The latest articles on Forem by Mmdrza (@mr1mmdrza). https://forem.com/mr1mmdrza https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1875138%2Feb053953-98a7-4a3b-a904-0f13aa39ad48.jpg https://forem.com/mr1mmdrza en Mmdrza Tue, 30 Dec 2025 23:14:19 +0000 https://forem.com/mr1mmdrza/spyhunt-3ll8 https://forem.com/mr1mmdrza/spyhunt-3ll8 <p>SpyHunt v4.0: A comprehensive Network Scanner &amp; Vulnerability Assessment tool. Automate OSINT, Reconnaissance, and Bug Bounty hunting with advanced scanners (XXE, SSRF, SSTI, SQLi) plus Nuclei &amp; Shodan integration. (Fork from @gotr00t0day) </p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2FPymmdrza%2FSpyHunt%2Frefs%2Fheads%2Fmain%2F.github%2FSpyHunt_Main_Banner.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2FPymmdrza%2FSpyHunt%2Frefs%2Fheads%2Fmain%2F.github%2FSpyHunt_Main_Banner.png" title="SpyHunt" alt="SpyHunt" width="800" height="165"></a></p> <p><strong>SpyHunt v4.0 (Security Hardened)</strong> - A comprehensive network scanning and vulnerability assessment tool designed for security professionals and penetration testers. This tool performs comprehensive reconnaissance and vulnerability assessment on target networks and web applications, combining multiple scanning techniques with various external tools to provide extensive security intelligence.</p> <h2> 🆕 What's New in v4.0 </h2> <h3> <strong>5 New Advanced Vulnerability Scanners</strong> </h3> <ul> <li>✅ <strong>XXE Scanner</strong> - XML External Entity injection detection</li> <li>✅ <strong>SSRF Scanner</strong> - Server-Side Request Forgery detection </li> <li>✅ <strong>SSTI Scanner</strong> - Server-Side Template Injection (Jinja2, Twig, Freemarker, Velocity, ERB, Smarty)</li> <li>✅ <strong>NoSQL Injection Scanner</strong> - MongoDB and CouchDB injection detection</li> <li>✅ <strong>CRLF Scanner</strong> - HTTP header injection detection</li> </ul> <h3> <strong>Security Enhancements</strong> </h3> <ul> <li>✅ <strong>Command Injection Protection</strong> - Secure command execution prevents shell injection attacks</li> <li>✅ <strong>SSL Verification Control</strong> - SSL certificate verification enabled by default (use <code>--insecure</code> to disable)</li> <li>✅ <strong>Structured Logging</strong> - All operations logged to <code>spyhunt.log</code> with rotation</li> <li>✅ <strong>Input Validation</strong> - Comprehensive validation prevents injection attacks</li> <li>✅ <strong>HTTP Session Management</strong> - Connection pooling and automatic retries for better performance</li> </ul> <h2> Here's a high-level overview of its functionality </h2> <ol> <li><p>It imports various libraries for network operations, web scraping, and parallel processing.</p></li> <li><p>The script defines a colorful banner and sets up command-line argument parsing for different scanning options.</p></li> <li><p>It includes multiple scanning functions for different purposes:</p></li> </ol> <p><strong>🆕 Advanced Vulnerability Scanners (v4.0)</strong></p> <ul> <li> <strong>XXE (XML External Entity) Injection</strong> - File disclosure, SSRF via XXE, AWS metadata exposure</li> <li> <strong>SSRF (Server-Side Request Forgery)</strong> - Internal network probing, cloud metadata endpoints, bypass techniques</li> <li> <strong>SSTI (Server-Side Template Injection)</strong> - Jinja2, Twig, Freemarker, Velocity, ERB, Smarty detection</li> <li> <strong>NoSQL Injection</strong> - MongoDB and CouchDB authentication bypass and injection</li> <li> <strong>CRLF Injection</strong> - HTTP header injection, response smuggling, XSS via CRLF</li> </ul> <p><strong>Reconnaissance &amp; Information Gathering</strong></p> <ul> <li>Subdomain enumeration</li> <li>Technology detection</li> <li>DNS record scanning</li> <li>Web crawling and URL extraction</li> <li>Favicon hash calculation</li> <li>IP address extraction</li> <li>Domain information gathering</li> <li>Shodan integration for additional recon</li> <li>Network vulnerability analysis</li> <li>Wayback machine URL retrieval</li> <li>JavaScript file discovery</li> <li>Port Scanning &amp; CIDR Notation Scanning</li> </ul> <p><strong>Vulnerability Detection</strong></p> <ul> <li>SQL Injection</li> <li>XSS (Cross-Site Scripting)</li> <li>Host header injection testing</li> <li>CORS misconfiguration</li> <li>HTTP request smuggling detection</li> <li>Subdomain Takeover</li> <li>Open Redirect</li> <li>Directory Traversal</li> <li>Local File Inclusion (LFI) scanning with Nuclei</li> <li>403 Forbidden bypass attempts</li> <li>Security header analysis</li> <li>JSON Web Token vulnerabilities</li> <li>Heap dump analysis</li> <li>DNS zone transfer</li> </ul> <p><strong>Fuzzing &amp; Brute Forcing</strong></p> <ul> <li>Directory and file brute-forcing</li> <li>API endpoint fuzzing</li> <li>Parameter mining</li> <li>Login form brute-forcing</li> <li>FTP brute-forcing with proxy support</li> <li>SMB password spraying</li> </ul> <p><strong>Cloud Security</strong></p> <ul> <li>AWS S3 Bucket Enumeration</li> <li>Azure resource scanning</li> <li>GCP Storage scanning</li> </ul> <p><strong>Other Features</strong></p> <ul> <li>Custom Headers</li> <li>Google dorking</li> <li>Broken link checking</li> <li>Auto Recon</li> <li>JavaScript file scanning for sensitive info</li> <li>Web Server Detection</li> </ul> <ol> <li><p>The script uses multithreading and multiprocessing to perform scans efficiently.</p></li> <li><p>It includes options to save results to files and customize scan parameters.</p></li> <li><p>The tool integrates with external tools and APIs like Shodan, Nmap, and various web-based services.</p></li> <li><p>It implements various techniques to bypass restrictions and discover vulnerabilities.</p></li> <li><p>The script includes a CIDR notation scanner for port scanning across IP ranges.</p></li> </ol> <h2> INSTALLATION </h2> <h3> Quick Installation (Recommended) </h3> <h4> Linux / macOS / WSL </h4> <h4> Install With CURL </h4> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>curl -sSL https://raw.githubusercontent.com/Pymmdrza/SpyHunt/main/install.sh | bash </code></pre> </div> <h4> Install With wget </h4> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>wget -qO- https://raw.githubusercontent.com/Pymmdrza/SpyHunt/main/install.sh | bash </code></pre> </div> <h4> Install With pip </h4> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>curl -sSL https://raw.githubusercontent.com/Pymmdrza/SpyHunt/main/install.sh | bash -s -- --pip </code></pre> </div> <h4> Install virtual environment </h4> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>curl -sSL https://raw.githubusercontent.com/Pymmdrza/SpyHunt/main/install.sh | bash -s -- --venv </code></pre> </div> <h3> Windows (Powershell) </h3> <h4> Method 1 </h4> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>irm https://raw.githubusercontent.com/Pymmdrza/SpyHunt/refs/heads/main/install.ps1 | iex </code></pre> </div> <h4> Method 2 </h4> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Invoke-WebRequest -Uri "https://raw.githubusercontent.com/Pymmdrza/SpyHunt/refs/heads/main/install.ps1" -OutFile "install.ps1" .