CREDMAP (The Credential Mapper)
Credmap adalah alat open source yang diciptakan untuk membawa kesadaran akan bahaya penggunaan kembali kredensial. Hal ini mampu menguji kredensial pengguna yang disediakan di beberapa situs web terkenal untuk menguji apakah kata kunci telah digunakan kembali pada semua ini. Pos pengantar resmi dapat ditemukan di sini.
Clone folder dari github :
~# git clone https://github.com/lightos/credmap.git
Pindah ke directory "credmap", cd /home/users/credmap,, atau posisi saat kamu clone file dari github
Lalu jalankan dengan perintah "python credmap.py"
Help Menu
Usage: credmap.py --email EMAIL | --user USER | --load LIST [options]
Options:
-h/--help show this help message and exit
-v/--verbose display extra output information
-u/--username=USER.. set the username to test with
-p/--password=PASS.. set the password to test with
-e/--email=EMAIL set an email to test with
-l/--load=LOAD_FILE load list of credentials in format USER:PASSWORD
-f/--format=CRED_F.. format to use when reading from file (e.g. u|e:p)
-x/--exclude=EXCLUDE exclude sites from testing
-o/--only=ONLY test only listed sites
-s/--safe-urls only test sites that use HTTPS.
-i/--ignore-proxy ignore system default HTTP proxy
--proxy=PROXY set proxy (e.g. "socks5://192.168.1.2:9050")
--list list available sites to test withExamples
./credmap.py --username janedoe --email janedoe@email.com
./credmap.py -u johndoe -e johndoe@email.com --exclude
"github.com, live.com"
"linkedin.com, facebook.com"
"https://127.0.0.1:8080"
./credmap.py -u johndoe -p abc123 -vvv --only
./credmap.py -e janedoe@example.com --verbose --proxy
./credmap.py --load creds.txt --format "e.u.p"
./credmap.py -l creds.txt -f "u|e:p"
./credmap.py -l creds.txt
./credmap.py --list
