GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → secxena → credcheck

secxena / credcheck

Licence: MIT license
Credentials Checking Framework

Programming Languages

python
139335 projects - #7 most used programming language
Makefile
30231 projects

Labels

frameworkbug-bountypentestingbugbountybugcrowdpentest-scriptshackeronepentest-toolpostexplotationpostexploit

Projects that are alternatives of or similar to credcheck

Awesome Hacking Lists
平常看到好的渗透hacking工具和多领域效率工具的集合
Stars: ✭ 311 (+522%)
Mutual labels:  bug-bounty, bugbounty, pentest-scripts
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+14392%)
Mutual labels:  bug-bounty, bugbounty, pentest-tool
h1-search
Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (+16%)
Mutual labels:  bugbounty, hackerone, pentest-tool
PayloadsAll
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-38%)
Mutual labels:  bugbounty, bugcrowd, hackerone
Domainker
BugBounty Tool
Stars: ✭ 40 (-20%)
Mutual labels:  bugbounty, bugcrowd, hackerone
vaf
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+488%)
Mutual labels:  bug-bounty, bugbounty, pentest-tool
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+3044%)
Mutual labels:  bugbounty, bugcrowd, hackerone
dora
Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
Stars: ✭ 229 (+358%)
Mutual labels:  bugbounty, bugcrowd, hackerone
Galaxy-Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
Stars: ✭ 34 (-32%)
Mutual labels:  bugbounty, bugcrowd, hackerone
Eagle
Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (+70%)
Mutual labels:  bugbounty, bugcrowd, hackerone
Nightingale
It's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+138%)
Mutual labels:  bug-bounty, bugbounty, pentest-tool
Xxe Injection Payload List
🎯 XML External Entity (XXE) Injection Payload List
Stars: ✭ 304 (+508%)
Mutual labels:  bug-bounty, bugbounty
Di.we.h
Repositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (+212%)
Mutual labels:  bug-bounty, bugbounty
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+6778%)
Mutual labels:  bug-bounty, bugbounty
Bbr
An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (+184%)
Mutual labels:  bug-bounty, bugbounty
Vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+438%)
Mutual labels:  bug-bounty, pentest-tool
Offensive Docker
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+556%)
Mutual labels:  bug-bounty, bugbounty
sub404
A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+310%)
Mutual labels:  bug-bounty, bugbounty
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+918%)
Mutual labels:  bug-bounty, bugbounty
Awesome Oneliner Bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
Stars: ✭ 594 (+1088%)
Mutual labels:  bug-bounty, bugbounty
View All Similar Projects ➔


PRs Welcome Contributors MIT


Features

  • Check credentils of given target.
  • Check credentials passivly(using regex).
  • CMD-line script.
  • Use as library

Todos

  • Publish on pypi
  • Inclusion of api docs
  • Pin-pointed regexes for Creds
  • Test cases
  • Multiple subparsers
  • Complete regex

Uses

pre-requisite 3.6+

Command line usage

python main.py --service stripe --token sk_live_r3s7_0f_7h3_d37ails

Library Usage

from credcheck.core.cred_check_active import DynamicTest
from credcheck.core.cred_check_utils import CredUtils

service = 'stripe'
credentials = {'TOKEN':'sk_live_r3s7_0f_7h3_d37ails'}
stripCred = DynamicTest()
stripCred.check_it(service, credentials)

Contributing

Areas to contribute

  • Write test cases to make this framework more robust
  • Write regex for static testing of Credentials
  • Include complete API blocks from https://any-api.com/ to extend the scope of credcheck
  • Help document the code
  • Spread the word

Prerequisites

Install all dependency via

pip install -r requirements.txt

Authors

  • Apoorv Raj Saxena

License

Licensed under the MIT, see LICENSE for more information.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].