\install.ps1 </code></pre> </div> <h4> Method Bypass </h4> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Set-ExecutionPolicy Bypass -Scope Process -Force; irm https://raw.githubusercontent.com/Pymmdrza/SpyHunt/refs/heads/main/install.ps1 | iex </code></pre> </div> <p>Install directly from PyPI using pip:</p> <blockquote> <p>[!NOTE]<br> If Not Install <code>pip</code> (root) :</p> <pre class="highlight shell"><code> apt update&amp;&amp;apt upgrade <span class="nt">-y</span><span class="o">&amp;&amp;</span>apt <span class="nb">install</span> <span class="nt">-y</span> python3-pip </code></pre> </blockquote> <h3> Linux Distributions: </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip3 <span class="nb">install </span>spyhunt </code></pre> </div> <p>Upgrade Package :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip <span class="nb">install</span> <span class="nt">--upgrade</span> spyhunt </code></pre> </div> <p>Install with <code>--break-system-packages</code> without env in root:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>sudo pip install spyhunt --break-system-packages </code></pre> </div> <p>After installation, you can run SpyHunt from anywhere:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>spyhunt <span class="nt">--help</span> </code></pre> </div> <h2> Manual Installation (Development) </h2> <p>For development or if you want to modify the code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/Pymmdrza/spyhunt.git <span class="nb">cd </span>spyhunt pip3 <span class="nb">install</span> <span class="nt">-r</span> requirements.txt <span class="nb">sudo </span>python3 install.py </code></pre> </div> <p><strong>Note:</strong> The <code>install.py</code> script installs external dependencies like nuclei, subfinder, and other tools required for full functionality.</p> <h2> USAGE </h2> <p>After installing via pip, you can use SpyHunt from anywhere:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>spyhunt <span class="o">[</span>options] </code></pre> </div> <p>For detailed help:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>spyhunt <span class="nt">--help</span> </code></pre> </div> <h2> Command Line Options </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> usage: spyhunt [-h] [-sv filename.txt | -wl filename.txt] [-th 25] [-s domain.com] [-d domains.txt] [-p domains.txt] [-r domains.txt] [-b domains.txt] [-pspider domain.com] [-w https://domain.com] [-j domain.com] [-wc https://domain.com] [-fi https://domain.com] [-fm https://domain.com] [-na https://domain.com] [-ri IP] [-rim IP] [-sc domain.com] [-ph domain.txt] [-co domains.txt] [-hh domain.com] [-sh domain.com] [-ed domain.com] [-smu domain.com] [-ips domain list] [-dinfo domain list] [-isubs domain list] [-nft domains.txt] [-n domain.com or IP] [-api domain.com] [-sho domain.com] [-fp domain.com] [-db domain.com] [-cidr IP/24] [-ps 80,443,8443] [-pai IP/24] [-xss https://example.com/page?param=value] [-sqli https://example.com/page?param=value] [-shodan KEY] [-webserver domain.com] [-javascript domain.com] [-dp DEPTH] [-je file.txt] [-hibp password] [-pm domain.com] [-ch domain.com] [-or domain.com] [-asn AS55555] [-st subdomains.txt] [-ar domain.com] [-jwt token] [-jwt-modify token] [-heapds heapdump.txt] [-heapts domain.com] [-f_p domain.com] [-nl] [-nc domain.com] [-nct template.yaml] [-v] [-c CONCURRENCY] [-gs] [-e EXTENSIONS] [-x EXCLUDE] [-u] [--shodan-api SHODAN_API] [--proxy PROXY] [--proxy-file PROXY_FILE] [--heapdump HEAPDUMP] [--output-dir OUTPUT_DIR] [-aws domain.com] [-az domain.com] [--s3-scan S3_SCAN] [-gcp domain.com] [-zt domain.com] [-ssrfp domains.txt] [--ipinfo TARGET] [--token TOKEN] [--save-ranges FILENAME] [--forbidden_domains FORBIDDEN_DOMAINS] [--brute-user-pass domain.com] [--username_wordlist domain.com] [--password_wordlist domain.com] [-fs HOST[:PORT]] [--ftp-userlist users.txt] [--ftp-passlist passwords.txt] [--ftp-proxylist proxies.txt] [--smb_scan] [--smb_auto] [--spray-userlist SPRAY_USERLIST] [--spray-passlist SPRAY_PASSLIST] [--spray-password SPRAY_PASSWORD] [--smb-target SMB_TARGET] [--smb-user SMB_USER] [--smb-pass SMB_PASS] [--smb-domain SMB_DOMAIN] options: -h, --help show this help message and exit -sv, --save filename.txt save output to file -wl, --wordlist filename.txt wordlist to use -th, --threads 25 default 25 -p, --probe domains.txt probe domains. -r, --redirects domains.txt links getting redirected -fi, --favicon https://domain.com get favicon hashes -fm, --faviconmulti https://domain.com get favicon hashes -ri, --reverseip IP reverse ip lookup -rim, --reverseipmulti IP reverse ip lookup for multiple ips -sc, --statuscode domain.com statuscode -sh, --securityheaders domain.com scan for security headers -ed, --enumeratedomain domain.com enumerate domains -isubs, --importantsubdomains domain list extract interesting subdomains from a list like dev, admin, test and etc.. -webserver, --webserver_scan domain.com webserver scan -v, --verbose Increase output verbosity -c, --concurrency CONCURRENCY Maximum number of concurrent requests --shodan-api SHODAN_API Shodan API key for subdomain enumeration --proxy PROXY Use a proxy (e.g., http://proxy.com:8080) --proxy-file PROXY_FILE Load proxies from file --heapdump HEAPDUMP Analyze Java heapdump file --output-dir OUTPUT_DIR Output directory --forbidden_domains FORBIDDEN_DOMAINS File containing list of domains to scan for forbidden bypass Update: -u, --update Update the script Nuclei Scans: -nl, --nuclei_lfi Find Local File Inclusion with nuclei -nc, --nuclei domain.com scan nuclei on a target -nct, --nuclei_template template.yaml use a nuclei template Vulnerability: 🆕 ADVANCED SCANNERS (v4.0): --xxe, --xxe_scan https://example.com/api/xml Scan for XXE (XML External Entity) vulnerabilities --ssrf, --ssrf_scan https://example.com/api?url=test Scan for SSRF (Server-Side Request Forgery) vulnerabilities --ssti, --ssti_scan https://example.com/page?template=test Scan for SSTI (Server-Side Template