Sinisterly

Full Version: Credmap ~ Credential Reuse tool
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Credmap is an open source tool that was created to bring awareness to the dangers of credential reuse. It is capable of testing supplied user credentials on several known websites to test if the password has been reused on any of these.

https://github.com/lightos/credmap

https://github.com/lightos/credmap/wiki
This looks like a very nice and useful tool! I might use it sometime soon, thanks for the awesome tool!

Edit: for the share of the tool, lol.
Generally speaking, It's a commonality for users to use the same login credentials on most (If not all) of their online accounts.

In terms of the website per se, disallowing credential reuse and Implementing password complexity requirements should be a mandatory security measure In all (major) corporations. Unfortunately, It's not. During my exploitations, I've come across Fortune 500 companies who've neglected to Implement both, with some (In their back-end) failing to even prompt for the currently-used password when making changes to the account.

Appreciate the contribution, I'll certainly check this out.
(01-04-2018, 10:12 AM)mothered Wrote: [ -> ]Generally speaking, It's a commonality for users to use the same login credentials on most (If not all) of their online accounts.

In terms of the website per se, disallowing credential reuse and Implementing password complexity requirements should be a mandatory security measure In all (major) corporations. Unfortunately, It's not. During my exploitations, I've come across Fortune 500 companies who've neglected to Implement both, with some (In their back-end) failing to even prompt for the currently-used password when making changes to the account.

Appreciate the contribution, I'll certainly check this out.

Exactly,
I'll definitely check this out as well