secxena / credcheck

Credentials Checking Framework

Home Page:https://blog.secxena.com/credcheck-a-credential-pentesting-framework

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool


PRs Welcome Contributors MIT


Features

  • Check credentils of given target.
  • Check credentials passivly(using regex).
  • CMD-line script.
  • Use as library

Todos

  • Publish on pypi
  • Inclusion of api docs
  • Pin-pointed regexes for Creds
  • Test cases
  • Multiple subparsers
  • Complete regex

Uses

pre-requisite 3.6+

Command line usage

python main.py --service stripe --token sk_live_r3s7_0f_7h3_d37ails

Library Usage

from credcheck.core.cred_check_active import DynamicTest
from credcheck.core.cred_check_utils import CredUtils

service = 'stripe'
credentials = {'TOKEN':'sk_live_r3s7_0f_7h3_d37ails'}
stripCred = DynamicTest()
stripCred.check_it(service, credentials)

Contributing

Areas to contribute

  • Write test cases to make this framework more robust
  • Write regex for static testing of Credentials
  • Include complete API blocks from https://any-api.com/ to extend the scope of credcheck
  • Help document the code
  • Spread the word

Prerequisites

Install all dependency via

pip install -r requirements.txt

Authors

  • Apoorv Raj Saxena

License

Licensed under the MIT, see LICENSE for more information.