We've built Lunar, a free platform that lets organizations check whether credentials or related assets tied to their domain appear in breaches or infostealer logs.
The idea is simple: if data connected to your organization is already circulating in breach datasets or stealer logs, you should be able to see that without paywalls or sales cycles.
How it works at a high level:
Domain-based access (no individual lookups)
Exposure from infostealer logs, breach dumps, combo lists, and leaked cookies or sessions
Continuous monitoring of underground sources, with near real-time updates
Data is masked until domain ownership is verified
Access to the exposure data itself is free. There are optional advanced features for teams that need automation, integrations, or deeper operational workflows, but basic visibility into your own exposure is not gated.
I'm affiliated with the project (I lead the team behind it). Posting here because I’d genuinely appreciate feedback from people who think about breach data, infostealers, and responsible disclosure. Happy to answer questions or hear criticism.
rangeva•1mo ago
We've built Lunar, a free platform that lets organizations check whether credentials or related assets tied to their domain appear in breaches or infostealer logs.
The idea is simple: if data connected to your organization is already circulating in breach datasets or stealer logs, you should be able to see that without paywalls or sales cycles.
How it works at a high level:
Domain-based access (no individual lookups)
Exposure from infostealer logs, breach dumps, combo lists, and leaked cookies or sessions
Continuous monitoring of underground sources, with near real-time updates
Data is masked until domain ownership is verified
Access to the exposure data itself is free. There are optional advanced features for teams that need automation, integrations, or deeper operational workflows, but basic visibility into your own exposure is not gated.
I'm affiliated with the project (I lead the team behind it). Posting here because I’d genuinely appreciate feedback from people who think about breach data, infostealers, and responsible disclosure. Happy to answer questions or hear criticism.