There are many points that I can suggest: If you're looking for a way to identify and verify leakage of credentials, khast3x/h8mail is already includes APIs that you're talking about. A bit difficult to properly setup, but CIRCL/AIL-framework will help you identify a surface of darkweb. It automatically scrape pastes from many sources to identify `.onion`, and roughly scrape each page again to find specified keywords. There are a research about "Digital Risk Protection" market by Forrester which will help find and compare each vendor on the market. Just had a small session with RecordedFuture a little while ago and found that it didn't find the same amount of leaked credentials based on email address compare to HaveIBeenPwned. So, you must request for a PoC or trial if you need to know its true capabilities of the platform.