Breached Credentials
DeHashed
DeHashed is a paid tool, but relatively inexpensive for identifying historically breached credentials. They have over 14 billion records, from a variety of data leaks.
The DeHashed output can be used for credential stuffing attacks, or for additional insights on creating a context-driven password list for password spraying attacks on login portals.
HaveIBeenPwned
Whilst it is not possible to get the password or password hash from a target user on HaveIBeenPwned, it does provide us context of which database the breached credential is from. This can be used to try and find the original leaked copy of this database on underground forums and pull out the data ourselves.