Troy Hunt has updated the haveibeenpwned list of pwned passwords, which now contains a staggering 517 million compromise passwords (as SHA1 hashes).
I have downloaded Version 3 (ordered by hash) and tested it against my software on GitHub. It appears to still be working.
It is still open source, available under the MIT Licence. This means you can do pretty much what ever you want with it and make sure it isn’t doing anything nefarious with your passwords.
Do not enter passwords you use on the haveibeenpwned website or in the app while using the web API. If you don’t understand why, please consult your nearest smart friend.
I am tempted to add some code to allow you to save your hashes (as an encrypted file) so each time new passwords are added it will be easier to check your existing passwords.
Find the offline password searcher on GitHub here
More info and updates here. Hopefully I will do a user guide soon as well.