Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.

Overview

Driftwood

CI Status Go Report Card Docker Hub Build Status GitHub

Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.

Driftwood performs lookups with the computed public key, so the private key never leaves where you run the tool. Additionally it supports some basic password cracking for encrypted keys.

Driftwood in action

Installation

Three easy ways to get started.

Run with Docker

cat private.key | docker run --rm -i trufflesecurity/driftwood --pretty-json -

Run pre-built binary

Download the binary from the releases page and run it.

Build yourself

go install github.com/trufflesecurity/[email protected]

Usage

Minimal usage is

$ driftwood path/to/privatekey.pem

Run with --help to see more options.

Library Usage

Packages under pkg/ are libraries that can be used for external consumption. Packages under pkg/exp/ are considered to be experimental status and may have breaking changes.

You might also like...
🌰 encrypt/decrypt using ssh keys

ssh-vault 🌰 encrypt/decrypt using ssh private keys Documentation https://ssh-vault.com Usage $ ssh-vault -h Example: $ echo "secret" | ssh-vault -u

Ladon Pentest Scanner framework  全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Convert SSH Ed25519 keys to age keys. This is useful for usage in sops-nix and sops

ssh-to-age Convert SSH Ed25519 keys to age keys. This is useful for usage in sops-nix and sops Usage Exports the private key: $ ssh-to-age -private-ke

A Simple SSH Honeypot in Go

ssh-honeypot-go Dependencies: gliderlabs/ssh notify-send openssh (not obligatory, you need this only for ssh-keygen used for generate host private key

Go library to create/verify armored SSH signatures

Armored ssh signatures in go Package sshsig implements signing/verifying armored SSH signatures. You can use this package to sign data and verify sign

CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network. This is a simple version of user profile using Echo app.
This is a simple version of user profile using Echo app.

Overview It's an API of simple profile to CRUD profile user based on Echo framework. How to run it Run the application using the command in the termin

User enumeration and password bruteforce on Azure, ADFS, OWA, O365 and gather emails on Linkedin
User enumeration and password bruteforce on Azure, ADFS, OWA, O365 and gather emails on Linkedin

goEnumBruteSpray Description Summary The recommended module is o365 for user enumeration and passwords bruteforce / spray . Additional information can

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

cent Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place Inst

Comments
  • Add GitLab SSH Keys

    Add GitLab SSH Keys

    Is your feature request related to a problem? Please describe. Similar to GitHub, it would be great if we could ascertain GitLab ssh keys.

    Describe the solution you'd like

    • Identify keys that are used in GitLab
    • Identify keys that are used in both GitHub and GitLab

    Describe alternatives you've considered Custom python scripts

    Additional context

    needs triage enhancement 
    opened by adam-moss 0
  • Allow easy direct checking of public keys if you have them

    Allow easy direct checking of public keys if you have them

    Security people get a little twitchy with things touching the private keys, it would be great if this supported reading the public keys if someone already has them.

    needs triage enhancement 
    opened by joerocklin 1
PHP functions implementation to Golang. This package is for the Go beginners who have developed PHP code before. You can use PHP like functions in your app, module etc. when you add this module to your project.

PHP Functions for Golang - phpfuncs PHP functions implementation to Golang. This package is for the Go beginners who have developed PHP code before. Y

Serkan Algur 52 Dec 30, 2022
Cloud IP address ranges lookup tool + DNS subdomain enumeration + Certificate Transparency

Cloud edge Lookup an IP to find the cloud provider and other details based on the provider's published JSON data Cloud edge is a recon tool focused on

Jason Ostrom 35 Dec 12, 2022
Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228

log4shell.tools log4shell.tools is a tool allows you to run a test to check whether one of your applications is affected by a vulnerability in log4j:

Alexander Bakker 66 Nov 2, 2022
Program brute forcing the passphrase of a private key

Description This project provide a program brute forcing the passphrase of a private key (EC/RSA). ℹ️ This project was created to allow me to learn th

Dominique RIGHETTO 2 Oct 12, 2022
Ssh-lxd - A proof of concept for an ssh server that spawns a bash session inside a LXD container

SSH LXD A proof of concept for an ssh server that spawns a bash session inside a

Henning Dahlheim 2 Aug 16, 2022
🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures

?? ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures

Batuhan Apaydın 50 Dec 8, 2022
A CLI tool that can be used to disrupt wireless connectivity in your area by jamming all the wireless devices connected to multiple access points.

sig-716i A CLI tool written in Go that can be used to disrupt wireless connectivity in the area accessible to your wireless interface. This tool scans

Narasimha Prasanna HN 73 Oct 14, 2022
An opinionated helper for generating tls certificates

Certificates helper This is an opinionated helper for generating tls certificates. It outputs only in PEM format but this enables you easily generate

Martijn van Maasakkers 25 Dec 17, 2022
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

Easy and Powerful TLS Automation The same library used by the Caddy Web Server Caddy's automagic TLS features—now for your own Go programs—in one powe

Caddy 4.3k Jan 6, 2023
linenoise is a library that generates strings of random characters that can be used as reasonably secure passwords.

linenoise linenoise is a library that generates strings of random characters (herein called a "noise") that can be used as reasonably secure passwords

Mark Cornick 0 Dec 7, 2022