functions/Test-PasswordPwned.ps1
function Test-PasswordPwned { [CmdletBinding()] [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseDeclaredVarsMoreThanAssignments', '', Justification = 'Used for output')] param ( [parameter(ValueFromPipeline, Mandatory = $true, Position = 0)][Alias("Password")][String]$Value ) begin { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 class pwnpasswd { [string]$password [string]$hash [int32]$CompromisedCount } } process { $hash = (Get-StringHash -String $Value -HashName SHA1).toupper() $5charhash = $hash.substring(0, 5) $parms = @{ uri = "https://api.pwnedpasswords.com/range/$5charhash" method = "GET" usebasicparsing = $true } $results = Invoke-RestMethod @parms $hashsuffix = $hash.replace("$5charhash", "") $results | where-object {$_ -like "$($hashsuffix)*"} # Create array of results $resultsarr = ($results | select-string -pattern "([A-Z0-9]+)(\:[0-9]+)" -AllMatches).Matches.Value $compromised = $resultsarr | Where-Object {$_ -like "$($hashsuffix):*"} # Create output $compromised | ForEach-Object { $output = [pwnpasswd]@{ password = $Value hash = $hash CompromisedCount = ($compromised | Select-String -Pattern "(?<=\:)[0-9]+").Matches.Value } } } end { return $output } } |