Injection) vulnerabilities --nosqli, --nosql_scan https://example.com/api?id=test Scan for NoSQL injection vulnerabilities --crlf, --crlf_scan https://example.com/redirect?url=test Scan for CRLF injection vulnerabilities --callback-url http://your-server.com Callback URL for out-of-band vulnerability testing STANDARD SCANNERS: -b, --brokenlinks domains.txt search for broken links -ph, --pathhunt domain.txt check for directory traversal -co, --corsmisconfig domains.txt cors misconfiguration -hh, --hostheaderinjection domain.com host header injection -smu, --smuggler domain.com enumerate domains -fp, --forbiddenpass domain.com Bypass 403 forbidden -xss, --xss_scan https://example.com/page?param=value scan for XSS vulnerabilities -sqli, --sqli_scan https://example.com/page?param=value scan for SQLi vulnerabilities -or, --openredirect domain.com open redirect -st, --subdomaintakeover subdomains.txt subdomain takeover -jwt, --jwt_scan token analyze JWT token for vulnerabilities -jwt-modify, --jwt_modify token modify JWT token -heapds, --heapdump_file heapdump.txt file for heapdump scan -heapts, --heapdump_target domain.com target for heapdump scan -zt, --zone-transfer domain.com Test for DNS zone transfer vulnerability -ssrfp, --ssrfparams domains.txt Get SSRF parameters from a list of domains Security Options: --insecure Disable SSL certificate verification (insecure, not recommended) Crawlers: -pspider, --paramspider domain.com extract parameters from a domain -w, --waybackurls https://domain.com scan for waybackurls -j domain.com find javascript files -wc, --webcrawler https://domain.com scan for urls and js files -javascript, --javascript_scan domain.com scan for sensitive info in javascript files -dp, --depth DEPTH Crawling depth (default: 2) -je, --javascript_endpoints file.txt extract javascript endpoints -hibp, --haveibeenpwned password check if the password has been pwned Passive Recon: -s domain.com scan for subdomains -d, --dns domains.txt scan a list of domains for dns records -na, --networkanalyzer https://domain.com net analyzer -ips, --ipaddresses domain list get the ips from a list of domains -dinfo, --domaininfo domain list get domain information like codes,server,content length -sho, --shodan_ domain.com Recon with shodan -shodan, --shodan_api KEY shodan api key -gs, --google Google Search Fuzzing: -nft, --not_found domains.txt check for 404 status code -api, --api_fuzzer domain.com Look for API endpoints -db, --directorybrute domain.com Brute force filenames and directories -pm, --param_miner domain.com param miner -ch, --custom_headers domain.com custom headers -asn, --automoussystemnumber AS55555 asn -ar, --autorecon domain.com auto recon -f_p, --forbidden_pages domain.com forbidden pages -e, --extensions EXTENSIONS Comma-separated list of file extensions to scan -x, --exclude EXCLUDE Comma-separated list of status codes to exclude Port Scanning: -n, --nmap domain.com or IP Scan a target with nmap -cidr, --cidr_notation IP/24 Scan an ip range to find assets and services -ps, --ports 80,443,8443 Port numbers to scan -pai, --print_all_ips IP/24 Print all ips Bruteforcing: --brute-user-pass domain.com Bruteforcing username and password input fields --username_wordlist domain.com Bruteforcing username and password input fields --password_wordlist domain.com Bruteforcing username and password input fields FTP Scanning: -fs, --ftp_scan HOST[:PORT] FTP server to scan (e.g., host or host:port) --ftp-userlist users.txt Path to a custom username list for FTP bruteforcing --ftp-passlist passwords.txt Path to a custom password list for FTP bruteforcing --ftp-proxylist proxies.txt Path to a proxy list for FTP bruteforcing (format: socks5://host:port, socks4://host:port, http://host:port, or just IP:PORT for SOCKS5; only working proxies will be used automatically) Cloud Security: -aws, --aws-scan domain.com Scan for exposed AWS resources -az, --azure-scan domain.com Scan for exposed Azure resources --s3-scan S3_SCAN Scan for exposed S3 buckets -gcp, --gcp-scan domain.com Scan for exposed GCP Storage resources IP Information: --ipinfo TARGET Get IP info for a company domain/IP --token TOKEN IPinfo API token --save-ranges FILENAME Save IP ranges to file SMB Automated Pentest: --smb_scan Run SMB scan --smb_auto Run automated SMB pentest --spray-userlist SPRAY_USERLIST User list for password spraying --spray-passlist SPRAY_PASSLIST Password list for password spraying --spray-password SPRAY_PASSWORD Single password to test against userlist --smb-target SMB_TARGET Target IP or hostname for SMB automation --smb-user SMB_USER Username for credential testing --smb-pass SMB_PASS Password for credential testing --smb-domain SMB_DOMAIN Domain for credential testing </code></pre> </div> <h2> EXAMPLE </h2> <h3> Scan for subdomains and save the output to a file. </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -s yahoo.com --save filename.txt </code></pre> </div> <h3> Scan for subdomains but also extract subdomains from shodan </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -s yahoo.com --shodan API_KEY --save filename.txt </code></pre> </div> <h3> Scan a file of domains to extract subdomains </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -s domains.txt --save filename.txt </code></pre> </div> <h3> Scan for javascript files </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -j yahoo.com --depth 4 --save jsfiles.txt -c 20 </code></pre> </div> <h3> Scan for dns records </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -d domains.txt </code></pre> </div> <h3> Scan for FavIcon hashes </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -fi domain.com </code></pre> </div> <h3> Web Crawler </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -wc [https://www.domain.com](https://www.domain.com) </code></pre> </div> <h3> Web Crawler with depth </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -wc [https://www.domain.com](https://www.domain.com) --depth 5 </code></pre> </div> <h3> Broken Links </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -b [https://www.domain.com](https://www.domain.com) </code></pre> </div> <h3> Cors Misconfiguration Scan </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -co domains.txt </code></pre> </div> <h3> Host Header Injection </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -hh domains.txt </code></pre> </div> <h3> Host Header Injection With proxy </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -hh domains.txt --proxy [http://proxy.com:8080](http://proxy.com:8080) </code></pre> </div> <h3> Directory