any value from 1 to 1000. If pageSize is not specified, the default is 1000. pagingToken is a value returned with each page of results and should be passed into this call to retrieve the next page of results. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-domain#retrieve-current-breach-alert-subscriptions
func (*Client) GetExposedUsersForDomain ¶
func (e *Client) GetExposedUsersForDomain(domain string, pageSize int, pagingToken string) (*ExposedUsersForDomain, error)
GetExposedUsersForDomain returns a list of all users for a given email domain who have had credentials revealed in exposures. The results of this call are paginated. pageSize can be any value from 1 to 1000. If pageSize is not specified, the default is 1000. pagingToken is a value returned with each page of results and should be passed into this call to retrieve the next page of results. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api/get-exposures-for-all-email-addresses-in-a-domain
func (*Client) GetExposureDetails ¶
func (e *Client) GetExposureDetails(exposureID string) (*ExposureDetails, error)
GetExposureDetails returns the detailed information for a credentials Exposure. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api/retrieve-details-for-an-exposure
func (*Client) GetExposuresForDomain ¶
func (e *Client) GetExposuresForDomain(domain string, pageSize int, pagingToken string) (*ExposuresForDomain, error)
GetExposuresForDomain returns a list of all exposures found involving users with email addresses from a given domain. The result will be an array of exposure IDs which can be used with the GetExposureDetails call to retrieve details. The results of this call are paginated. pageSize can be any value from 1 to 500. If pageSize is not specified, the default is 100. pagingToken is a value returned with each page of results and should be passed into this call to retrieve the next page of results. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api/get-exposures-for-a-domain
func (*Client) GetExposuresForDomainIncludeDetails ¶
func (e *Client) GetExposuresForDomainIncludeDetails(domain string, pageSize int, pagingToken string) (*ExposuresForDomainIncludeDetails, error)
GetExposuresForDomainIncludeDetails returns a list of all exposures found involving users with email addresses from a given domain with the details for each exposure included inline in the response. The results of this call are paginated. pageSize can be any value from 1 to 500. If pageSize is not specified, the default is 100. pagingToken is a value returned with each page of results and should be passed into this call to retrieve the next page of results. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api/get-exposures-for-a-domain
func (*Client) GetExposuresForUser ¶
GetExposuresForUser returns all of the credentials Exposures that have been found for a given username. The username will be hashed using SHA-256 before being passed to the Enzoic API. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/exposures-api/get-exposures-for-an-email-address
func (*Client) GetUserAlertSubscriptions ¶
func (e *Client) GetUserAlertSubscriptions(pageSize int, pagingToken string) (*GetSubscriptionsResponse, error)
GetUserAlertSubscriptions returns a list of all the users your account is monitoring for new credentials exposures. The results of this call are paginated. pageSize can be any value from 1 to 1000. If pageSize is not specified, the default is 1000. pagingToken is a value returned with each page of results and should be passed into this call to retrieve the next page of results. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-user#retrieve-current-breach-alert-subscriptions
func (*Client) GetUserAlertSubscriptionsByCustomData ¶
func (e *Client) GetUserAlertSubscriptionsByCustomData(customData string, pageSize int, pagingToken string) (*GetSubscriptionsResponse, error)
GetUserAlertSubscriptionsByCustomData returns a list of all the users your account is monitoring for new credentials exposures with the provided customData value. The results of this call are paginated. pageSize can be any value from 1 to 1000. If pageSize is not specified, the default is 1000. pagingToken is a value returned with each page of results and should be passed into this call to retrieve the next page of results. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-user#retrieve-current-breach-alert-subscriptions
func (*Client) GetUserPasswords ¶
func (e *Client) GetUserPasswords(username string) (*UserPasswords, error)
GetUserPasswords returns a list of passwords that Enzoic has found for a specific user. This call must be enabled for your account or you will receive a 403 rejection when attempting to call it. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/credentials-api/cleartext-credentials-api
func (*Client) GetUserPasswordsByDomain ¶ added in v1.3.0
func (e *Client) GetUserPasswordsByDomain(domain string, pageSize int, pagingToken string) (*UserPasswordsByDomainResponse, error)
GetUserPasswordsByDomain returns a paginated list of credentials in the Enzoic database for all users under a given email domain. This variant of the call takes a domain (e.g. enzoic.com) and returns a list of emails and recovered passwords for any email address we've found credentials for in that domain. This call must be enabled for your account or you will receive a 403 rejection when attempting to call it. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/credentials-api/cleartext-credentials-api#cleartext-credentials-by-domain
func (*Client) GetUserPasswordsUsingPartialHash ¶ added in v1.2.0
func (e *Client) GetUserPasswordsUsingPartialHash(username string) (*UserPasswords, error)
GetUserPasswordsUsingPartialHash returns a list of passwords that Enzoic has found for a specific user. This call must be enabled for your account or you will receive a 403 rejection when attempting to call it. NOTE: THIS VARIANT OF THE CALL CAN BE USED TO PASS A PARTIAL SHA-256 HASH OF THE USERNAME RATHER THAN THE FULL HASH. We do not recommend using this variant unless you have compliance requirements that prevent you from passing even a hash of a user's email address to a 3rd party, as it will not perform as well as GetUserPasswords, which passes the exact hash. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/credentials-api/cleartext-credentials-api
func (*Client) GetUserPasswordsWithExposureDetails
deprecated
added in
v1.1.0
func (e *Client) GetUserPasswordsWithExposureDetails(username string) (*UserPasswordsWithExposureDetails, error)
Deprecated: GetUserPasswordsWithExposureDetails IS DEPRECATED DUE TO SEVERE PERFORMANCE ISSUES AND WILL BE REMOVED IN A FUTURE RELEASE. INSTEAD, USE GetUserPasswords AND LOOKUP EXPOSURE DETAILS AS NECESSARY USING GetExposureDetails. GetUserPasswordsWithExposureDetails returns a list of passwords that Enzoic has found for a specific user. This call must be enabled for your account or you will receive a 403 rejection when attempting to call it. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/credentials-api/cleartext-credentials-api
func (*Client) IsDomainSubscribedForAlerts ¶
IsDomainSubscribedForAlerts takes a domain and returns true if the domain is subscribed for alerts, false otherwise. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-domain#retrieve-current-breach-alert-subscriptions
func (*Client) IsUserSubscribedForAlerts ¶
IsUserSubscribedForAlerts takes a username and returns true if the user is subscribed for alerts, false otherwise. see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/breach-monitoring-api/breach-monitoring-by-user#retrieve-current-breach-alert-subscriptions
func (*Client) RetrieveCandidatesForPartialPasswordHash ¶ added in v1.3.0
func (e *Client) RetrieveCandidatesForPartialPasswordHash(partialPasswordHash string, hashType PasswordType) ([]string, error)
RetrieveCandidatesForPartialPasswordHash is a thin wrapper around the Passwords API call. This call is generally redundant with CheckPasswordHash in that it merely returns the hash candidates for the call rather than just checking for a match directly in the candidate list and returning a boolean. In general, there is no reason to use this call unless you have a very specialized use case, as CheckPasswordHash can be used instead to simply check whether a given password hash is compromised.
