Hey Folks, In this tutorial we will present an interesting tool, which is used only for credential reuse attacks. Cr3dOv3r is a python-based tool, which simply uses email address for credential reuse attack. In short, if you have a user’s email and password, you can easily find out which social media platforms have credentials active on them.
Lets take a look 🙂 !!
Installation
It is an open source and free to use, therefore we can download this tool from the github page by using the git command.
1 | git clone https://github.com/D4Vinci/Cr3dOv3r.git |
We need to go to the directory to start this tool.
1 | cd Cr3dOv3r/ |
We will execute the following command to fulfill the requirement of this tool.
1 | python3 -m pip install -r requirements.txt |
Now we are ready to start this tool.
- -h, –help show this help message and exit
- -p Don’t check for leaks or plain text passwords.
- -np Don’t check for plain text passwords.
- -q Quiet mode (no banner).
1 | python3 Cr3d0v3r.py -h |
For this mission, we need to choose the specific email address we want to achieve. Now execute the following command.
1 | python3 Cr3d0v3r.py secnhack@gmail.com |
BOOM !! As you can see we did not know that this email was available on Twitter. Just like that you can try some features of this tool and get more information ℹ .
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.