Brute Forcing </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --directorybrute domain.com --wordlist list.txt --threads 50 -e php,txt,html -x 404,403 </code></pre> </div> <h3> Directory Brute Forcing with no extensions </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --directorybrute domain.com --wordlist list.txt --threads 50 -x 404,403 </code></pre> </div> <h3> Scanning a subnet </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --cidr_notation IP/24 --ports 80,443 --threads 200 </code></pre> </div> <h3> Directory Traversal </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -ph domain.com?id= </code></pre> </div> <h3> sql injection </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -sqli domain.com?id=1 </code></pre> </div> <h3> xss </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -xss domain.com?id=1 </code></pre> </div> <h3> JavaScript file scanning for sensitive info </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -javascript domain.com </code></pre> </div> <h3> Javascript endpoint fuzzing </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -javascript_endpoint domains.txt -c 20 --save filename.txt </code></pre> </div> <h3> Modify the headers of the request </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -ch domain.com </code></pre> </div> <h3> Parameter bruteforcing </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -pf domain.com </code></pre> </div> <h3> Open Redirect </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -or domain.com -v -c 50 </code></pre> </div> <h3> Haveibeenpwned </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -hibp password </code></pre> </div> <h3> Subdomain Takeover </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -st domains.txt --save vuln_subs.txt -c 50 </code></pre> </div> <h3> Auto Recon </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -ar domain.com </code></pre> </div> <h3> JSON Web Token </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -jwt Token </code></pre> </div> <h3> JSON Web Token Modification </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -jwt-modify Token </code></pre> </div> <h3> AWS S3 Bucket Enumeration </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --s3-scan bucket.com </code></pre> </div> <h3> Heap Dump Analysis </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --heapdump heapdump_file </code></pre> </div> <h3> Spring Boot Actuator Scan </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --heapdump_target domain.com </code></pre> </div> <h3> Heap Dump Scan with file </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --heapdump_file heapdump.txt </code></pre> </div> <h3> Cloud Aws Scan </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --aws_scan domain.com </code></pre> </div> <h3> Cloud Azure Scan </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --azure_scan domain.com </code></pre> </div> <h3> Checks for 403 forbidden domains and saves it to a file </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --forbidden_pages domains.txt </code></pre> </div> <h3> Scan a list of domains to bypass 403 forbidden </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --forbidden_domains domains.txt </code></pre> </div> <h3> Scan google storage </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --gcp-scan domain.com </code></pre> </div> <h3> Brute Forcing Login Forms With Proxies </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --brute-user-pass [domain.com/login](https://domain.com/login) --username_wordlist usernames --password_wordlist passwords --proxy-file proxies.txt --verbose </code></pre> </div> <h3> Brute Forcing Login Forms Witout Proxies </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --brute-user-pass [domain.com/login](https://domain.com/login) --username_wordlist usernames --password_wordlist passwords --verbose </code></pre> </div> <h3> Nuclei Scan </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --nuclei domain.com --nuclei-template nuclei-templates/cves/CVE-2024-22208.yaml </code></pre> </div> <h3> SSRF Params </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --ssrfparams links.txt </code></pre> </div> <h3> FTP Scan </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -fs domain.com </code></pre> </div> <h3> FTP Scan with a port </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -fs domain.com:2121 </code></pre> </div> <h3> FTP Scan with userlist and passlist </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt -fs domain.com --ftp-userlist usernames.txt --ftp-passlist passwords.txt </code></pre> </div> <h3> SMB Automated Pentest (Anonymous, Blank Creds, RID Brute) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --smb_auto --smb-target 10.129.228.111 </code></pre> </div> <h3> SMB Pentest with Specific Credentials </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --smb_auto --smb-target 10.129.228.111 --smb-user mhope --smb-pass "" </code></pre> </div> <h3> SMB Pentest with Domain Credentials </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --smb_auto --smb-target 10.129.228.111 --smb-user mhope --smb-pass "" --smb-domain megabank.local </code></pre> </div> <h3> SMB Password Spraying with User and Password Lists </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --smb_auto --smb-target 10.129.228.111 --spray-userlist users.txt --spray-passlist passwords.txt </code></pre> </div> <h3> SMB Password Spraying with Single Password </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --smb_auto --smb-target 10.129.228.111 --spray-userlist users.txt --spray-password "Password1" </code></pre> </div> <h3> SMB Full Pentest (Credentials + Password Spray) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>spyhunt --smb_auto --smb-target 10.129.228.111 --smb-user mhope --smb-pass "" --spray-userlist users.txt --spray-password "Welcome1" </code></pre> </div> <h2> 🆕 New Advanced Vulnerability Scanners (v4.0) </h2> <h3> XXE (XML External Entity) Scanner </h3> <p>Test for XXE vulnerabilities in XML endpoints:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Basic XXE scan</span> spyhunt <span class="nt">--xxe</span> https://example.com/api/xml <span class="c"># With custom callback URL for out-of-band detection</span> spyhunt <span class="nt">--xxe</span> https://example.com/api/xml <span class="nt">--callback-url</span> http://your-server.com <span class="c"># Save results to file</span> spyhunt <span class="nt">--xxe</span> https://example.com/api/xml <span class="nt">--save</span> xxe_results.json <span class="c"># With verbose logging</span> spyhunt <span class="nt">--xxe</span> https://example.com/api/xml <span class="nt">-v</span> </code></pre> </div> <p><strong>What it detects:</strong></p> <ul> <li>Classic XXE with callback</li> <li>Blind XXE</li> <li>File disclosure (Linux: <code>/etc/passwd</code>, Windows: <code>win.ini</code>)</li> <li>SSRF via XXE</li> <li>AWS metadata exposure</li> </ul> <h3> SSRF (Server-Side Request Forgery) Scanner </h3> <p>Test for SSRF vulnerabilities:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Basic SSRF scan</span> spyhunt <span class="nt">--ssrf</span> <span class="s2">"https://example.com/api?url=test"</span> <span class="c"># With callback domain</span> spyhunt <span class="nt">--ssrf</span> <span class="s2">"https://example.com/api?url=test"</span> <span class="nt">--callback-url</span> http://your-domain.com <span class="c"># Save results</span> spyhunt <span class="nt">--ssrf</span> <span class="s2">"https://example.com/fetch?url=test"</span> <span class="nt">--save</span> ssrf_results.json </code></pre> </div> <p><strong>What it detects:</strong></p> <ul> <li>Internal network access (127.0.0.1, localhost, 0.0.0.0)</li> <li>Cloud metadata endpoints (AWS, GCP, Azure, DigitalOcean, Oracle)</li> <li>Bypass techniques (octal, hex, decimal encoding, DNS rebinding)</li> <li>File disclosure via <code>file://</code> protocol</li> <li>Port scanning via SSRF</li> </ul> <h3> SSTI (Server-Side Template Injection) Scanner </h3> <p>Test for template injection vulnerabilities:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Basic SSTI scan</span> spyhunt <span class="nt">--ssti</span> <span class="s2">"https://example.com/page?template=test"</span> <span class="c"># Multiple parameters</span> spyhunt <span class="nt">--ssti</span> <span class="s2">"https://example.com/render?name=test&amp;title=hello"</span> <span class="c"># Save results</span> spyhunt <span class="nt">--ssti</span> <span class="s2">"https://example.com/view?template=test"</span> <span class="nt">--save</span> ssti_results.json </code></pre> </div> <p><strong>Template engines detected:</strong></p> <ul> <li>Jinja2 (Python/Flask)</li> <li>Twig (PHP/Symfony)</li> <li>Freemarker (Java)</li> <li>Velocity (Java)</li> <li>ERB (Ruby/Rails)</li> <li>Smarty (PHP)</li> </ul> <h3> NoSQL Injection Scanner </h3> <p>Test for NoSQL injection in MongoDB and CouchDB:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Basic NoSQL injection scan</span> spyhunt <span class="nt">--nosqli</span> <span class="s2">"https://example.com/api?id=test"</span> <span class="c"># User authentication endpoint</span> spyhunt <span class="nt">--nosqli</span> <span class="s2">"https://example.com/api/login?username=test&amp;password=test"</span> <span class="c"># Save results</span> spyhunt <span class="nt">--nosqli</span> <span class="s2">"https://example.com/api/users?id=test"</span> <span class="nt">--save</span> nosql_results.json </code></pre> </div> <p><strong>What it detects:</strong></p> <ul> <li>Authentication bypass</li> <li>Operator injection (<code>$ne</code>, <code>$gt</code>, <code>$regex</code>, <code>$where</code>)</li> <li>Time-based blind injection</li> <li>JavaScript injection in MongoDB</li> </ul> <h3> CRLF Injection Scanner </h3> <p>Test for HTTP header injection vulnerabilities:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Basic CRLF scan</span> spyhunt <span class="nt">--crlf</span> <span class="s2">"https://example.com/redirect?url=test"</span> <span class="c"># Multiple URL parameters</span> spyhunt <span class="nt">--crlf</span> <span class="s2">"https://example.com/page?ref=test&amp;return=home"</span> <span class="c"># Save results</span> spyhunt <span class="nt">--crlf</span> <span class="s2">"https://example.com/goto?url=test"</span> <span class="nt">--save</span> crlf_results.json </code></pre> </div> <p><strong>What it detects:</strong></p> <ul> <li>Set-Cookie header injection</li> <li>Location header manipulation</li> <li>HTTP response smuggling</li> <li>XSS via CRLF injection</li> </ul> <h3> Security Features </h3> <h4> SSL Verification Control </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># SSL verification ON by default (recommended)</span> spyhunt <span class="nt">--xxe</span> https://example.com/api/xml <span class="c"># Disable SSL verification for testing (not recommended for production)</span> spyhunt <span class="nt">--xxe</span> https://self-signed.local/api/xml <span class="nt">--insecure</span> </code></pre> </div> <h4> Logging </h4> <p>All operations are automatically logged to <code>spyhunt.log</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Enable verbose logging</span> spyhunt <span class="nt">--xxe</span> https://example.com/api/xml <span class="nt">--verbose</span> <span class="c"># View logs in real-time</span> <span class="nb">tail</span> <span class="nt">-f</span> spyhunt.log <span class="c"># Search logs</span> <span class="nb">grep</span> <span class="s2">"XXE vulnerability"</span> spyhunt.log </code></pre> </div> <h3> Bug Bounty Workflow Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># 1. Enumerate subdomains</span> spyhunt <span class="nt">-s</span> target.com <span class="nt">--save</span> subdomains.txt <span class="c"># 2. Probe for live hosts</span> spyhunt <span class="nt">-p</span> subdomains.txt <span class="nt">--save</span> live_hosts.txt <span class="c"># 3. Run comprehensive vulnerability scans</span> spyhunt <span class="nt">--xxe</span> https://api.target.com/xml <span class="nt">--save</span> xxe_findings.json spyhunt <span class="nt">--ssrf</span> <span class="s2">"https://api.target.com/fetch?url=test"</span> <span class="nt">--save</span> ssrf_findings.json spyhunt <span class="nt">--ssti</span> <span class="s2">"https://target.com/render?template=test"</span> <span class="nt">--save</span> ssti_findings.json spyhunt <span class="nt">--nosqli</span> <span class="s2">"https://api.target.com/users?id=test"</span> <span class="nt">--save</span> nosql_findings.json spyhunt <span class="nt">--crlf</span> <span class="s2">"https://target.com/redirect?url=test"</span> <span class="nt">--save</span> crlf_findings.json <span class="c"># 4. Traditional vulnerability scans</span> spyhunt <span class="nt">--xss</span> <span class="s2">"https://target.com/search?q=test"</span> spyhunt <span class="nt">--sqli</span> <span class="s2">"https://target.com/product?id=1"</span> spyhunt <span class="nt">-co</span> live_hosts.txt </code></pre> </div> <h2> Documentation </h2> <p>For detailed information:</p> <ul> <li> <strong>NEW_FEATURES_README.md</strong> - Quick start guide for v4.0 features</li> <li> <strong>INTEGRATION_COMPLETE.md</strong> - Complete integration details</li> <li> <strong>SECURITY_ANALYSIS_REPORT.md</strong> - Comprehensive security analysis</li> <li> <strong>WHAT_CHANGED.md</strong> - Summary of changes from v3.4 to v4.0</li> </ul> <h2> Security Notes </h2> <h3> Default Security Settings (v4.0) </h3> <ul> <li>✅ SSL certificate verification is <strong>enabled by default</strong> </li> <li>✅ All operations are logged to <code>spyhunt.log</code> </li> <li>✅ Command injection protection is active</li> <li>✅ Input validation prevents injection attacks</li> </ul> <h3> Best Practices </h3> <ol> <li>Always use SSL verification in production (<code>--insecure</code> only for testing)</li> <li>Review logs regularly for security events</li> <li>Save scan results with <code>--save</code> for documentation</li> <li>Use <code>--verbose</code> for detailed debugging</li> <li>Test on authorized targets only</li> </ol> <h2> Version History </h2> <h3> v4.0 (Security Hardened) - October 2025 </h3> <ul> <li>➕ Added XXE Scanner</li> <li>➕ Added SSRF Scanner</li> <li>➕ Added SSTI Scanner</li> <li>➕ Added NoSQL Injection Scanner</li> <li>➕ Added CRLF Injection Scanner</li> <li>🔒 Fixed command injection vulnerabilities</li> <li>🔒 Added SSL verification control</li> <li>📝 Added structured logging system</li> <li>⚡ Added HTTP session management</li> <li>🛡️ Added input validation framework</li> </ul> <h3> Refactored </h3> <ul> <li><a href="https://github.com/Pymmdrza" rel="noopener noreferrer">@Pymmdrza</a></li> <li><a href="https://spyhunt.readthedocs.io/" rel="noopener noreferrer">@Pymmdrza</a></li> <li><a href="https://pypi.org/project/spyhunt/" rel="noopener noreferrer">Pypi</a></li> <li><a href="https://mmdrza.com" rel="noopener noreferrer">Website</a></li> </ul> spyhunt python cybersecurity scanner Mmdrza Sun, 02 Nov 2025 15:21:58 +0000 https://forem.com/mr1mmdrza/libcrypto-pypi-generate-and-converting-crypto-wallet-package-p68 https://forem.com/mr1mmdrza/libcrypto-pypi-generate-and-converting-crypto-wallet-package-p68 <h1> LibCrypto </h1> <h2> A professional library for Cryptography and Cryptocurrencies in Python. </h2> <h3> This library provides a comprehensive suite of tools for developers working with cryptocurrencies, focusing on key management and address generation with a clean, high-level API. </h3> <p>It has been a while since I published this new library to help and use other programmers who no longer have to get involved in various projects that need such tools, writing long source codes and using different libraries, which ultimately reduces the quality of the project.<br> In this library, an attempt has been made to make the most widely used and complex process for various cases into the shortest and most optimized standard form that can be used by the user, which has finally become, along with hundreds of different features of this library, the CryptoLib, which you can easily install and use in your source code or in the terminal (CLI).</p> <h2> Key Features </h2> <ul> <li> <strong>High-Level Wallet API</strong>: A simple <code>Wallet</code> class to manage keys and addresses.</li> <li> <strong>Multi-Currency Support</strong>: Correctly generate addresses for numerous secp256k1-based cryptocurrencies, including: <ul> <li>Bitcoin (BTC) - Legacy, SegWit (P2SH &amp; Native)</li> <li>Ethereum (ETH)</li> <li>Tron (TRX)</li> <li>Ripple (XRP)</li> <li>Bitcoin Cash (BCH) - CashAddr format</li> <li>Litecoin (LTC)</li> <li>Dash (DASH)</li> <li>Dogecoin (DOGE)</li> </ul> </li> <li> <strong>Hierarchical Deterministic (HD) Wallets</strong>: Full BIP32 support for generating wallets from a master seed.</li> <li> <strong>BIP39 Mnemonic Support</strong>: Generate, validate, and derive seeds from mnemonic phrases.</li> <li> <strong>Key &amp; Format Conversions</strong>: Easily convert between WIF, Hex, and Bytes for private and public keys.</li> <li> <strong>Powerful Command-Line Interface</strong>: Perform common wallet operations directly from your terminal.</li> </ul> <h2> Installation </h2> <p>Install the library using pip:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip <span class="nb">install </span>libcrypto </code></pre> </div> <h2> Quick Start (Library Usage) </h2> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">libcrypto</span> <span class="kn">import</span> <span class="n">Wallet</span> <span class="n">key</span> <span class="o">=</span> <span class="sh">"</span><span class="s">Your Private Key (hex | bytes | int | Wif)</span><span class="sh">"</span> <span class="c1"># Initialize the Wallet with the private key </span><span class="n">wallet</span> <span class="o">=</span> <span class="nc">Wallet</span><span class="p">(</span><span class="n">key</span><span class="p">)</span> </code></pre> </div> <h3> Generated Bitcoin Wallet Addresses from Private Key </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Generate P2PKH, P2SH-P2WPKH, P2WPKH addresses for Bitcoin </span><span class="n">p2pkh</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">bitcoin</span><span class="sh">"</span><span class="p">,</span> <span class="n">address_type</span><span class="o">=</span><span class="sh">"</span><span class="s">p2pkh</span><span class="sh">"</span><span class="p">)</span> <span class="n">p2wsh</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">bitcoin</span><span class="sh">"</span><span class="p">,</span> <span class="n">address_type</span><span class="o">=</span><span class="sh">"</span><span class="s">p2sh-p2wpkh</span><span class="sh">"</span><span class="p">)</span> <span class="n">p2wpkh</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">bitcoin</span><span class="sh">"</span><span class="p">,</span> <span class="n">address_type</span><span class="o">=</span><span class="sh">"</span><span class="s">p2wpkh</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> Generated Ethereum Wallet from Private Key </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Generate ethereum Address </span><span class="n">ethereum_address</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">ethereum</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> Generated Tron Wallet from Private Key </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Generate Tron Address </span><span class="n">tron_address</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">tron</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> Generated