/LeakGuard

LeakGuard is a project to prevent the use of leaked passwords.

Primary LanguageGo

Leak Guard

xiosec - LeakGuard stars - LeakGuard forks - LeakGuard GitHub release issues - LeakGuard

banner

LeakGuard is a project to prevent the use of leaked passwords

LeakGuard has a custom password filter module for Windows (Active Directory) which is loaded in the lsass process, and when a request is made to change or set a password for a user, this module sends the password to the server to check its leaking status. If the password has already been leaked, setting this password will be prevented.

Description

I have always wanted to create a project that checks whether a user's password has already been leaked or not before choosing a password. There are challenges for such a project, including the high volume of leaked passwords and the speed of password searches In this project, elasticsearch is used to search passwords, which has an acceptable speed.

In one of the tests, the amount of time spent searching in 1,440,604 passwords was 3.6251095ms on average. banner

Setup and installation

To start the server, just run the following command in the service folder:

docker-compose up

In the case of the Windows module, you must first compile the project and install it with the install.ps1 script with the following command:

PS C:\> . .\install.ps1
PS C:\> Invoke-LeakGuard -dllpath .\LeakGuard.dll -name LeakGuard -address <IP>:<PORT> -token <TOKEN>

banner

License

© 2023 xiosec