Toolsmith Release Advisory: Steph Locke’s HIBPwned R package

I’m a bit slow on this one but better late than never. Steph dropped her HIBPwned R package on CRAN at the beginning of June, and it’s well worth your attention. HIBPwned is an R package that wraps Troy Hunt’s HaveIBeenPwned.com API, useful to check if you have an account that has been compromised in a data breach. As one who has been “pwned” no less than three times via three different accounts thanks to LinkedIn, Patreon, and Adobe, I love Troy’s site and have visited it many times.

When I spotted Steph’s wrapper on R-Bloggers, I was quite happy as a result.
Steph built HIBPwned to allow users to:

  • Set up your own notification system for account breaches of myriad email addresses & user names that you have
  • Check for compromised company email accounts from within your company Active Directory
  • Analyse past data breaches and produce reports and visualizations

I installed it from Visual Studio with R Tools via install.packages(“HIBPwned”, repos=”http://cran.rstudio.com/”, dependencies=TRUE).
You can also use devtools to install directly from the Censornet Github
if(!require(“devtools”)) install.packages(“devtools”)
# Get or upgrade from github
devtools::install_github(“censornet/HIBPwned”)
Source is available on the Censornet Github, as is recommended usage guidance.
As you run any of the HIBPwned functions, be sure to have called the library first: library(“HIBPwned”).

As mentioned, I’ve seen my share of pwnage, luckily to no real impact, but annoying nonetheless, and well worth constant monitoring.
I first combined my accounts into a vector and confirmed what I’ve already mentioned, popped thrice:
account_breaches(c(“rmcree@yahoo.com”,”holisticinfosec@gmail.com”,”russ@holisticinfosec.org”), truncate = TRUE)
$`rmcree@yahoo.com`
   Name
1 Adobe

$`holisticinfosec@gmail.com`
      Name
1 LinkedIn

$`russ@holisticinfosec.org`
     Name
1 Patreon

You may want to call specific details about each breach to learn more, easily done continuing with my scenario using breached_site() for the company name or breached_sites() for its domain.

Breached

You may also be interested to see if any of your PII has landed on a paste site (Pastebin, etc.). The pastes() function is the most recent Steph added to HIBPwned.

Pasted

Uh oh, on the list here too, not quite sure how I ended up on this dump of “Egypt gov stuff”. According to PK1K3, who “got pissed of at the Egypt gov”, his is a “list of account the egypt govs is spying on if you find your email/number here u are rahter with them or slaves to them.” Neither are true, but fascinating regardless.

Need some simple markdown to run every so often and keep an eye on your accounts? Try HIBPwned.Rmd. Download the file, open it R Studio, swap out my email addresses for yours, then select Knit HTML. You can also produce Word or PDF output if you’d prefer.

Report

Great stuff from Steph, and of course Troy. Use this wrapper to your advantage, and keep an eye out for other related work on itsalocke.com.

*** This is a Security Bloggers Network syndicated blog from HolisticInfoSec™ authored by Russ McRee. Read the original post at: http://holisticinfosec.blogspot.com/2016/07/toolsmith-release-advisory-steph-lockes.html