Pentest Tools

Published on May 29th, 2018 📆 | 2016 Views ⚑

0

pwnedOrNot – Tool To Find Passwords For Compromised Email Accounts Using HaveIBeenPwned API


https://www.ispeech.org
 

pwnedOrNot is a python script which checks if the email account has been compromised in a data breach, if the email account is compromised it proceeds to findĀ passwordsĀ for the compromised account.
It usesĀ haveibeenpwnedĀ v2 api to test email accounts and searches for theĀ passwordĀ inĀ Pastebin Dumps
This script has been tested onĀ KaliĀ LinuxĀ 18.2Ā andĀ Ubuntu 18.04.

Installation
It's a pure python script and relies on common python modules and does not need installation :

  • os
  • re
  • time
  • json
  • requests

Usage

git clone https://github.com/thewhiteh4t/pwnedOrNot.git
cd pwnedOrNot/
python pwnedornot.py

Features
haveibeenpwnedĀ offers a lot of information about the compromised email, some useful information is displayed by this script:

  • Name of Breach
  • Domain Name
  • Date of Breach
  • Fabrication status
  • Verification Status
  • Retirement status
  • Spam Status
  • Source of Dump
  • ID of Dump

And with all this informationĀ pwnedOrNotĀ can easily findĀ passwordsĀ for compromisedĀ emailsĀ if the dump is accessible and it contains the password





Screenshots

 

Download pwnedOrNot



Comments are closed.






Ā© Torchsec Ā Privacy PolicyĀ Disclaimer Ā T&C



Back to Top ↑