Keepass-password-dumper Alternatives

Similar projects and alternatives to keepass-password-dumper

keepassxc

513 19,312 8.9 C++ keepass-password-dumper VS keepassxc

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
security-txt

9 1,738 10.0 HTML keepass-password-dumper VS security-txt

A proposed standard that allows websites to define security policies.
InfluxDB

www.influxdata.com featured

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better keepass-password-dumper alternative or higher similarity.

Suggest an alternative to keepass-password-dumper

keepass-password-dumper reviews and mentions

Posts with mentions or reviews of keepass-password-dumper. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-05-16.

HackTheBox - Writeup Keeper [Retired]
1 project | dev.to | 23 Apr 2024
KeePass Memory Leakage Vulnerability Analysis - CVE-2023-32784
1 project | /r/cyberion | 11 Oct 2023

1 project | dev.to | 9 Oct 2023
/keepass-password-dumper: Original PoC for CVE-2023-32784
1 project | /r/blueteamsec | 21 May 2023
KeePass 2.X Master Password Dumper (CVE-2023-32784)
1 project | /r/homelab | 21 May 2023

1 project | news.ycombinator.com | 18 May 2023
KeePass 2.X Master Password Dumper
1 project | news.ycombinator.com | 19 May 2023
KeePass exploit helps retrieve cleartext master password
1 project | news.ycombinator.com | 18 May 2023

The POC[0] doesn't quite match the CVE description (a rare case of the CVE sounding better), but it looks like KeePass basically is acting as a keylogger due to use of a UI control where every character typed is stored in memory. Your KeePass master password is likely already in your swap/hibernation files.
The master password can be recovered even after KeePass was running.
"No code execution on the target system is required, just a memory dump. It doesn't matter where the memory comes from - can be the process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys) or RAM dump of the entire system. It doesn't matter whether or not the workspace is locked. It is also possible to dump the password from RAM after KeePass is no longer running, although the chance of that working goes down with the time it's been since then."
[0]: https://github.com/vdohney/keepass-password-dumper
Keepass 0day poc released on the public. Fullname: “Keepass-password-dumper” bot
1 project | /r/Malware | 18 May 2023
GitHub - vdohney/keepass-password-dumper
1 project | /r/netsec | 17 May 2023
A note from our sponsor - InfluxDB
www.influxdata.com | 5 May 2024

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Stats

Basic keepass-password-dumper repo stats

Mentions

Stars

618

Activity

6.1

Last Commit

9 months ago

vdohney/keepass-password-dumper is an open source project licensed under MIT License which is an OSI approved license.

The primary programming language of keepass-password-dumper is C#.

Popular Comparisons