Oblivion is a tool focused in real time monitoring of new data leaks, notifying if the credentials of the user has been leak out. It’s possible too verify if any credential of user has been leak out before. The Oblivion have two modes:
- Oblivion Client: graphical mode.
- Oblivion Server: mode with API functionalities.
NOTE: The Oblivion Client and the Oblivion Server are independents.
Oblivion Client
Oblivion Server
Oblivion Features
- ๐ช CVEs scan
- โ๏ธ Works with powerful APIs
- ๐ Works too with Google Dorks
- ๐ Checks your password in Word Lists
- ๐ Checks the last pastes in Pastebin
- ๐ Output to txt, docx, pdf, xlsx, json, html, xml, db
- ๐ Output to encrypted files
- ๐ฆ Sends result files to multiples Buckets S3
- ๐ Upload the result files to Google Drive
- ๐ก Cab send result files by SSH (work with EC2)
- ๐ข Notify by Telegram and e-mail
- ๐ Includes option to hide passwords for demonstrations
- ๐ Works with scheduled scans
- ๐ Possible to execute loop scans
APIs
Service | Functions | Status |
---|---|---|
HaveIBeenPwned | E-mails and passwords | paid |
Scylla.sh | Cleartext passwords, hashs and salts, usernames, IPs, domain | free |
IntelX.io | Cleartext passwords, hashs and salts, usernames, IPs, domain, Bitcoin Wallets, IBAN | paid |
Circl.lu | Checks for new CVEs | free |
Usage & Configuration
For configuration or usage of Oblivion please read the documentation. All the steps were careful explained with images and examples.
Credits
- Peter Kleissner and the Intelligence X team
- Alejandro Caceres (Scylla)
- khast3x
- Daniel Miessler
- Gustavo Melgaรงo
- Alberico de Castro
- Eliabe Kaique