Ripple Wallet from Private Key (Hex) </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Generate Ripple Address </span><span class="n">ripple_address</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">ripple</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> Generated Dash Wallet from Private Key </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Generate Dash Address </span><span class="n">dash</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">dash</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> Generated Dogecoin Wallet from Private Key </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Generate Dogecoin Address </span><span class="n">dogecoin_address</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">dogecoin</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> Generated Litecoin Addresses From Private Key </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Generate Litecoin Address </span><span class="n">litecoin_address</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">litecoin</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># Generate Litecoin Address with specific address types </span><span class="n">litecoin_address_p2pkh</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">litecoin</span><span class="sh">"</span><span class="p">,</span> <span class="n">address_type</span><span class="o">=</span><span class="sh">"</span><span class="s">p2pkh</span><span class="sh">"</span><span class="p">)</span> <span class="n">litecoin_address_p2wsh</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">litecoin</span><span class="sh">"</span><span class="p">,</span> <span class="n">address_type</span><span class="o">=</span><span class="sh">"</span><span class="s">p2sh-p2wpkh</span><span class="sh">"</span><span class="p">)</span> <span class="n">litecoin_address_p2wpkh</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="n">coin</span><span class="o">=</span><span class="sh">"</span><span class="s">litecoin</span><span class="sh">"</span><span class="p">,</span> <span class="n">address_type</span><span class="o">=</span><span class="sh">"</span><span class="s">p2wpkh</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <p>The library is designed to be straightforward. Here is a basic example of generating addresses from an existing private key.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">libcrypto</span> <span class="kn">import</span> <span class="n">Wallet</span> <span class="c1"># Initialize a wallet from a WIF private key </span><span class="n">wif_key</span> <span class="o">=</span> <span class="sh">"</span><span class="s">L4ZQks37JHUadEqaj2nGB1eaZFcsRZwZGQ7WVYuQiztzg4pqopU6</span><span class="sh">"</span> <span class="c1"># Example </span><span class="n">wallet</span> <span class="o">=</span> <span class="nc">Wallet</span><span class="p">(</span><span class="n">wif_key</span><span class="p">)</span> <span class="c1"># Generate addresses for different coins </span><span class="n">eth_address</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="sh">'</span><span class="s">ethereum</span><span class="sh">'</span><span class="p">)</span> <span class="n">btc_address</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="sh">'</span><span class="s">bitcoin</span><span class="sh">'</span><span class="p">,</span> <span class="n">address_type</span><span class="o">=</span><span class="sh">'</span><span class="s">p2wpkh</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Native SegWit </span><span class="n">bch_address</span> <span class="o">=</span> <span class="n">wallet</span><span class="p">.</span><span class="nf">get_address</span><span class="p">(</span><span class="sh">'</span><span class="s">bitcoin_cash</span><span class="sh">'</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">Ethereum Address: </span><span class="si">{</span><span class="n">eth_address</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">Bitcoin (SegWit) Address: </span><span class="si">{</span><span class="n">btc_address</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">Bitcoin Cash Address: </span><span class="si">{</span><span class="n">bch_address</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> Generated Bitcoin Compressed and Uncompressed Address Wallet </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">libcrypto</span> <span class="kn">import</span> <span class="n">PrivateKey</span> <span class="c1"># Key generation </span><span class="n">key</span> <span class="o">=</span> <span class="nc">PrivateKey</span><span class="p">(</span><span class="n">network</span><span class="o">=</span><span class="sh">"</span><span class="s">bitcoin</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># Generate Public Key (compressed and uncompressed) </span><span class="n">public_compressed</span> <span class="o">=</span> <span class="n">key</span><span class="p">.</span><span class="nf">get_public_key</span><span class="p">(</span><span class="n">compressed</span><span class="o">=</span><span class="bp">True</span><span class="p">)</span> <span class="n">public_uncompressed</span> <span class="o">=</span> <span class="n">key</span><span class="p">.</span><span class="nf">get_public_key</span><span class="p">(</span><span class="n">compressed</span><span class="o">=</span><span class="bp">False</span><span class="p">)</span> <span class="c1"># Compressed and Uncompressed Addresses </span><span class="n">address_compressed</span> <span class="o">=</span> <span class="n">public_compressed</span><span class="p">.</span><span class="nf">get_address</span><span class="p">()</span> <span class="n">address_uncompressed</span> <span class="o">=</span> <span class="n">public_uncompressed</span><span class="p">.</span><span class="nf">get_address</span><span class="p">()</span> </code></pre> </div> <h3> Generated Wif Compressed and Uncompressed </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">libcrypto</span> <span class="kn">import</span> <span class="n">PrivateKey</span> <span class="c1"># Key generation </span><span class="n">key</span> <span class="o">=</span> <span class="nc">PrivateKey</span><span class="p">(</span><span class="n">network</span><span class="o">=</span><span class="sh">"</span><span class="s">bitcoin</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># Wif compressed and Uncompressed </span><span class="n">wif_compressed</span> <span class="o">=</span> <span class="n">key</span><span class="p">.