anon/psudohash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
psudohash/README.md
Panagiotis Chartas add0dd7c9c
Update README.md
2022-07-04 11:55:50 +02:00

48 lines
2.8 KiB
Markdown
Raw Blame History

# psudohash
[![Python 3.x](https://img.shields.io/badge/python-3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-MIT-red.svg)](https://github.com/t3l3machus/psudohash/blob/main/LICENSE)
<img src="https://img.shields.io/badge/Maintained%3F-Yes-23a82c">
## Purpose
psudohash is a password generator that imitates certain commonly used password creation patterns that humans use, like substituting a word's characters with symbols or numbers, using char-case variations, adding a common padding before or after the word etc. It is keyword-based and highly customizable.
### Pentesting Corporate Environments
System administrators and employees tend to use the Company's name (or a subset of the name) as password for Wi-Fi access points, network devices and application or even domain accounts. With the company's name as input and the most basic options, psudohash will produce a wordlist with all possible character substitution and case variations and more. Take a look at the following example:
![usage_example_png](https://raw.github.com/t3l3machus/psudohash/master/Screenshots/micro-example.png)
The script includes a basic character substitution schema. You can add/modify character substitution patterns by edditing the source and following the data structure presented below (default):
```
transformations = [
{'a' : '@'},
{'b' : '8'},
{'e' : '3'},
{'g' : ['9', '6']},
{'i' : ['1', '!']},
{'o' : '0'},
{'s' : ['$', '5']},
{'t' : '7'}
]
```
### Individuals
When it comes to people, i think we all have (more or less) set passwords using a mutation of one or more words that mean something to us, like our name or wife/kid/pet/band names, sticking the year we were born at the end or maybe a super secure padding like "!@#". Well, guess what?
![usage_example_png](https://raw.github.com/t3l3machus/psudohash/master/Screenshots/psudohash.png)
## Installation
No special requirements. Just clone the repo and make the script executable:
```
git clone https://github.com/t3l3machus/psudohash
cd ./psudohash
chmod +x psudohash.py
```
## Usage
```
./psudohash.py [-h] -w WORDS [-an LEVEL] [-nl LIMIT] [-y YEARS] [-ap VALUES] [-cpb] [-cpa] [-cpo] [-o FILENAME] [-q]
```
The help dialog [ -h, --help ] includes usage details and examples.
## Usage Tips
1. Combining options --years and --append-numbering with a --numbering-limit >= 90 will most likely produce some duplicate words because of the mutation patterns implemented by the tool.
2. If you add custom paddings and/or modify the predefined custom paddings directly in the script along with the --append-numbering option, there is a small chance of duplicate words occuring. psudohash includes word filtering controls but for speed's sake, those are limited.
## Future
I'm gathering information regarding commonly used password creation patterns to enhance the tool's capabilities.
Reference in New Issue View Git Blame Copy Permalink