DEV Community

Cover image for Just Launched: xonPlus – Real-Time Breach Alerts for Devs and Security Teams
Devanand Premkumar
Devanand Premkumar

Posted on

Just Launched: xonPlus – Real-Time Breach Alerts for Devs and Security Teams

#darkwebmonitoring #ato #api

Hey devs 👋

I love building tools that solve real, annoying problems, and xonPlus was born out of one of the most frustrating: not knowing when your organization’s data gets breached.

🔍 How It Started

A while back, I built XposedOrNot, a free tool that allows anyone to check if their email address was exposed in a breach. It started as a small side project, just something to learn from.

Then, security teams began to arrive. They weren’t looking to check one email; they wanted to monitor entire domains, get real-time alerts, and pipe breach data into their systems.

At first, I wrote scripts. Then a few quick dashboards. But it was clear what they needed wasn’t another bloated, costly tool or a noisy feed. They needed something fast, focused, and dev-friendly.

So I built xonPlus.

🚀 What It Does

xonPlus is a real-time breach alerting system.

It monitors your organization’s emails and domains across billions of breach records and lets you know the moment something shows up.

When your data is exposed, whether in a public breach, paste site, or dark web dump, you get an alert with full context: breach source, affected accounts, and what actions to take.

You can plug alerts into:

  • Slack
  • Microsoft Teams
  • Email
  • Splunk
  • Or just call the API and wire it into your stack

🧰 How It’s Built

Under the hood:
FastAPI for async performance (originally started in Flask)
Google Cloud Run + Google Datastore for scale
Redis for caching and rate limiting
Cloudflare for hosting
Support for bulk email checks, multi-domain monitoring, and custom alerting

There’s also a simple frontend if your team wants to view breach timelines and trends visually.

🧠 Who It’s For

xonPlus currently supports three main modules:

  1. xonEnterprise+ → for domain-wide monitoring
  2. xonConsumer+ → to alert your users if they’re exposed
  3. xonAPI+ → If you want to build breach visibility into your product

It’s useful whether you’re a solo engineer, a security lead, or a developer working on auth, fraud prevention, or compliance workflows.

💡 Why It Matters

Breaches are happening constantly. Credentials are getting leaked, reused, and exploited.

But most orgs don’t find out until attackers are already inside.

xonPlus gives you a clear signal when something’s wrong and a chance to act before it becomes a full-blown incident.

📣 What’s Next

I’m adding more features based on early feedback, especially around automation, exports, and deeper integrations.

If this sounds useful or you’re curious about how it works, here’s the full backstory:
👉https://blog.xposedornot.com/xonplus-launch/

I’d love to hear your thoughts, suggestions, or critiques.

Always open to ideas that make the product better.

Thanks for reading 🙌

Top comments (0)