Description
This module uses the LeakIX API to search for exposed services and data leaks. LeakIX is a search engine focused on indexing internet-exposed services and leaked credentials/databases.
An API key is required (free at https://leakix.net).
Actions: SEARCH - Query LeakIX with a search string and scope (leak or service). Paginated, 20 results per page, max 500 pages (10000 results). Free accounts have lower page limits. HOST - Retrieve all known services and leaks for a given IP DOMAIN - Retrieve all known services and leaks for a given domain SUBDOMAINS - List known subdomains for a given domain PLUGINS - List all available LeakIX scanner plugins BULK - Stream all leak results via the bulk API (Pro only, leak scope only). Use MAXRESULTS to limit the number of collected events.
Query examples: +country:"France" +port:3306 +country:"Germany" plugin:HttpOpenProxy +software.name:"nginx" +country:"US"
Module options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use auxiliary/gather/leakix_searchmsf undefined(leakix_search) > show actions ...actions...msf undefined(leakix_search) > set ACTION < action-name >msf undefined(leakix_search) > show options ...show and set options...msf undefined(leakix_search) > runPrioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub