PwnedPasswordsChecker is a tool that checks if the hash of a known password (in SHA1 or NTLM format) is present in the list of I Have Been Pwned leaks and the number of occurrences.
You can download the hash-coded version for SHA1 here or the hash-coded version for NTLM here
Once the list is downloaded it is then necessary to convert it to binary by using my other tool HIBP PasswordList Slimmer
This script only works with the HIBP version sorted by hash and entry hashes must be in lowercase and preferably ordered by hashs
Usage
./PwnedPasswordsChecker {InputHashList} {HashType} {OutputFile} {CompressedHIBPHashList}
./PwnedPasswordsChecker .\NTLM_LIST.txt NTLM .\Output.txt .\ntlm_hibp_compressed.bin
Output format : {hash}:{occurence}
Installation
Download the compiled version for Windows or Linux from release page
If you wish to compile it yourself, you will need to have golang installed on your system and perform the following commands:
git clone https://github.com/JoshuaMart/PwnedPasswordsChecker && cd PwnedPasswordsChecker
go build main.go
Screenshots
Thanks to the use of a “compressed” format the tool has largely gained in performance, example of use between the old version and the new one with a list of 20,000 hashes (Intel Core I7 8565U) :
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…