Credential Harvester enhancement

trustedsec / social-engineer-toolkit

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

10.52k stars 2.71k forks source link

Credential Harvester enhancement #28

Closed powderspecial600 closed 10 years ago

powderspecial600 commented 10 years ago

Would it be possible to not capture the password, but just the username when running the credential harvester? Up to this point I have been able to modify the python script to accomplish this, but would rather it be an option in the config. That way the python script doesn't need to be modified upon new releases.

trustedsec commented 10 years ago

Thanks for the recommendation, I've added a new set_config option called HARVESTER_LOG_PASSWORDS, can turn this off to disable password capturing. Should be committed as soon as I'm done with 5.3.4

powderspecial600 commented 10 years ago

Thanks, this will help pentesters ease the minds of their legal teams.