muesli / Crunchy
Licence: mit
Finds common flaws in passwords. Like cracklib, but written in Go.
Stars: ✭ 363
Programming Languages
go
31211 projects - #10 most used programming language
Labels
Projects that are alternatives of or similar to Crunchy
Predator
A powerful open-source platform for load testing APIs.
Stars: ✭ 356 (-1.93%)
Mutual labels: hacktoberfest
Lbadd
LBADD: An experimental, distributed SQL database
Stars: ✭ 362 (-0.28%)
Mutual labels: hacktoberfest
Fnm
🚀 Fast and simple Node.js version manager, built in Rust
Stars: ✭ 6,102 (+1580.99%)
Mutual labels: hacktoberfest
Appcenter
Pay-what-you-want app store for elementary OS
Stars: ✭ 358 (-1.38%)
Mutual labels: hacktoberfest
Isolator
Detect non-atomic interactions within DB transactions
Stars: ✭ 362 (-0.28%)
Mutual labels: hacktoberfest
Kube Bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
Stars: ✭ 4,359 (+1100.83%)
Mutual labels: hacktoberfest
Pg Mem
An in memory postgres DB instance for your unit tests
Stars: ✭ 350 (-3.58%)
Mutual labels: hacktoberfest
Exceptionless.net
Exceptionless clients for the .NET platform
Stars: ✭ 362 (-0.28%)
Mutual labels: hacktoberfest
Kedro
A Python framework for creating reproducible, maintainable and modular data science code.
Stars: ✭ 4,764 (+1212.4%)
Mutual labels: hacktoberfest
Drools
Drools is a rule engine, DMN engine and complex event processing (CEP) engine for Java.
Stars: ✭ 4,062 (+1019.01%)
Mutual labels: hacktoberfest
Jmc
This is the project for OpenJDK Mission Control, a production time profiling and diagnostics tools suite. https://openjdk.java.net/projects/jmc/
Stars: ✭ 359 (-1.1%)
Mutual labels: hacktoberfest
S3cmd
Official s3cmd repo -- Command line tool for managing Amazon S3 and CloudFront services
Stars: ✭ 3,767 (+937.74%)
Mutual labels: hacktoberfest
Parabeac Core
It's OK to love Flutter and hate hand-coding design elements. Parabeac-Core converts design files into Flutter code.
Stars: ✭ 346 (-4.68%)
Mutual labels: hacktoberfest
crunchy
Finds common flaws in passwords. Like cracklib, but written in Go.
Detects:
-
ErrEmpty: Empty passwords -
ErrTooShort: Too short passwords -
ErrNoDigits: Password does not contain any digits -
ErrNoSymbols: Password does not contain any special characters -
ErrTooFewChars: Too few different characters, like "aabbccdd" -
ErrTooSystematic: Systematic passwords, like "abcdefgh" or "87654321" -
ErrDictionary: Passwords from a dictionary / wordlist -
ErrMangledDictionary: Mangled / reversed passwords, like "[email protected]" or "drowssap" -
ErrHashedDictionary: Hashed dictionary words, like "5f4dcc3b5aa765d61d8327deb882cf99" (the md5sum of "password") -
ErrFoundHIBP: Optional hash checks against the haveibeenpwned.com database
Your system dictionaries from /usr/share/dict will be indexed. If no dictionaries were found, crunchy only relies on
the regular sanity checks (ErrEmpty, ErrTooShort, ErrTooFewChars and ErrTooSystematic). On Ubuntu it is
recommended to install the wordlists distributed with cracklib-runtime, on macOS you can install cracklib-words from
brew. You could also install various other language dictionaries or wordlists, e.g. from skullsecurity.org.
crunchy uses the WagnerFischer algorithm to find mangled passwords in your dictionaries.
Installation
Make sure you have a working Go environment (Go 1.2 or higher is required). See the install instructions.
To install crunchy, simply run:
go get github.com/muesli/crunchy
Example
package main
import (
"github.com/muesli/crunchy"
"fmt"
)
func main() {
validator := crunchy.NewValidator()
err := validator.Check("12345678")
if err != nil {
fmt.Printf("The password '12345678' is considered unsafe: %v\n", err)
}
err = validator.Check("[email protected]")
if dicterr, ok := err.(*crunchy.DictionaryError); ok {
fmt.Printf("The password '[email protected]' is too similar to dictionary word '%s' (distance %d)\n",
dicterr.Word, dicterr.Distance)
}
err = validator.Check("d1924ce3d0510b2b2b4604c99453e2e1")
if err == nil {
// Password is considered acceptable
...
}
}
Custom Options
package main
import (
"github.com/muesli/crunchy"
"fmt"
)
func main() {
validator := crunchy.NewValidatorWithOpts(crunchy.Options{
// MinLength is the minimum length required for a valid password
// (must be >= 1, default is 8)
MinLength: 10,
// MinDiff is the minimum amount of unique characters required for a valid password
// (must be >= 1, default is 5)
MinDiff: 8,
// MinDist is the minimum WagnerFischer distance for mangled password dictionary lookups
// (must be >= 0, default is 3)
MinDist: 4,
// Hashers will be used to find hashed passwords in dictionaries
Hashers: []hash.Hash{md5.New(), sha1.New(), sha256.New(), sha512.New()},
// DictionaryPath contains all the dictionaries that will be parsed
// (default is /usr/share/dict)
DictionaryPath: "/var/my/own/dicts",
// MustContainDigit is a flag to require at least one digit for a valid password
// (default is false)
MustContainDigit: true,
// MustContainSymbol is a flag to require at least one special symbol for a valid password
// (default is false)
MustContainSymbol: true,
// Check haveibeenpwned.com database
// Default is false
CheckHIBP: true,
})
...
}
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].