#Configurable options:#Make sure the path exists or you will spam your list

1. #Configurable options:
2.  
3. #Make sure the path exists or you will spam your list every time the script runs:
4. $path_to_notified_file = ".\db\pwnd_list.csv"
5.  
6. #users to check for breach
7. $user_list = ("[email protected]")
8.  
9. #SMTP settings:
10. $email_notify = $true
11. $from = "[email protected]"
12. $subject = "ATTN: Account was included in a data breach"
13. $body_html = "Hello,<br>It has been noticed by an automated system that your email address was included in the following data breaches:"
14. $body_signature = "<br>It is recomended you change your passwords on those systems<br><br>Thank you<br>I_script_stuff Notifier Bot<br>"
15.  
16. #email credentials enable tested on gmail. If you don't need credentials set $needs_email_creds to false.
17. $needs_email_creds = $false
18. #configure credential file for email password if needed:
19. $creds_path = ".\cred.txt"
20. #read-host -assecurestring | convertfrom-securestring | out-file $creds_path
21.  
22.  
23.  
24.  
25. #SMTP server to use
26. $smtp = "smtp.gmail.com"
27. $smtp_port = "587"
28.  
29. #process smtp credentials
30. $pass = get-content $creds_path | convertto-securestring
31. $credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist "$from", $pass
32.  
33. #
34. #Functions that power the script
35. #
36. function get-breachedstatus() {
37.     Param(
38.         [Parameter(Mandatory = $true)][string]$email,
39.         [AllowEmptyString()]$brief_report="$true"
40.     )
41.    
42.     try{
43.         if($brief_report) {
44.         $url = "https://haveibeenpwned.com/api/v2/breachedaccount/" + $email + "?truncateresponse=true"
45.         } else {
46.         $url = "https://haveibeenpwned.com/api/v2/breachedaccount/" + $email
47.         }
48.     $result = invoke-restmethod "$url" -UserAgent "I_script_stuff checker 0.01"
49.     return $result
50.     } catch {
51.     return $false
52.     }
53. }
54.  
55. #
56. # Search and notify
57. #
58. if(test-path $path_to_notified_file ) {
59. $already_found = get-content $path_to_notified_file
60. } else {
61. $already_found = ""
62. echo "Warning: No file loaded for $path_to_notified_file If this is the first time running the script a file will be created."
63. sleep 1
64. }
65.  
66. foreach($email in $user_list) {
67.     if($result = get-breachedstatus $email $false) {
68.         $working_email_body = $body_html
69.         $act_on_notify = $false
70.         foreach($line in $result) {
71.         $service = $line.Name
72.         $breachdate = $line.breachdate
73.         $breach_record = "$email,$service,$breachdate"
74.             if($already_found -notcontains $breach_record) {
75.             echo "$breach_record"
76.             echo "$breach_record" >> $path_to_notified_file
77.                 if($email_notify) {
78.                 $act_on_notify = $true
79.                 $working_email_body += "<br>" + $breach_record
80.                 }
81.             }
82.         }
83.         $working_email_body += $body_signature
84.         if(($email_notify) -and ($act_on_notify)) {
85.             if($needs_email_creds) {
86.             Send-MailMessage -from $from -To "$email" -Subject $subject -bodyashtml($working_email_body) -smtpServer "$smtp" -port "$smtp_port" -credential $credentials -UseSsl
87.             $working_email_body
88.             } else {
89.             #Send-MailMessage -from $from -To "$email" -Subject $subject -bodyashtml($working_email_body) -smtpServer "$smtp" -port "$smtp_port"
90.             $working_email_body
91.             }
92.         }
93.     }
94. #lets not over spam
95. sleep 5
96. }