A command line tool to detect shared passwords
List available modules:
$ java -jar shard-1.0.jar -l
Available modules:
Facebook
LinkedIn
Reddit
Twitter
Instagram
Given a username and password shard will attempt to authenticate with multiple sites:
$ java -jar shard-1.0.jar -u <redacted-username> -p <redacted-password>
- Tried credentials on 5 sites
- Failed authentication for 2 sites:
- Reddit
- Instagram
- Discovered credentials for 3 sites:
- Facebook
- LinkedIn
- Twitter
Grab the latest release from the release tab, which was built as a fat jar using sbt assembly.
or
Build it yourself using sbt
Adding a new module is easy. Create a new class that inherits from AbstractModule in the module package and add the module to the ModuleFactory.
The AbstractModule has one abstract method:
def tryLogin(creds: Credentials): LoginResult
This method takes a Credentials object and returns either a SuccessfulLogin or FailedLogin object. I recommend using the TwitterModule as an template.
Dependencies:
- JSoup is used for HTTP communication and HTML parsing
- spray-json is used for handling json
Contact me or use this GitHub project