Displaying 1 to 14 from 14 results

passpwn - See if your passwords in pass has been breached.

  •    Shell

This is a tool for checking your passwords in pass against Have I been pwned?. passpwn uses the range API which means that we are only sending the first 5 characters of a SHA1 hashed password to Have I been pwned? and are checking the returned hashes against the full local hash.

pwned - An easy, Ruby way to use the Pwned Passwords API.

  •    Ruby

An easy, Ruby way to use the Pwned Passwords API. Troy Hunt's Pwned Passwords API V2 allows you to check if a password has been found in any of the huge data breaches.




firepwned - :pray: Checks Firefox saved passwords against known data leaks using the Have I Been Pwned API

  •    Python

Firepwned is a tool that checks if your Firefox saved passwords have been involved in a known data leak using the Have I Been Pwned API. On Debian / Ubuntu you'll need the package libnss3, which you should already have if you have Firefox installed.

Maltego-haveibeenpwned - Maltego Integration of https://haveibeenpwned.com

  •    

Please refer to the https://github.com/cmlh/Maltego-haveibeenpwned/wiki for further information.

checkpwn - Check Have I Been Pwned and see if it's time for you to change passwords.

  •    Rust

Check Have I Been Pwned and see if it's time for you to change passwords. NOTE: List files must have the .ls file extension.

pam_pwnd - A PAM module to test passwords against previous leaks at haveibeenpwned.com

  •    C

This repository contains a simple PAM module for testing whether a password being used for authentication has been listed in the have I been pwned database. Note that in the documentation here we focus upon ensuring that a password used for sudo has not been compromised, but PAM-modules can be used for many purposes, from handling SSH-access, to permitting HTTP-based authentication. There is nothing sudo-specific about our code so this module can be useful in many contexts.


h8mail - Email OSINT and password breach hunting

  •    Python

Email OSINT and password breach hunting. Use h8mail to find passwords through different breach and reconnaissance services, or the infamous Breached Compilation torrent

passprotect-chrome - A simple Chrome extension to help you stop using bad passwords

  •    Javascript

Stop using bad passwords. PassProtect is a Chrome extension created and maintained by Randall Degges that you can drop into any web page which dramatically improves the security of users accessing your website.

passprotect-js - A simple JavaScript library to help you protect your users' passwords

  •    Shell

Protect your user's passwords. PassProtect is a developer library created and maintained by Randall Degges that you can drop into any web page which dramatically improves the security of users accessing your website.

hibp - A composer package to verify if a password was previously used in a breach using Have I Been Pwned API

  •    PHP

To increse security of users on your system, I started building a client for @TroyHunt's Have I Been Pwned? API v2 that will check if a given password was already used in a breach. Many thanks to Mr. Troy Hunt for providing us this service. The goal of this project is to have a composer package that will allow you to quickly verify if a given password (from a registration or password reset form) was found in a data breach so you can inform your users to change their password and thus improving overal security.

haveibeenpwned-zxcvbn-lambda-api - Deploy your own secure API to estimate password strength and check haveibeenpwned for known matches - HTTPS by force, server not required, fire and brimstone sold separately 🔥

  •    Javascript

Deploy a private, secure and serverless RESTful endpoint for sanely scoring users' new passwords using Dropbox's zxcvbn library while (k-)anonymously querying Troy Hunt's haveibeenpwned collection of +5.1 billion* breached accounts. Create an AWS profile with IAM full access, Lambda full access and API Gateway Administrator privileges.

pw-pwnage-cfworker - Deploy a Cloudflare Worker to sanely score users' new passwords with zxcvbn AND check for matches against haveibeenpwned's 7

  •    Javascript

Deploy a private, secure and serverless RESTful endpoint for sanely scoring users' new passwords using Dropbox's zxcvbn library while (k-)anonymously querying Troy Hunt's haveibeenpwned collection of +5.1 billion breached accounts. People seemed to think this concept was neat, and a tiny RESTful API like this is a perfect use case for Cloudflare Workers.