🔐 A simple command-line password manager.

Related tags

Security related resourcespassword-managerpasswordpython3password-vaultsqlite3sqlite3-encryptionencryption-decryption
Overview

PassVault

Languages Repository size License

What Is It?

It is a command-line password manager, for educational purposes, that stores localy, in AES encryption, your sensitives datas in a SQlite database (.db). This project was made to learn more about cryptography and not for intended for actual use. This software is used at your own risks. It is provided as is and I (including any contributors) do not take any responsibility for any damage or loss done with or by it.

Installation

Clone this repository: git clone https://github.com/vlHan/PassVault or download zip

  • Enter the folder: cd PassVault/
  • Install python3

    • Linux

      • sudo apt-get install python3
      • chmod +x *
      • python3 -m pip install -r requirements.txt
      • Finished!

    • Windows and Mac

Usage

After installing, use the following command to install the dependecies and run the program.

$ python3 run.py

Or you can manually install the dependecies and run:

$ pip3 install -r requirements.txt
$ python3 run.py

⚠️ The program needs all the files, be sure to have all the dependecies and files installed.

How It Works

  1. After running you need to create your master password. This master password will be the key to indenty if the user is actually you, be sure you have saved, because the master password is unrecoverable.
  2. Follow the steps and answer the inputs, these informations will be saved.

After following the steps, the code will store your datas, encrypted in AES encryption, that comes from a python library pycryptodome, in a SQlite file. To authenticate the user, they are prompted to create a master password (that is also used to decrypt data) which is then stored using HMAC autentication code (that use SHA3_512 Hash Function for the digest mod). Whenever the user is prompted to verify their master password, the password they enter is compared to the hash of the stored master password and access if granted if the two hashes match.

if os.path.isfile('db/info.json'): # verify if the master password is created
    with open("db/info.json", 'r') as f: # read the salt stored in the file
      jfile = json.load(f) 

    self.master_pw = getpass.getpass('Enter your master password: ') # ask the master password

    h = hmac.new(self.master_pw.encode(), msg=str(jfile["Informations"]["salt"]).encode(), digestmod=hashlib.sha3_512).hexdigest() # use HMAC and encrypt in sha3_512 HASH Function 

    if h == jfile["Informations"]["master_password"]: # compare with the hash of the master password
        ...

Author and Contributor


@vlHan
@carvalinh0

Shoutouts

  • @carvalinh0 for helping me in the AES encryption.

All notable changes to this project will be in project changelog

Contributing

If you want to contribute see guidelines for contributing.

License

This project is under the MIT License.

You might also like...
A simple password generator using Python Tkinter.
A simple password generator using Python Tkinter.

Password-Generator-using-Python A simple password generator that generates password for you. User can Copy the password to Clipboard. Project made usi

Prashant Agheda 1 Nov 2, 2022
A python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

Hcoder This is a python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

Muhammad Hamza 3 Dec 6, 2021
Password List Creator Simple !

Password List Creator Simple !

MR.D3F417 4 Jan 27, 2022
This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack
This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack

This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack

Varun Jagtap 5 Oct 8, 2022
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio

Aiminsun 165 Dec 21, 2022
Used to build an XSS platform on the command line.

pyXSSPlatform Used to build an XSS platform on the command line. Usage: 1.generate the cert file You can use openssl like this: openssl req -new -x509

null 70 Jun 21, 2022
PasswordManager is a command-line program that helps you manage your secret files like passwords

PasswordManager is a command-line program that helps you manage your secret files like passwords. It's very minimalistic and easy to use.

Michael 3 Dec 30, 2021
The disassembler parses evm bytecode from the command line or from a file.

EVM Bytecode Disassembler The disassembler parses evm bytecode from the command line or from a file. It does not matter whether the bytecode is prefix

alpharush 22 Dec 27, 2022
Simple yara rule manager

Yara Manager A simple program to manage your yara ruleset in a (sqlite) database. Todos Search rules and descriptions Cluster rules in rulesets Enforc

Nils Kuhnert 65 Nov 17, 2022
Releases(V1.4)

  • V1.4(Jan 29, 2022)

    [V1.4] - 2022-01-29

    Added

    • New functions in the database file to avoid sqlite3 functions repetitions.
    • The name of the sqlite database is the name of your machine
      • Be sure not to change the name or something, otherwise the program will create another file and you'll lose the database

    Changed

    • Connection to the database file, now verify if the user is running in or out of the PassVault diretory

    Removed

    • vault.db in .gitignore
    • Remove coding utf-8 (do not need)
    Source code(tar.gz)
    Source code(zip)

  • V1.3(Jan 27, 2022)

    [V1.3] - 2022-01-25

    Added

    • Code optimization using new functions
    • New password generator function

    Changed

    • instance of menu and database class in modules/main.py

    Removed

    • unused functions
    Source code(tar.gz)
    Source code(zip)

  • V1.2(Jan 25, 2022)

