Cr3dOv3r - Know the dangers of credential reuse attacks
Your best friend in credential reuse attacks.
Cr3dOv3r simply you give it an email then it does two simple jobs (but useful) :
- Search for public leaks for the email and if it any, it returns with all available details about the leak (Using hacked-emails site API).
- Now you give it this email's old or leaked password then it checks this credentials against 16 websites (ex: facebook, twitter, google...) then it tells you if login successful in any website!
Imagine with me this scenario
- You checking a targeted email with this tool.
- The tool finds it in a leak so you open the leakage link.
- You get the leaked password after searching the leak.
- Now you back to the tool and enters this password to check if there's any website the user uses the same password in it.
- You imagine the rest
😄
Usage
usage: Cr3d0v3r.py [-h] email
positional arguments:
email Email/username to check
optional arguments:
-h, --help show this help message and exit
Installing and requirements
To make the tool work at its best you must have :
- Python 3.x or 2.x (Prefered 3).
- Linux or windows system (Not tested on OSX yet) .
- The requirements mentioned in the next few lines.
Installing
+For windows : (After downloading ZIP and upzip it)
cd Cr3dOv3r-master
python -m pip3 install -r win_requirements.txt
python Cr3dOv3r.py -h
+For linux :
git clone https://github.com/D4Vinci/Cr3dOv3r.git
chmod 777 -R Cr3dOv3r
cd Cr3dOv3r
pip3 install -r requirements.txt
python3 Cr3dOv3r.py -h
Post a Comment