Check for breached passwords with k-anonymity

Last update: Feb 08, 2022

Related tags

Security related resources passwnd

Overview

passwnd

Check for breached passwords with k-anonymity

Usage

To get prompted to enter the password securely, simply run:

passwnd.py

Alternatively, you can specify the password directly:

passwnd.py

The latter is not recommended, as it might leak the password to the shell history.

How it works

The password will be hashed with SHA1 and turned to human-readable hex (ASCII)
That hex will be trimmed to just the first 5 characters
That trimmed result will be submitted to the pwnedpasswords.com database
pwnedpasswords.com will return all hashes that begin with that trim
We download all returned hashes, and perform a full search locally

This way, we can check if a password was breached, without revealing said password. While simultaneously only requiring to download a few kB of data instead of GB.

A simple way to store your passwords without requiring third party applications

SimplePasswordManager A simple way to store your passwords without requiring third party applications Simple To Use. Store Your Passwords For Each Web

1 Dec 23, 2021

PwdGen is a Python Tkinter tool for generating secure 16 digit passwords.

PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install

7 Jul 14, 2022

A python script to brute-force guess the passwords to Instagram accounts

Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i

2 Nov 16, 2021

OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238.

OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238. It generates and validates OTPs based

1 Nov 15, 2021

Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, downloads, history, and more.

ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download

3 Oct 5, 2022

Utility for Extracting all passwords from ConnectWise Automate

CWA Password Extractor Utility for Extracting all passwords from ConnectWise Automate (E.g. while migrating to a new system). Outputs a csv file with

1 Dec 9, 2021

Pass2Pwn: a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name

Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name

10 Oct 15, 2022

Chromepass - Hacking Chrome Saved Passwords

Chromepass - Hacking Chrome Saved Passwords and Cookies View Demo · Report Bug · Request Feature Table of Contents About the Project AV Detection Gett

622 Jan 4, 2023

PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password

44 Nov 18, 2022

Releases(v1.0.0)

v1.0.0(Feb 8, 2022)

Initial release
Source code(tar.gz)
Source code(zip)
passwnd.exe(5.36 MB)
passwnd.py(2.66 KB)

Owner

Nat

I make computer go beep boop... (I actually do, modprobe pcspkr and then some nice C code)

GitHub Repository

Obfuscate your Python scripts better, faster.

⚜️ Berserker ⚜️ An unique Python3 obfuscator using Kyrie Eleison's encryption protocol, written in Python3. 📋 Examples 📋 Unobfuscated: input("Hello

81 Dec 07, 2022

Threat research and reporting from IronNet's Threat Research Teams

IronNet Threat Research 🕵️ Overview This repository contains IronNet's Threat Research. Research & Reporting 📝 Project Description Cobalt Strike Res

36 Dec 02, 2022

Apache Solr SSRF(CVE-2021-27905)

Solr-SSRF Apache Solr SSRF #Use [-] Apache Solr SSRF漏洞 (CVE-2021-27905) [-] Options: -h or --help : 方法说明 -u or --url

70 Nov 09, 2022

FIVE, Vulnerability Scanner And Mass Exploiter, made for pentesting.

$ FIVE - FIVE is a Pentesting Framework to Test the Security & Integrity of a Website, or Multiple Websites. $ Info FIVE Was Made After Vulnnr to Prod

24 Dec 10, 2021

Fuck - Multi Brute Force 🚶‍♂

f-mbf Fuck - Multi Brute Force 🚶‍♂ Install Script $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ pip2 install requests $ pip2

1 Dec 03, 2021

🍉一款基于Python-Django的多功能Web安全渗透测试工具，包含漏洞扫描，端口扫描，指纹识别，目录扫描，旁站扫描，域名扫描等功能。

Sec-Tools 项目介绍系统简介本项目命名为Sec-Tools，是一款基于 Python-Django 的在线多功能 Web 应用渗透测试系统，包含漏洞检测、目录识别、端口扫描、指纹识别、域名探测、旁站探测、信息泄露检测等功能。本系统通过旁站探测和域名探测功能对待检测网站进行资产收集，通过端

