What is an AntiPublic checker? | Blog - DorkPlus
DorkPlus Logo

DorkPlus

Get started
Back to the blog
June 14, 20253 min

What is an Antipublic Checker? Your Secret Weapon Against Public Lines

In the saturated world of combo making, dumping and hacking, antipublic checkers have emerged as critical tools for both threat actors and ethical defenders. But what exactly are they, and why do they matter? Let’s break it down.

What Is AntiPublic Checker Banner
The Core Concept

An antipublic checker is a specialized tool that scans databases of leaked credentials (often called combo lists) to determine whether a specific email:password pair is private (new/undisclosed) or public (already circulating in known breaches).

Think of it as a "leak detector" for credential pairs. For example:

Main Checkers
APlus by DorkPlus
  • +32 billion unique email:pass.
  • URL antipublic module—allows website hacker/dumpers who found a vulnerability for example SQL injection to pass the URL and see if it has used before.
  • 5-10K lines checked per second, the fastest on the market
    • MYRZ AntiPublic
  • +15 billion unique email:pass.
  • Actively used by the Russian community
  • 100-200 lines checked per second
  • Input: [email protected]:Password123!
  • Output: PUBLIC (found in 3 breaches) or PRIVATE (not found).
    • How It Works
    Input Acceptance
  • Accepts combo lines in plain text (e.g., email:pass).
  • Some tools (APlus by DorkPlus, MYRZ AntiPublic) allow bulk checks (1000s of lines at once).
    • Result Delivery
  • PUBLIC: Already exposed → High risk of being patched/monitored.
  • PRIVATE: Not found in known leaks → Potentially "fresh" and valuable.
    • Who Uses Antipublic Checkers?Threat Actors (Malicious Use):

    Filter out public combos to avoid:

  • Public data (can't be sold/used)
  • Account lockouts (due to widespread blocking)
  • Honeypots (traps set by security teams)

    • Prioritize private combos for credential stuffing, account takeovers, or dark web sales.

    Security Researchers & Bug Bounty Hunters (Ethical Use):
  • Efficiency Boost: Instantly discard public combos to focus on new breaches.
  • Target Validation: Verify if a leaked credential pair is truly novel before reporting it to a company.
  • Risk Assessment: Identify if a target’s credentials are circulating publicly (urgent patching needed).
    • Controversy & Ethics

    While antipublic checkers aren't directly harmful, they’re also used as a side tool to target victim that weren't exploited by attackers. This duality underscores a key truth: Tools aren’t inherently good or evil—it’s about intent. Ethical practitioners use them to prevent harm; threat actors use them to cause harm.

    The Bottom Line

    Antipublic checkers are cybersecurity’s double-edged sword

  • For researchers: They save time, validate targets, and amplify impact.
  • For attackers: They weaponize efficiency.
    • It's time to get started

    You now understand who we are, what we do and what we offer. If you have any question feel free to open a ticket on our Discord server, we'll make sure to help you out.

    Shop now
    Important notice

    The blog posts on this website are purely fictional and theoretical in nature. They are intended for educational purposes only and should not be taken as instructions or guidance to perform any illegal or unauthorized activities.

    The scenarios described in our blog posts are hypothetical and do not promote or encourage any malicious or harmful actions. Our goal is to provide a perspective from a professional penetration tester's point of view, assuming they have obtained proper permission and legal authorization to conduct a test or scan on a website, company, or network.

    It is essential to understand that our blog posts are not a call to action, and we do not condone or promote any illegal activities. Our content is intended for educational and informational purposes only, and it is the responsibility of our readers to ensure they comply with all applicable laws and regulations.

    By accessing and reading our blog posts, you acknowledge that you understand and agree to these terms. If you are not a professional or authorized individual, please do not attempt to replicate or apply any techniques or methods described in our content.

    Remember, our blog posts are for educational purposes only, and we strongly advise against using any information or techniques described in our content for malicious or harmful purposes.