/PassHunt

Search drives for documents containing passwords

Primary LanguagePythonBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

PassHunt

##Introduction

PassHunt searches drives for documents that contain passwords or any other regular expression. It's designed to be a simple, standalone tool that can be run from a USB stick.

Build

PassHunt is a Python script that can be easily converted to a standalone Windows executable using PyInstaller.

panhunt.py requires:

- Python 2.7
- Colorama (https://pypi.python.org/pypi/colorama)
- Progressbar (https://pypi.python.org/pypi/progressbar)
- PyInstaller (https://pypi.python.org/pypi/PyInstaller)

To create passhunt.exe as a standalone executable with an icon run:

pyinstaller.exe passhunt.py -F -i dionach.ico

##Usage

usage: passhunt [-h] [-s SEARCH] [-x EXCLUDE] [-t TEXTFILES] [-z ZIPFILES] [-e SPECIALFILES] [-m MAILFILES] [-l OTHERFILES] [-o OUTFILE]

PassHunt v0.9: search directories and sub directories for documents containing passwords.

optional arguments:
  -h, --help       show this help message and exit
  -s SEARCH        base directory to search in (default: C:\)
  -x EXCLUDE       directories to exclude from the search (default:
                   C:\Windows,C:\Program Files,C:\Program Files (x86))
  -t TEXTFILES     text file extensions to search (default: .doc,.xls,.xml,.tx
                   t,.csv,.config,.ini,.vbs,.vbscript,.bat,.pl,.asp,.sh,.php,.
                   inc,.conf,.inf,.reg)
  -z ZIPFILES      zip file extensions to search (default: .docx,.xlsx,.zip)
  -e SPECIALFILES  special file extensions to search (default: .msg)
  -m MAILFILES     email file extensions to search (default: .pst)
  -l OTHERFILES    other file extensions to list (default:
                   .ost,.accdb,.mdb,.kdb,.asc,.cer,.crt,.pem,.der)
  -o OUTFILE       HTML output file name for report (default:
                   passhunt_2014-07-11-093500.html)

Simply running it with no arguments will search the C:\ drive for documents containing passwords, and output to an HTML report file.

Function

The script uses a regular expression which defaults to "password" to look for passwords in document files, including text files, PST files and MSG files. Zip files are recursed to look for document files. The script will list but does not yet search Access databases.