    [V1.2] - 2022-01-23

    • Exceptions (KeyboardInterrupt) and exit config
    • Colors
    • See only one information (stored_passwords())
      • It shows just the platofrm and the ID
    • Checkmark and x mark

    Changed

    • Manager class in __main__.py to modules/main.py
    • to look up the password, need to know the ID using the function stored_password()

    Removed

    • Old show informations function (see_all())
    Source code(tar.gz)
    Source code(zip)

  • V1.1(Jan 6, 2022)

    [V1.1] - 2021-12-30

    Added

    • master password table (masterpassword) in the database SQlite.
    • a logo (demo/logo.png) and moved passvault.png to demo folder

    Changed

    • The json file as a database to a table in the SQlite database.
    • key system to a ID system (change/delete informations)

    Removed

    • json master password system.
    • key system
    Source code(tar.gz)
    Source code(zip)

  • V1.0(Dec 27, 2021)

Owner
Young student of Python and Programming.
GitHub Repository
C++ fully undetected shellcode launcher

charlotte c++ fully undetected shellcode launcher ;) releasing this to celebrate the birth of my newborn description 13/05/2021: c++ shellcode launche

894 Dec 25, 2022
Proof of Concept Exploit for vCenter CVE-2021-21972

CVE-2021-21972 Proof of Concept Exploit for vCenter CVE-2021-21972

Horizon 3 AI Inc 210 Dec 31, 2022
A tool to extract the IdP cert from vCenter backups and log in as Administrator

vCenter SAML Login Tool A tool to extract the Identity Provider (IdP) cert from vCenter backups and log in as Administrator Background Commonly, durin

Horizon 3 AI Inc 343 Dec 31, 2022
RCE 0-day for GhostScript 9.50 - Payload generator

RCE-0-day-for-GhostScript-9.50 PoC for RCE 0-day for GhostScript 9.50 - Payload generator The PoC in python generates payload when exploited for a 0-d

534 Dec 14, 2022
NoSecerets is a python script that is designed to crack hashes extremely fast. Faster even than Hashcat

NoSecerets NoSecerets is a python script that is designed to crack hashes extremely fast. Faster even than Hashcat How does it work? Instead of taking

DosentTrust GithubDatabase 9 Jul 04, 2022
Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

3 Apr 09, 2022
Finite Volume simulation of the Raleigh-Taylor Instability

finitevolume2-python Finite Volume simulation of the Raleigh-Taylor Instability Create Your Own Finite Volume Fluid Simulation (With Python): Part 2 B

Philip Mocz 12 Sep 01, 2022
Cam-Hacker: Ip Cameras hack with python

Cam-Hacker Hack Cameras Mode Of Execution: apt-get install python3 apt-get insta

Error 4 You 9 Dec 17, 2022
POC for detecting the Log4Shell (Log4J RCE) vulnerability

Interactsh An OOB interaction gathering server and client library Features • Usage • Interactsh Client • Interactsh Server • Interactsh Integration •

ProjectDiscovery 2.1k Jan 08, 2023
Magicspoofing - A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name

A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name. This project is for educational use, we are not responsible for i

20 Dec 02, 2022
A Simple File Encryptor/Decryptor

Ec: A Simple File Encryptor/Decryptor This has been made for educational reasons only, any constructive criticism/advice/comments are welcome! Also, p

1 Dec 10, 2021
Security audit Python project dependencies against security advisory databases.

Security audit Python project dependencies against security advisory databases.

52 Dec 17, 2022
This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly

Pro_Crack Facebook Fast Cracking Tool This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly Installation On Te

•JINN• 1 Jan 16, 2022
A python script written for lazy people to hack their school systen ;D

F-ck-the-system A python script written for lazy people to hack their school systen ;D Python voice notes writer This is a python script to record you

Sachit 2 Jan 09, 2022
Automated tool to find & created Exploit Poc for Clickjacking Vulnerability

ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i

Chirag Agrawal 24 Dec 19, 2022
Bug Alert: a service for alerting security and IT professionals of high-impact and 0day vulnerabilities

Bug Alert Bug Alert is a service for alerting security and IT professionals of h

BugAlert.org 208 Dec 15, 2022
Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp

cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session

东方有鱼名为咸 135 Dec 14, 2022
logmap: Log4j2 jndi injection fuzz tool

logmap - Log4j2 jndi injection fuzz tool Used for fuzzing to test whether there are log4j2 jndi injection vulnerabilities in header/body/path Use http

之乎者也 67 Oct 25, 2022
Show apps recorded storage files by jailbreak

0x101 Show registered storage files of apps by jailbreak Legal disclaimer: Usage of insTof for attacking targets without prior mutual consent is illeg

0x 4 Oct 24, 2022
Python decompiler for Python 1.5-2.4 (for historical archive)

This preserves the early code of a Python decompiler for Python versions 1.5 to 2.4. I have been able to install this using pyenv using Python 2.3.7 u

R. Bernstein 2 Jan 04, 2022