5 Free Security APIs Every Developer Should Bookmark (With Python Examples)

Last year, a friend's startup got hacked through a dependency with a known vulnerability. The fix was available for 6 months. Nobody checked. These 5 free APIs could have prevented it — and they take minutes to set up. 1. Have I Been Pwned — Check If Emails Were Breached Troy Hunt's legendary service. Check any email against 13B+ breached accounts. import requests import hashlib def check_password_pwned(password): """Check if a password appeared in data breaches (k-anonymity, safe)""" sha1 = hashlib.sha1(password.encode()).hexdigest().upper() prefix, suffix = sha1[:5], sha1[5:] resp = requests.get(f'https://api.pwnedpasswords.com/range/{prefix}') for line in resp.text.splitlines(): hash_suffix, count = line.split(':') if hash_suffix == suffix: return int(count) return 0 # Check (uses k-anonymity — your password is NEVER sent) count = check_password_pwned('password123') print(f'Found in {count:,} breaches') # Found in 123,456 breaches How it works: Only the first 5 chars of the hash are