How to Check valid login credentials using Credmap

Credmap is an open source tool that was created to bring awareness to the dangers of credential reuse. It is capable of testing supplied user credentials on several known websites to test if the password has been reused on any of these.

Lets start with Check valid login credentials using Credmap

Step 1 : Just download or clone from github.

git clone https://github.com/lightos/credmap.git

Step 2 :Now you have to install it.

cd credmap

ls

chmod +x credmap.py

./credmap.py

Help Menu

Usage: credmap.py --email EMAIL | --user USER | --load LIST [options]

Options:

-h/--help show this help message and exit

-v/--verbose display extra output information

-u/--username=USER.. set the username to test with

-p/--password=PASS.. set the password to test with

-e/--email=EMAIL set an email to test with

-l/--load=LOAD_FILE load list of credentials in format USER:PASSWORD

-f/--format=CRED_F.. format to use when reading from file (e.g. u|e:p)

-x/--exclude=EXCLUDE exclude sites from testing

-o/--only=ONLY test only listed sites

-s/--safe-urls only test sites that use HTTPS.

-i/--ignore-proxy ignore system default HTTP proxy

--proxy=PROXY set proxy (e.g. "socks5://192.168.1.2:9050")

--list list available sites to test with

Examples

./credmap.py --username TechTrick --email TechTrick@email.com

./credmap.py -u johndoe -e TechTrick@email.com --exclude "TechTrick.in, live.com"

./credmap.py -u johndoe -p TechTrick123 -vvv --only "TechTrick.in, facebook.com"

./credmap.py -e TechTrick@example.com --verbose --proxy "https://127.0.0.1:8080"

./credmap.py --load creds.txt --format "e.u.p"

./credmap.py -l creds.txt -f "u|e:p"

./credmap.py -l creds.txt

./credmap.py --list

Step 3 :Here i am using my email Id you can use any of them.

./credmap.py --email XXXXXXXXXXXX@gmail.com --user XXXXXXXXXXXX@gmail.com

Step 4 :Now its Loaded 28 sites to test.

I hope you enjoyed this article.