haveibeenpwned-downloader is a dotnet tool to download all Pwned Passwords hash ranges and save them offline so they can be used without a dependency on the k-anonymity API.
An alternative to running this tool is to use Zsolt Müller's cURL approach in #79 that makes use of a glob pattern and parallelism.
You'll need to install the latest LTS (Long Term Support) version of the .NET SDK to be able to install the tool.
- Open a command line window
- Run
dotnet tool install --global haveibeenpwned-downloader
If the installer is unable to resolve the package, then you can run the following and then try again.
dotnet nuget add source https://api.nuget.org/v3/index.json -n nuget.org
haveibeenpwned-downloader.exe pwnedpasswords
haveibeenpwned-downloader.exe pwnedpasswords -s false
haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm
haveibeenpwned-downloader pwnedpasswords
haveibeenpwned-downloader pwnedpasswords -s false
haveibeenpwned-downloader -n pwnedpasswords_ntlm
| Parameter | Default value | Description |
|---|---|---|
| -s/--single | true | Determines wether to download hashes to a single file or as individual .txt files into another directory |
| -p/--parallelism | Same as Environment.ProcessorCount |
Determines how many hashes to download at a time |
| -o/--overwrite | false | Determines if output files should be overwritten or not |
| -n | (none) | When set, the downloader fetches NTLM hashes instead of SHA1 |
Download all hashes to individual txt files into a custom directory called hashes using 64 threads to download the hashes
haveibeenpwned-downloader.exe hashes -s false -p 64
Download all hashes to a single txt file called pwnedpasswords.txt using 64 threads, overwriting the file if it already exists
haveibeenpwned-downloader.exe pwnedpasswords -o -p 64
