After we launched SysReptor a few years ago, we now published the data leak service "SysLeaks for Attackers". We're still refining the service and kindly ask for your feedback. You can use SysLeaks quite extensively during the BETA phase, which will remain open in November.

How it works:
You search for domain names and receive usernames/email addresses, plaintext passwords and (in some cases) the platform the account was used for.

Limitations:

• Users must sign up with their company email address (we approve offensive security companies only to prevent abuse).
• We don't disclose the leaks of the last 14 days as a grace period for affected companies.
• Free 50 credits for up to 2.500 leaked accounts per week (during the BETA phase)