Check for breached passwords with k-anonymity

Last update: Feb 08, 2022

Related tags

Security related resources passwnd

Overview

passwnd

Check for breached passwords with k-anonymity

Usage

To get prompted to enter the password securely, simply run:

passwnd.py

Alternatively, you can specify the password directly:

passwnd.py

The latter is not recommended, as it might leak the password to the shell history.

How it works

The password will be hashed with SHA1 and turned to human-readable hex (ASCII)
That hex will be trimmed to just the first 5 characters
That trimmed result will be submitted to the pwnedpasswords.com database
pwnedpasswords.com will return all hashes that begin with that trim
We download all returned hashes, and perform a full search locally

This way, we can check if a password was breached, without revealing said password. While simultaneously only requiring to download a few kB of data instead of GB.

A simple way to store your passwords without requiring third party applications

SimplePasswordManager A simple way to store your passwords without requiring third party applications Simple To Use. Store Your Passwords For Each Web

1 Dec 23, 2021

PwdGen is a Python Tkinter tool for generating secure 16 digit passwords.

PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install

7 Jul 14, 2022

A python script to brute-force guess the passwords to Instagram accounts

Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i

2 Nov 16, 2021

OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238.

OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238. It generates and validates OTPs based

1 Nov 15, 2021

Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, downloads, history, and more.

ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download

3 Oct 5, 2022

Utility for Extracting all passwords from ConnectWise Automate

CWA Password Extractor Utility for Extracting all passwords from ConnectWise Automate (E.g. while migrating to a new system). Outputs a csv file with

1 Dec 9, 2021

Pass2Pwn: a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name

Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name

10 Oct 15, 2022

Chromepass - Hacking Chrome Saved Passwords

Chromepass - Hacking Chrome Saved Passwords and Cookies View Demo · Report Bug · Request Feature Table of Contents About the Project AV Detection Gett

622 Jan 4, 2023

PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password

44 Nov 18, 2022

Releases(v1.0.0)

v1.0.0(Feb 8, 2022)

Initial release
Source code(tar.gz)
Source code(zip)
passwnd.exe(5.36 MB)
passwnd.py(2.66 KB)

Owner

Nat

I make computer go beep boop... (I actually do, modprobe pcspkr and then some nice C code)

GitHub Repository

Send CVE information to the specified mailbox (from Github)

91 Nov 08, 2022

BurpSuite Extension: Log4j RCE Scanner

1 Dec 16, 2021

Python decompiler for Python 1.5-2.4 (for historical archive)

This preserves the early code of a Python decompiler for Python versions 1.5 to 2.4. I have been able to install this using pyenv using Python 2.3.7 u

2 Jan 04, 2022

Open-source keylogger write in python

Python open-source keylogger Language Python open-source keylogger using pynput module Using Install dependences in archive setup.py or install.sh in

4 Jan 15, 2022

✨ Powerfull & Universal Link Bypasser ✨

4 Jun 03, 2022

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile. It effectively runs its own MDM server and allows the operator to interface with it using Mythic.

37 Dec 06, 2022

♻️ Password Generator (PSG) 📚 This plugin is made for more familiarity with Python, but can also be used to create passwords

About Tool This plugin is made for more familiarity with Python, but can also be used to create passwords.

2 Jul 23, 2022

ssh-audit is a tool for ssh server & client configuration auditing.

SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

1.4k Dec 31, 2022

This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload vulnerabilities)

zip-symlink-payload-creator This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload

6 Aug 18, 2022

Check for breached passwords with k-anonymity

Related tags

Overview

passwnd

Usage

How it works

You might also like...

A simple way to store your passwords without requiring third party applications

PwdGen is a Python Tkinter tool for generating secure 16 digit passwords.

A python script to brute-force guess the passwords to Instagram accounts

OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238.

Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, downloads, history, and more.

Utility for Extracting all passwords from ConnectWise Automate

Pass2Pwn: a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name

Chromepass - Hacking Chrome Saved Passwords

PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

Releases(v1.0.0)

v1.0.0(Feb 8, 2022)

Owner

Nat

Send CVE information to the specified mailbox (from Github)

BurpSuite Extension: Log4j RCE Scanner

Python decompiler for Python 1.5-2.4 (for historical archive)

Open-source keylogger write in python

✨ Powerfull & Universal Link Bypasser ✨

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

♻️ Password Generator (PSG) 📚 This plugin is made for more familiarity with Python, but can also be used to create passwords

ssh-audit is a tool for ssh server & client configuration auditing.

This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload vulnerabilities)

A simple python code for hacking profile views

Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.

IPscan - This Script is Framework To automate IP process large scope For Bug Hunting

Fetch Chrome, Firefox, WiFi password and system info

M.E.A.T. - Mobile Evidence Acquisition Toolkit

Uncover the full name of a target on Linkedin.

A piece of software that shows a traceroute of a URL redirect path

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

威胁情报播报

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

Python library to prevent XSS(cross site scripting attach) by removing harmful content from data.