300 Jan 07, 2023

A bare-bones POC container runner in python

pybox A proof-of-concept bare-bones container written in 50 lines of python code. Provides namespace isolation and resource limit control Usage Insta

5 Jun 03, 2021

一款辅助探测Orderby注入漏洞的BurpSuite插件，Python3编写，适用于上xray等扫描器被ban的场景

OrderbyHunter 一款辅助探测Orderby注入漏洞的BurpSuite插件，Python3编写，适用于上xray等扫描器被ban的场景 1. 支持Get/Post型请求参数的探测，被动探测，对于存在Orderby注入的请求将会在HTTP Histroy里标红 2. 自定义排序参数list

21 Aug 12, 2022

The next level Python obfuscator, nearly impossible to deobfuscate.

🐸 Kramer 🐸 Kramer is a next level obfuscation tool written in Python3 allowing you to obfuscate your Python3 code easily and securely. It uses Berse

114 Dec 26, 2022

MS-FSRVP coercion abuse PoC

ShadowCoerce MS-FSRVP coercion abuse PoC Credits: Gilles LIONEL (a.k.a. Topotam)

219 Dec 28, 2022

Blinder is a tool that will help you simplify the exploitation of blind SQL injection

Blinder Have you found a blind SQL injection? Great! Now you need to export it, but are you too lazy to sort through the values? Most likely,

10 Dec 06, 2022

Remote control your Greenbone Vulnerability Manager (GVM)

Greenbone Vulnerability Management Tools The Greenbone Vulnerability Management Tools gvm-tools are a collection of tools that help with remote contro

130 Dec 17, 2022

Local server for IDA Lumina feature

About POC of an offline server for IDA Lumina feature.

166 Dec 30, 2022

This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

PYTHON-EXPLOITATION This is a repository filled with scripts that were made with Python, and designed to exploit computer systems. Networking tcp_clin

1 Oct 30, 2021

A python script to decrypt media files encrypted using the Android application 'Decrypting 'LOCKED Secret Calculator Vault''. Will identify PIN / pattern.

3 Sep 26, 2022

This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit relays only.

This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit re

22 Nov 09, 2022

Check for breached passwords with k-anonymity

Related tags

Overview

passwnd

Usage

How it works

You might also like...

A simple way to store your passwords without requiring third party applications

PwdGen is a Python Tkinter tool for generating secure 16 digit passwords.

A python script to brute-force guess the passwords to Instagram accounts

OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238.

Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, downloads, history, and more.

Utility for Extracting all passwords from ConnectWise Automate

Pass2Pwn: a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name

Chromepass - Hacking Chrome Saved Passwords

PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

Releases(v1.0.0)

v1.0.0(Feb 8, 2022)

Owner

Nat

Obfuscate your Python scripts better, faster.

Threat research and reporting from IronNet's Threat Research Teams

Apache Solr SSRF(CVE-2021-27905)

FIVE, Vulnerability Scanner And Mass Exploiter, made for pentesting.

Fuck - Multi Brute Force 🚶‍♂

🍉一款基于Python-Django的多功能Web安全渗透测试工具，包含漏洞扫描，端口扫描，指纹识别，目录扫描，旁站扫描，域名扫描等功能。

A bare-bones POC container runner in python

一款辅助探测Orderby注入漏洞的BurpSuite插件，Python3编写，适用于上xray等扫描器被ban的场景

The next level Python obfuscator, nearly impossible to deobfuscate.

MS-FSRVP coercion abuse PoC

Blinder is a tool that will help you simplify the exploitation of blind SQL injection

Remote control your Greenbone Vulnerability Manager (GVM)

Local server for IDA Lumina feature

This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

A python script to decrypt media files encrypted using the Android application 'Decrypting 'LOCKED Secret Calculator Vault''. Will identify PIN / pattern.

This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit relays only.

WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar

Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell

A Radare2 based Python module for Binary Analysis and Reverse Engineering.

proxyshell payload generate