-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.py
More file actions
173 lines (143 loc) · 6.78 KB
/
Copy pathapp.py
File metadata and controls
173 lines (143 loc) · 6.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
from flask import Flask, render_template, request, jsonify, send_file
from password_analyzer import PasswordStrengthAnalyzer
import traceback
import json
import os
from datetime import datetime
import io
app = Flask(__name__)
analyzer = PasswordStrengthAnalyzer()
# Store breach database (expandable)
BREACH_DATABASE = {
'rockyou': ['password', '123456', 'qwerty', 'admin', 'letmein'],
'linkedin': ['linkedin123', 'password2012'],
'adobe': ['adobe123', 'photoshop'],
'haveibeenpwned': [] # Would connect to API in production
}
@app.route('/')
def index():
"""Render the main page"""
return render_template('index.html')
@app.route('/analyze', methods=['POST'])
def analyze_password():
"""API endpoint to analyze password"""
try:
data = request.get_json()
password = data.get('password', '')
if not password:
return jsonify({'error': 'Password cannot be empty'}), 400
# Analyze password
results = analyzer.analyze(password)
if results:
# Add breach database check
breach_results = check_breach_databases(password)
results['breach_check'] = breach_results
response = {
'success': True,
'entropy': results['entropy'],
'crack_time': results['crack_time'],
'strength_rating': results['strength_rating'],
'strength_color': results['strength_color'],
'strength_level': results['strength_level'], # For theme switching
'length_score': results['length']['score'],
'length_message': results['length']['message'],
'variety_score': results['variety']['score'],
'variety_message': results['variety']['message'],
'patterns_score': results['patterns']['score'],
'patterns_message': results['patterns']['message'],
'common_score': results['common']['score'],
'common_message': results['common']['message'],
'suggestions': results['suggestions'],
'total_score': results['total_score'],
'breach_check': breach_results,
'timestamp': datetime.now().isoformat()
}
return jsonify(response)
else:
return jsonify({'error': 'Analysis failed'}), 500
except Exception as e:
print(f"Error: {traceback.format_exc()}")
return jsonify({'error': str(e)}), 500
@app.route('/export-report', methods=['POST'])
def export_report():
"""Export analysis as TXT file"""
try:
data = request.get_json()
report_data = data.get('report', {})
# Generate report content
report_content = generate_report(report_data)
# Create file in memory
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
filename = f"password_audit_{timestamp}.txt"
return send_file(
io.BytesIO(report_content.encode('utf-8')),
mimetype='text/plain',
as_attachment=True,
download_name=filename
)
except Exception as e:
return jsonify({'error': str(e)}), 500
def check_breach_databases(password):
"""Check password against multiple breach databases"""
breaches_found = []
# Check common passwords
if password.lower() in BREACH_DATABASE['rockyou']:
breaches_found.append('RockYou (2009) - 32 million passwords')
# Check pattern-based breaches
if len(password) < 8:
breaches_found.append('Weak Password Pattern - Common in multiple breaches')
if password.isalpha():
breaches_found.append('Letters-only pattern - Found in LinkedIn breach (2012)')
if password.isdigit():
breaches_found.append('Numbers-only pattern - Common in RockYou breach')
# Check for repeated patterns
if len(set(password)) < 3:
breaches_found.append('Low entropy pattern - Present in 95% of breach databases')
return {
'found': len(breaches_found) > 0,
'count': len(breaches_found),
'breaches': breaches_found
}
def generate_report(report_data):
"""Generate formatted report"""
report = f"""
╔══════════════════════════════════════════════════════════════════╗
║ PASSWORD SECURITY AUDIT REPORT ║
║ GENERATED BY ANALYZER v3.0 ║
╚══════════════════════════════════════════════════════════════════╝
[+] SCAN INFORMATION
Date/Time: {report_data.get('timestamp', 'Unknown')}
Analyzer Version: 3.0 (Enhanced Edition)
Security Protocols: ACTIVE
[+] PASSWORD ANALYSIS RESULTS
Strength Rating: {report_data.get('strength_rating', 'Unknown')}
Entropy: {report_data.get('entropy', 0)} bits
Estimated Crack Time: {report_data.get('crack_time', 'Unknown')}
Security Score: {report_data.get('total_score', 0)}/12
[+] DETAILED BREAKDOWN
Length Check: {report_data.get('length_message', 'N/A')}
Character Variety: {report_data.get('variety_message', 'N/A')}
Pattern Analysis: {report_data.get('patterns_message', 'N/A')}
Common Password: {report_data.get('common_message', 'N/A')}
[+] BREACH DATABASE CHECK
Breaches Found: {report_data.get('breach_count', 0)}
{chr(10).join([' • ' + b for b in report_data.get('breaches', [])]) if report_data.get('breaches') else ' • No known breaches detected'}
[+] SECURITY RECOMMENDATIONS
{chr(10).join([' • ' + s for s in report_data.get('suggestions', [])])}
[+] CLASSIFICATION
This password is considered: {report_data.get('strength_rating', 'Unknown')}
Next Steps:
• {'Immediately change this password' if report_data.get('strength_level') in ['CRITICAL', 'WEAK'] else 'Monitor this password regularly'}
• Enable 2FA on associated accounts
• Never reuse this password across multiple services
[+] REPORT FOOTER
This report was generated automatically. Keep it secure.
═══════════════════════════════════════════════════════════════
END OF REPORT
"""
return report
if __name__ == '__main__':
print("🔐 Starting Enhanced Password Strength Analyzer...")
print("🌐 Open: http://127.0.0.1:5000")
print("🎨 Theme: Dynamic (Amber → Green → Red based on password strength)")
app.run(debug=True, host='127.0.0.1', port=5000)