Skip to content

Latest commit

 

History

History
81 lines (60 loc) · 3.16 KB

README.md

File metadata and controls

81 lines (60 loc) · 3.16 KB

leaky 🔑

Python 3.5|3.6 License

Leaky is a potent arsenal of tools designed for parsing and visualizing colossal text files laden with credentials. Built with the goal to aid penetration testers and redteamers in OSINT, credentials gathering, and credential stuffing attacks, this suite delivers an efficient way to manage a sea of data.

🆕 New Functionalities ADDED !

  • Phone number search
  • Search through JSON, CSV and SQL files

🌟 Credits

This project is built upon the foundational work of ACCEIS' LeakScraper. Visit their GitHub repository for more information : https://github.com/Acceis/leakScraper

⚙️ Installation

You can install Leaky and its prerequisites using the following commands:

# install mongodb
sudo apt-get install gnupg
curl -fsSL https://pgp.mongodb.com/server-6.0.asc | \
   sudo gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg \
   --dearmor
echo "deb [ signed-by=/usr/share/keyrings/mongodb-server-6.0.gpg] http://repo.mongodb.org/apt/debian bullseye/mongodb-org/6.0 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list
sudo apt-get update
sudo apt-get install -y mongodb-org

# start mongodb
sudo systemctl enable mongod
sudo systemctl start mongod
# if failed :
sudo systemctl daemon-reload
sudo systemctl status mongod

# install project
git clone https://github.com/saladandonionrings/leaky.git
cd leaky
sudo ./install.sh

🚀 Usage

When Leaky requires your leak file content in the email:password format. Follow these steps:

# escape weird characters from your txt file
python3 clean-file.py -i <input_file> -o <output_file>

# import the file into mongodb (not mandatory you can do it on the web)
python3 import.py <file> <leak_name> <leak_date>

# start web instance on port 9999 ; default password -> leaky123
python3 scraper.py

🔎 Functionalities

Leaky provides the following capabilities:

  • Search : Find domain names or individuals.
  • List of Leaks : Access the directory of leaks (includes name, number of credentials, date, remove).
  • Upload : Integrate your own leak file into the mongodb instance and watch it reflect on the web service.
  • Links : Useful links for data leaks.

📷 Screenshots

Search Credentials : image

Search Phones : image

Search SQL/JSON/CSV : image

List of Leaks : image

Upload : image

Links : image