The partialPasswordHash parameter can be the first 7 characters of a hash in any of the formats supported by the Enzoic Passwords API (PasswordType.MD5, PasswordType.SHA1, PasswordType.SHA256 or PasswordType.NTLM). The passwordType parameter should be set to the type of partial hash being provided using the PasswordType enum.
The function will return a list of candidate hashes that match the partial hash provided.
see https://docs.enzoic.com/enzoic-api-developer-documentation/api-reference/passwords-api
type CredentialsHashSpecification ¶
type CredentialsHashSpecification struct {
Salt string
HashType PasswordType
CredentialsHash string
}
type ExposedUserForDomain ¶
type ExposedUsersForDomain ¶
type ExposedUsersForDomain struct {
Count int `json:"count"`
Users []ExposedUserForDomain `json:"users"`
PagingToken string `json:"pagingToken"`
}
type ExposureDetails ¶
type ExposureDetails struct {
ID string `json:"id"`
Title string `json:"title"`
Entries int64 `json:"entries"`
Date *time.Time `json:"date"`
Category string `json:"category"`
PasswordType string `json:"passwordType"`
ExposedData []string `json:"exposedData"`
DateAdded *time.Time `json:"dateAdded"`
SourceURLs []string `json:"sourceURLs"`
DomainsAffected int `json:"domainsAffected"`
}
type ExposuresForDomain ¶
type ExposuresForDomainIncludeDetails ¶
type ExposuresForDomainIncludeDetails struct {
Count int `json:"count"`
Exposures []ExposureDetails `json:"exposures"`
PagingToken string `json:"pagingToken"`
}
type ExposuresResponse ¶
type PasswordDetails ¶
type PasswordDetails struct {
HashType PasswordType `json:"hashType"`
Password string `json:"password"`
Salt string `json:"salt"`
Exposures []string `json:"exposures"`
}
type PasswordDetailsWithExposureDetails ¶ added in v1.1.0
type PasswordDetailsWithExposureDetails struct {
HashType PasswordType `json:"hashType"`
Password string `json:"password"`
Salt string `json:"salt"`
Exposures []ExposureDetails `json:"exposures"`
}
type PasswordHashSpecification ¶
type PasswordHashSpecification struct {
Salt string
HashType PasswordType
}
type PasswordType ¶
type PasswordType int32
PasswordType is an enum of the different password hashing algorithms that Enzoic has picked up breaches containing. It is used as an informational field in certain responses and can be used with the CheckCredentialsEx function to specify which algorithms should be excluded from its checks, to optimize performance.
type UserPasswords ¶
type UserPasswords struct {
LastBreachDate time.Time `json:"lastBreachDate"`
Passwords []PasswordDetails `json:"passwords"`
}
type UserPasswordsByDomainResponse ¶ added in v1.3.0
type UserPasswordsByDomainResponse struct {
Count int `json:"count"`
Users []UsersWithPasswordsByDomain `json:"users"`
PagingToken string `json:"pagingToken"`
}
type UserPasswordsCandidateFromUsingPartialHash ¶ added in v1.2.0
type UserPasswordsCandidateFromUsingPartialHash struct {
UsernameHash string `json:"usernameHash"`
UserPasswords
}
type UserPasswordsCandidatesFromUsingPartialHash ¶ added in v1.2.0
type UserPasswordsCandidatesFromUsingPartialHash struct {
Candidates []UserPasswordsCandidateFromUsingPartialHash `json:"candidates"`
}
type UserPasswordsWithExposureDetails ¶ added in v1.1.0
type UserPasswordsWithExposureDetails struct {
LastBreachDate time.Time `json:"lastBreachDate"`
Passwords []PasswordDetailsWithExposureDetails `json:"passwords"`
}
type UsersWithPasswords ¶ added in v1.3.0
type UsersWithPasswords struct {
Username string `json:"username"`
LastBreachDate time.Time `json:"lastBreachDate"`
Passwords []PasswordDetails `json:"passwords"`
}
type UsersWithPasswordsByDomain ¶ added in v1.3.0
type UsersWithPasswordsByDomain struct {
Username string `json:"username"`
Passwords []PasswordDetails `json:"passwords"`
}
Source Files
Directories