What is an AntiPublic checker? | Blog - DorkPlus
DorkPlus Logo

DorkPlus

Get started
Back to the blog
June 14, 20253 min

What is an Antipublic Checker? Your Secret Weapon Against Public Lines

In the saturated world of combo making, dumping, and hacking, antipublic checkers have become essential for both threat actors and ethical defenders. Here’s what they are and why they matter.

What Is AntiPublic Checker Banner
The Core Concept

An antipublic checker scans databases of leaked credentials (combo lists) to see whether a specific email:password pair is private (new/undisclosed) or already circulating in known breaches.

Think of it as a leak detector for credential pairs. For example:

Main Checkers
APlus by DorkPlus
  • +32 billion unique email:pass.
  • URL antipublic module—if you find a vulnerability (e.g., SQL injection), submit the URL to check whether it has been used before.
  • 5-10K lines checked per second, the fastest on the market
    • MYRZ AntiPublic
  • +15 billion unique email:pass.
  • Actively used by the Russian community
  • 100-200 lines checked per second
  • Input: [email protected]:Password123!
  • Output: PUBLIC (found in 3 breaches) or PRIVATE (not found).
    • How It Works
    Input Acceptance
  • Accepts combo lines in plain text (e.g., email:pass).
  • Some tools (APlus by DorkPlus, MYRZ AntiPublic) allow bulk checks (1000s of lines at once).
    • Result Delivery
  • PUBLIC: Already exposed — high risk of being patched or monitored.
  • PRIVATE: Not found in known leaks — potentially fresh and more valuable.
    • Who Uses Antipublic Checkers?Threat Actors (Malicious Use):

    They filter out public combos to avoid:

  • Public data (can't be sold/used)
  • Account lockouts (due to widespread blocking)
  • Honeypots (traps set by security teams)

    • They prioritize private combos for credential stuffing, account takeovers, or dark web sales.

    Security Researchers & Bug Bounty Hunters (Ethical Use):
  • Efficiency Boost: Instantly discard public combos to focus on new breaches.
  • Target Validation: Verify if a leaked credential pair is truly novel before reporting it to a company.
  • Risk Assessment: Identify if a target’s credentials are circulating publicly (urgent patching needed).
    • Controversy & Ethics

    Antipublic checkers aren’t inherently harmful, but they can be misused to target victims that attackers haven’t reached yet. Tools aren’t good or bad on their own — intent matters. Ethical practitioners use them to prevent harm; threat actors use them to cause it.

    The Bottom Line

    Antipublic checkers are a double-edged sword in cybersecurity:

  • For researchers: They save time, validate targets, and amplify impact.
  • For attackers: They weaponize efficiency.
    • It's time to get started

    Now you know who we are, what we do, and what we offer. If you have questions, open a ticket on our Discord server and we’ll be glad to help.

    Shop now
    Important notice

    The blog posts on this website are fictional and theoretical. They exist for educational purposes only and should never be treated as instructions to perform illegal or unauthorized activities.

    The scenarios described are hypothetical and do not promote or encourage malicious or harmful actions. They reflect a professional penetration tester’s perspective, assuming proper permission and legal authorization to test a website, company, or network.

    Our posts are not a call to action, and we do not condone illegal activity. Readers are responsible for complying with applicable laws and regulations.

    By reading our posts, you acknowledge these terms. If you are not a professional or authorized individual, do not attempt to replicate any techniques described here.

    Our content is for education only, and we strongly advise against using any information or techniques for malicious purposes.