Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

  • Penetration Testing Distribution - BackBox

    BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing...
  • Pentest Distro Linux - Weakerth4n

    Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox...
  • The Amnesic Incognito Live System - Tails

    Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship...
  • Penetration Testing Distribution - BlackArch

    BlackArch is a penetration testing distribution based on Arch Linux that provides a large amount of cyber security tools. It is an open-source distro created specially for penetration testers and security researchers...
  • The Best Penetration Testing Distribution - Kali Linux

    Kali Linux is a Debian-based distribution for digital forensics and penetration testing, developed and maintained by Offensive Security. Mati Aharoni and Devon Kearns rewrote BackTrack...
  • Friendly OS designed for Pentesting - ParrotOS

    Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting...
Showing posts with label DUMP. Show all posts
Showing posts with label DUMP. Show all posts

Sunday, March 4, 2018

Know The Dangers Of Credential Reuse Attacks - Cr3dOv3r v0.3


Your best friend in credential reuse attacks.
Cr3dOv3r simply you give it an email then it does two simple jobs (but useful) :
  • Search for public leaks for the email and if it any, it returns with all available details about the leak (Using hacked-emails site API).
  • Now you give it this email's old or leaked password then it checks this credentials against 16 websites (ex: facebook, twitter, google...) then it tells you if login successful in any website!


Imagine with me this scenario
  • You checking a targeted email with this tool.
  • The tool finds it in a leak so you open the leakage link.
  • You get the leaked password after searching the leak.
  • Now you back to the tool and enters this password to check if there's any website the user uses the same password in it.
  • You imagine the rest

Screenshots



Usage
usage: Cr3d0v3r.py [-h] email

positional arguments:
  email       Email/username to check
a
optional arguments:
  -h, --help  show this help message and exit

Installing and requirements

To make the tool work at its best you must have :
  • Python 3.x.
  • Linux or windows system.
  • The requirements mentioned in the next few lines.

Installing
+For windows : (After downloading ZIP and upzip it)
cd Cr3dOv3r-master
python -m pip install -r win_requirements.txt
python Cr3dOv3r.py -h
+For linux :
git clone https://github.com/D4Vinci/Cr3dOv3r.git
chmod 777 -R Cr3dOv3r-master
cd Cr3dOv3r-master
pip3 install -r requirements.txt
python Cr3dOv3r.py -h
If you want to add a website to the tool, follow the instructions in the wiki

Contact



Share:
Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition