03-19-2015, 11:22 AM
As you already know, Internet is full of passwords (plain and hashed ones): when a leak occurs, usually it's posted to PasteBin.
The pace of these dumps is so high that it's not humanly possible to collect them all, so we have to rely on a bot, scraping PasteBin site for interesting filea.
Dump Monitor will exactly do this: every time some leaked information are posted on PasteBin, he will tweet the link.
Sadly Dump Monitor is not very efficient: inside its tweets you will find a lot of "false positives" (debug data, log files, Antivirus scan results) or stuff we're not interested into (RSA private keys, API keys, list of email addresses).
Moreover, once you have the raw data you need to extract such information and remove all the garbage.
That's the reason why Dump Scraper was born: inside this repository you will find several scripts to fetch the latest tweets from Dump Monitor, analyze them (discarding useless files) and extract the hashes or the passwords.
https://github.com/tampe125/dump-scraper/releases
Please remember to read the wiki before continuing:
https://github.com/tampe125/dump-scraper/wiki
Finally, this is a super-alpha release, so things may be broken or not working as expected. Moreover, I know it's a kind of "hackish": a single program with a GUI would be 100 times better. Sadly I'm running out of time and I don't know anything about Python GUI development: if anyone wants to contribute, it would be more than welcome!
Please leave here your thoughts and opinions.
The pace of these dumps is so high that it's not humanly possible to collect them all, so we have to rely on a bot, scraping PasteBin site for interesting filea.
Dump Monitor will exactly do this: every time some leaked information are posted on PasteBin, he will tweet the link.
Sadly Dump Monitor is not very efficient: inside its tweets you will find a lot of "false positives" (debug data, log files, Antivirus scan results) or stuff we're not interested into (RSA private keys, API keys, list of email addresses).
Moreover, once you have the raw data you need to extract such information and remove all the garbage.
That's the reason why Dump Scraper was born: inside this repository you will find several scripts to fetch the latest tweets from Dump Monitor, analyze them (discarding useless files) and extract the hashes or the passwords.
https://github.com/tampe125/dump-scraper/releases
Please remember to read the wiki before continuing:
https://github.com/tampe125/dump-scraper/wiki
Finally, this is a super-alpha release, so things may be broken or not working as expected. Moreover, I know it's a kind of "hackish": a single program with a GUI would be 100 times better. Sadly I'm running out of time and I don't know anything about Python GUI development: if anyone wants to contribute, it would be more than welcome!
Please leave here your thoughts and opinions.