pwnedOrNot - Python Script to Find Passwords for Compromised Email Accounts using haveibeenpwned API

  •        660

pwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps.



Related Projects

Infoga - Infoga - Email Information Gathering

  •    Python

Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pgp key servers and shodan) and check if emails was leaked using hacked-emails API. Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet.

php-exploit-scripts - A collection of PHP exploit scripts, found when investigating hacked servers

  •    PHP

A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute. Yes, obviously. Don't copy them and store them on your own server. These are scripts found on hacked systems, so they're used to exploit the server and abuse some kind of vulnerability.

eve-demo - A fully functional REST Web API. Powered by Eve.

  •    Python

A fully featured RESTful Web API powered by Eve. With Eve setting up an API is very simple. You just need a launch script ( and a configuration file ( Check out the module in this repo to get an idea of how configuration is handled. Don't forget to visit Eve website for a complete list of features and examples. There is also a sample client application available. It uses the Requests library to consume the demo. In fact it has been quickly hacked together to reset the API every once in a while. Check it out at

InstaFilters - Instagram filters hacked and open sourced. Supports both photo and video.

  •    Objective-C

Instagram filters hacked and open sourced. Supports both photo and video.


  •    C

This is The DWM X window manager - hacked to add a few extra features and slightly modified to suit a still ultra-slim but not featureless need. A collection of a bunch of jacks from a bunch of different people. - Lightweight solution for using encrypted passwords in shell scripts

  •    Shell provides a lightweight solution for using encrypted passwords in shell scripts using OpenSSL. It allows a user to encrypt a password (or any other secret) at runtime and then use it, decrypted, within another script. This prevents shoulder surfing passwords and avoids storing the password in plain text, which could inadvertently be sent to or discovered by an individual at a later date. This script generates an AES 256 bit symmetric key for each script (or user-defined label) that stores secrets. This key will then be used to encrypt all secrets for that script or label.


  •    Java

GML4J was an experimental (i.e. hacked together quickly) Java API for work with the Geography Markup Language (GML). There has been no development since 2001/2. See for an API with a similar purpose.

LaZagneForensic - Windows passwords decryption from dump files

  •    Python

LaZagne uses an internal Windows function called CryptUnprotectData to decrypt user passwords. This API should be called on the victim user session, otherwise, it does not work. If the computer has not been started (when the analysis is realized on an offline mounted disk), or if we do not want to drop a binary on the remote host, no passwords can be retrieved. LaZagneForensic has been created to avoid this problem. This work has been mainly inspired by the awesome work done by Jean-Michel Picod and Elie Bursztein for DPAPICK and Francesco Picasso for Windows DPAPI laboratory.

Tivo Archive

  •    Python

A python library and commandline tool for downloading shows from your Tivo. Does not require a hacked tivo. Combined with Tivodecode, it can decrypt the shows as well. I would recommend transcoding them after the fact with something like Handbrake for greater device compatibility.

Play - A better Sonos controller for iOS

  •    Objective-C

This is an attempt at making a better Sonos controller for iOS. It's pretty hacked together right now -- I'll try to articulate needs later so others can contribute. The following (sparse) instructions below should get it working with your system. Easiest way to do this is to checkout: and use the command line example. Run: python all list_ips to find all the IPs. Then run python YOUR_SPEAKERS_IP_ADDRESS info to determine the uid for each speaker.

firefox_decrypt - Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox/Thunderbird/Seabird) profiles

  •    Python

Firefox Decrypt is a tool to extract passwords from Firefox/Thunderbird profiles. It can be used to recover passwords from a profile protected by a Master Password as long as the latter is known. If a profile is not protected by a Master Password, a password will still be requested but can be left blank.

node-keytar - Native Password Node Module

  •    C++

A native Node module to get, add, replace, and delete passwords in system's keychain. On macOS the passwords are managed by the Keychain, on Linux they are managed by the Secret Service API/libsecret, and on Windows they are managed by Credential Vault. Currently this library uses libsecret so you may need to install it before running npm install.

LaZagne - Credentials recovery project

  •    Python

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software. This project has been added to pupy as a post-exploitation module. Python code will be interpreted in memory without touching the disk and it works on Windows and Linux host. The last Linux release is not up to date so I recommend using pupy to use it.

sshLooter - Script to steal passwords from ssh.

  •    Shell

Script to steal passwords from ssh. Stealing SSH credentials Another Approach.

passpie - :closed_lock_with_key: Multiplatform command-line password manager

  •    Python

Passpie is a command line tool to manage passwords from the terminal with a colorful and configurable interface. Use a master passphrase to decrypt login credentials, copy passwords to clipboard, syncronize with a git repository, check the state of your passwords, and more. Password files are encrypted using GnuPG and saved into yaml text files. Passpie supports Linux, OSX and Windows.


  •    C++

As a child, you where tortured in the playground. You where a victim of the highschool hirarchy. You hacked hours on end, and build a machine that transphormed you into a bird. You are now free (as in speech) to fly around the city and poop on passers-by


  •    Perl

Poeb is a fully functional IRC bot written in Perl. Main goal is to become comparable to base eggdrop. Poeb now utilizes hacked versions of IRC::Bot available on CPAN.

Begin2: A TCP/IP Tactical Starship Sim

  •    Assembly

A shareware game called begin was released in 1984: a tactical starship game with a good AI and fair rules (the computer had no advantage) I've hacked assembly code to make it a multiplayer game, so that folk can challenge each other rather than the AI.

phpChart class package

  •    PHP

provides a PHP4 class package derived and hacked from advGraph to generate charts in Flash4 SWF format. The Ming PHP extension to SWF is used in this class package.

We have large collection of open source products. Follow the tags from Tag Cloud >>

Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.