Your best friend in credential reuse attacks.
Cr3dOv3r simply you give it an email then it does two simple jobs (but useful) :
- Search for public leaks for the email and if it any, it returns with all available details about the leak (Using hacked-emails site API).
- Now you give it this email's old or leaked password then it checks this credentials against 16 websites (ex: facebook, twitter, google...) then it tells you if login successful in any website!
Imagine with me this scenario
- You checking a targeted email with this tool.
- The tool finds it in a leak so you open the leakage link.
- You get the leaked password after searching the leak.
- Now you back to the tool and enters this password to check if there's any website the user uses the same password in it.
- You imagine the rest
usage: Cr3d0v3r.py [-h] email positional arguments: email Email/username to check a optional arguments: -h, --help show this help message and exit
Installing and requirements
To make the tool work at its best you must have :
- Python 3.x.
- Linux or windows system.
- The requirements mentioned in the next few lines.
+For windows : (After downloading ZIP and upzip it)
+For linux :
cd Cr3dOv3r-master python -m pip install -r win_requirements.txt python Cr3dOv3r.py -h
If you want to add a website to the tool, follow the instructions in the wiki
git clone https://github.com/D4Vinci/Cr3dOv3r.git chmod 777 -R Cr3dOv3r-master cd Cr3dOv3r-master pip3 install -r requirements.txt python Cr3dOv3r.py -h