Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.

Driftwood

CI Status Go Report Card Docker Hub Build Status GitHub

Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.

Driftwood performs lookups with the computed public key, so the private key never leaves where you run the tool. Additionally it supports some basic password cracking for encrypted keys.

Driftwood in action

Installation

Three easy ways to get started.

Run with Docker

cat private.key | docker run --rm -i trufflesecurity/driftwood --pretty-json -

Run pre-built binary

Download the binary from the releases page and run it.

Build yourself

go install github.com/trufflesecurity/driftwood@latest

Usage

Minimal usage is

$ driftwood path/to/privatekey.pem

Run with --help to see more options.

Library Usage

Packages under pkg/ are libraries that can be used for external consumption. Packages under pkg/exp/ are considered to be experimental status and may have breaking changes.

Owner
Truffle Security
Truffle Security
https://github.com/trufflesecurity/driftwood https://trufflesecurity.com
Similar Resources

🌰 encrypt/decrypt using ssh keys

ssh-vault 🌰 encrypt/decrypt using ssh private keys Documentation https://ssh-vault.com Usage $ ssh-vault -h Example: $ echo "secret" | ssh-vault -u

Dec 30, 2022

Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。

Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。

Ladon Scanner For Golang Wiki http://k8gege.org/Ladon/LadonGo.html 简介 LadonGo一款开源内网渗透扫描器框架,使用它可轻松一键探测C段、B段、A段存活主机、指纹识别、端口扫描、密码爆破、远程执行、高危漏洞检测等。3.6版本包含2

Jan 6, 2023

Convert SSH Ed25519 keys to age keys. This is useful for usage in sops-nix and sops

ssh-to-age Convert SSH Ed25519 keys to age keys. This is useful for usage in sops-nix and sops Usage Exports the private key: $ ssh-to-age -private-ke

Dec 21, 2022

A Simple SSH Honeypot in Go

ssh-honeypot-go Dependencies: gliderlabs/ssh notify-send openssh (not obligatory, you need this only for ssh-keygen used for generate host private key

Sep 14, 2022

Go library to create/verify armored SSH signatures

Armored ssh signatures in go Package sshsig implements signing/verifying armored SSH signatures. You can use this package to sign data and verify sign

Sep 18, 2022

CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network.

CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network.

📚 Documentation 💠 Configuration Hub 💬 Discourse (Forum) 💬 Gitter (Live chat) 💃 This is a community driven project, we need your feedback. TL;DR

Jan 5, 2023

This is a simple version of user profile using Echo app.

This is a simple version of user profile using Echo app.

Overview It's an API of simple profile to CRUD profile user based on Echo framework. How to run it Run the application using the command in the termin

Nov 3, 2021

User enumeration and password bruteforce on Azure, ADFS, OWA, O365 and gather emails on Linkedin

User enumeration and password bruteforce on Azure, ADFS, OWA, O365 and gather emails on Linkedin

goEnumBruteSpray Description Summary The recommended module is o365 for user enumeration and passwords bruteforce / spray . Additional information can

Dec 25, 2022

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

cent Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place Inst

Jan 9, 2023
Comments
  • Add GitLab SSH Keys

    Add GitLab SSH Keys

    Is your feature request related to a problem? Please describe. Similar to GitHub, it would be great if we could ascertain GitLab ssh keys.

    Describe the solution you'd like

    • Identify keys that are used in GitLab
    • Identify keys that are used in both GitHub and GitLab

    Describe alternatives you've considered Custom python scripts

    Additional context

  • Allow easy direct checking of public keys if you have them

    Allow easy direct checking of public keys if you have them

    Security people get a little twitchy with things touching the private keys, it would be great if this supported reading the public keys if someone already has them.

Related tags
Security credentials secret secret-management trufflehog
PHP functions implementation to Golang. This package is for the Go beginners who have developed PHP code before. You can use PHP like functions in your app, module etc. when you add this module to your project.

PHP Functions for Golang - phpfuncs PHP functions implementation to Golang. This package is for the Go beginners who have developed PHP code before. Y

Dec 30, 2022
Cloud IP address ranges lookup tool + DNS subdomain enumeration + Certificate Transparency
 Cloud IP address ranges lookup tool + DNS subdomain enumeration + Certificate Transparency

Cloud edge Lookup an IP to find the cloud provider and other details based on the provider's published JSON data Cloud edge is a recon tool focused on

Dec 12, 2022
Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228
 Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228

log4shell.tools log4shell.tools is a tool allows you to run a test to check whether one of your applications is affected by a vulnerability in log4j:

Nov 2, 2022
Program brute forcing the passphrase of a private key

Description This project provide a program brute forcing the passphrase of a private key (EC/RSA). ℹ️ This project was created to allow me to learn th

Oct 12, 2022
Ssh-lxd - A proof of concept for an ssh server that spawns a bash session inside a LXD container

SSH LXD A proof of concept for an ssh server that spawns a bash session inside a

Aug 16, 2022
🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures

?? ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures

Dec 8, 2022
A CLI tool that can be used to disrupt wireless connectivity in your area by jamming all the wireless devices connected to multiple access points.

sig-716i A CLI tool written in Go that can be used to disrupt wireless connectivity in the area accessible to your wireless interface. This tool scans

Oct 14, 2022
linenoise is a library that generates strings of random characters that can be used as reasonably secure passwords.

linenoise linenoise is a library that generates strings of random characters (herein called a "noise") that can be used as reasonably secure passwords

Dec 7, 2022
An opinionated helper for generating tls certificates

Certificates helper This is an opinionated helper for generating tls certificates. It outputs only in PEM format but this enables you easily generate

Dec 17, 2022
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
 Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

Easy and Powerful TLS Automation The same library used by the Caddy Web Server Caddy's automagic TLS features—now for your own Go programs—in one powe

Jan 6, 2023