A simple tool to extract http authentication credentials from websites
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more about the CLI.
Please sign in to use Codespaces.
If nothing happens, download GitHub Desktop and try again.
If nothing happens, download GitHub Desktop and try again.
If nothing happens, download Xcode and try again.
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
This is a simple PoC tool to check a page for exposed http authentication credentials.
Usage and example:
$> python3 httpcreds.py -u https://uploads.blogbasis.net/test/
[*] Checking: https://uploads.blogbasis.net/test/
[+] Found: http://test:test@example.com
More information: https://0day.work/credentials-hiding-in-plain-sight-or-how-i-pwned-your-http-auth/
A simple tool to extract http authentication credentials from websites