NAZ.API
Jan 17, 2024
NAZ.API is a large credential stuffing dataset (~1 billion records, ~104 GB) compiled from stealer logs and other sources. It contains URL:username:password triplets (login credentials paired with the site they were stolen from), aggregated from numerous prior breaches and infostealer malware campaigns. The dataset was indexed by Have I Been Pwned in January 2024. Data includes plaintext passwords, email addresses, and usernames across a wide variety of websites.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
naz.api.csv3 columns1,501,736,801 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | url | high | values start with http/https/android indicating URLs |
| 1 | username | high | values are varied, including emails, usernames, and placeholder strings |
| 2 | password | high | values look like passwords, hashes, or placeholders |
Notes: Credential stuffing dataset containing URL:username:password triplets. Some entries have placeholder values like 'UNKNOWN' or '?'. Android app URLs suggest mobile app credentials.