Kaduu consists of two plattforms:

• Deepweb (https://deepweb.leak.center)
• Control (https://control.leak.center)

Deepweb is used for live queries that can take up to 3 hours. Control is mainly DB driven. API access is currently only available for "Control". Control uses a REST API which you can reach via SSL.

Please find two API documentations here:

• kaduu-2.2-swagger-fixed.zip
• The PDF documentation has some more details about authentication and filters.

Please note that Kaduu SaaS API is based on a REST/HTTPS protocol with JSON format. All endpoints except the authentication expect the JSON input and Content-Type: application/json header provided with the request. All endpoint results are in JSON format. Before using any other API calls, you should obtain an authentication token – it is required for all subsequent API calls. In order to obtain the token, you should send a POST request to the

https://app.leak.center/uaa/oauth/token URL with the following data: Headers Content-Type application/x-www-form-urlencoded Form client_id client-api client_secret comfy-litigate-embargo-forelimb grant_type password username <your username> password <your password>

All fields in form should be URL-encoded.

The server responds with a token in JSON format: {

"access_token": "<your token>",
"token_type": "bearer",
"expires_in": 43199,
"scope": "svc-saas",
"jti": "fcea19dc-091c-4b58-901e-3e9bb8df162f"

}

The API consumer should copy the resulting access_token value from the response and use it in Authorization header with Bearer scheme for all other requests:

Authorization: Bearer <your token>

Please define your webhook under your account settings. You need to define "http" as a alerting method. The system will POST all new findings to that URL as a JSON list of alert objects. You may leave this field blank in order to disable alert notifications.

The Leak Center Query Tool is a Python script that interacts with the Leak Center API to fetch and process leaked data. It supports authentication using credentials provided interactively or through an optional auth.txt file, which must be formatted as username,password. The script queries for a target domain, which can be supplied interactively or via an input.txt file. Optionally, a date range can be specified through a DateRange.txt file or interactively; if skipped, no date filter is applied. The script normalizes different date formats, such as yyyy.mm.dd, yy.mm.dd, or yyyy-mm-dd, into a format compatible with the backend.

The script processes paginated responses from the API and writes the results to a CSV file, Leaks.csv, with structured headers including id, createdAt, content, fileName, and more.

This script is designed to help users search through data leaks for specific information like email addresses and passwords. It automates the process of logging into the Leak Center's API service, where the leaks are stored. Once logged in, the script uses search criteria specified by the user (such as particular tags that might relate to the type of information they're interested in, e.g., "accounts") to find relevant data within the leaks. Please check the readme inside the script for more details. Download the file here.