</span><span class="nf">to_wif</span><span class="p">(</span><span class="n">compressed</span><span class="o">=</span><span class="bp">True</span><span class="p">)</span> <span class="n">wif_uncompressed</span> <span class="o">=</span> <span class="n">key</span><span class="p">.</span><span class="nf">to_wif</span><span class="p">(</span><span class="n">compressed</span><span class="o">=</span><span class="bp">False</span><span class="p">)</span> </code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2FPymmdrza%2Flibcrypto%2Frefs%2Fheads%2Fmain%2F.github%2Flibcrypto_generate.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2FPymmdrza%2Flibcrypto%2Frefs%2Fheads%2Fmain%2F.github%2Flibcrypto_generate.png" title="Libcrypto" alt="CLI" width="800" height="415"></a></p> <h2> Quick Start (Command-Line Interface) </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># version</span> libcrypto <span class="nt">-v</span> </code></pre> </div> <p>Package Information:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>libcrypto info </code></pre> </div> <h3> Wallet &amp; Address Generation </h3> <ul> <li>Generate a Wallet: This is the main command for generating new wallets or deriving addresses from existing keys. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>libcrypto generate <span class="o">[</span>OPTIONS] </code></pre> </div> <p>Options:</p> <ul> <li> <code>-p</code>, <code>--private-key</code> TEXT: Derive addresses from an existing private key (WIF or Hex format). If omitted, a new random wallet is generated.</li> <li> <code>-c</code>, <code>--coin</code> TEXT: Specify a coin to generate addresses for. This option can be used multiple times. Defaults to bitcoin and ethereum.</li> </ul> <ol> <li>Generate a new wallet for Bitcoin and Litecoin: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>libcrypto generate <span class="nt">-c</span> bitcoin <span class="nt">-c</span> litecoin </code></pre> </div> <ol> <li>Generate a wallet from an existing private key: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>libcrypto generate <span class="nt">-p</span> &lt;your-private-key&gt; </code></pre> </div> <ol> <li>Derive addresses for a specific set of coins from a hex key: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>libcrypto generate <span class="nt">-p</span> &lt;your-hex-key&gt; <span class="nt">-c</span> bitcoin <span class="nt">-c</span> ethereum <span class="nt">-c</span> dash <span class="nt">-c</span> tron </code></pre> </div> <h3> Mnemonic Management </h3> <p>The mnemonic subcommand is used for all BIP39 mnemonic phrase operations.<br> Generate a Mnemonic Phrase</p> <p>Creates a new, cryptographically secure BIP39 mnemonic phrase.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>libcrypto mnemonic generate <span class="o">[</span>OPTIONS] </code></pre> </div> <p>Options:</p> <ul> <li> <code>-w</code>, <code>--words</code> INTEGER: The number of words in the mnemonic. Can be 12, 15, 18, 21, or 24. [Default: 12]</li> </ul> <p>Example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>libcrypto mnemonic generate <span class="nt">--words</span> 24 </code></pre> </div> <h3> Validate a Mnemonic Phrase </h3> <p>Checks if a given BIP39 mnemonic phrase is valid according to the checksum rules.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>libcrypto mnemonic validate <span class="s2">"PHRASE"</span> </code></pre> </div> <p>Arguments:</p> <ul> <li> <code>PHRASE</code>: The full mnemonic phrase, enclosed in double quotes. [Required]</li> </ul> <p>Example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>libcrypto mnemonic validate <span class="s2">"abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about"</span> </code></pre> </div> <p><a href="https://libcrypto.readthedocs.io/en/latest/" rel="noopener noreferrer">Libcrypto Doc</a> | <a href="https://github.com/Pymmdrza/libcrypto" rel="noopener noreferrer">Libcrypto Source</a> | <a href="https://pypi.org/project/libcrypto/" rel="noopener noreferrer">Libcrypto PYPI</a></p> libcrypto cryptocurrency wallet python Mmdrza Sat, 08 Feb 2025 00:47:00 +0000 https://forem.com/mr1mmdrza/-2f16 https://forem.com/mr1mmdrza/-2f16 <div class="ltag__link"> <a href="/mr1mmdrza" class="ltag__link__link"> <div class="ltag__link__pic"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1875138%2Feb053953-98a7-4a3b-a904-0f13aa39ad48.jpg" alt="mr1mmdrza"> </div> </a> <a href="https://dev.to/mr1mmdrza/how-to-generate-any-wallet-with-cryptofuzz-i7a" class="ltag__link__link"> <div class="ltag__link__content"> <h2>How to Generate Any Wallet with Cryptofuzz</h2> <h3>Mmdrza ・ Jan 20</h3> <div class="ltag__link__taglist"> <span class="ltag__link__tag">#cryptocurrency</span> <span class="ltag__link__tag">#cryptofuzz</span> <span class="ltag__link__tag">#wallet</span> <span class="ltag__link__tag">#privatekey</span> </div> </div> </a> </div> cryptocurrency cryptofuzz wallet privatekey Mmdrza Mon, 20 Jan 2025 18:34:11 +0000 https://forem.com/mr1mmdrza/how-to-generate-any-wallet-with-cryptofuzz-i7a https://forem.com/mr1mmdrza/how-to-generate-any-wallet-with-cryptofuzz-i7a <h2> What is Cryptofuzz? </h2> <p>This library is for faster and easier use in the field of cryptography and tools for creating various private keys and mnemonics and converting them into other components required for a cryptocurrency wallet for Bitcoin, Ethereum, Dash, Dogecoin, Litecoin, TON, Tron, Bitcoin Gold and ... several other different currencies.</p> <p>In the following, I will show you how you can implement and execute the best and most optimized code in Python using this library of private and public keys and mnemonics to convert them into addresses and other security keys for a wallet using the least amount of code.</p> <h2> Install </h2> <h3> PIP </h3> <p>install with <code>pip</code> in your terminal<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip <span class="nb">install</span> <span class="nt">--upgrade</span> cryptofuzz </code></pre> </div> <h3> GIT </h3> <p>install with <code>git</code> in your terminal<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/Pymmdrza/cryptoFuzz <span class="nb">cd </span>cryptoFuzz python3 setup.py <span class="nb">install</span> </code></pre> </div> <h2> Use </h2> <h2> Private Key </h2> <h3> Private Key To Bitcoin Wallet </h3> <p>convert private key hex to all address format bitcoin<br> Generating Bitcoin Addresses with Cryptofuzz</p> <p>This example demonstrates generating various types of Bitcoin addresses using the cryptofuzz library in Python, utilizing a specific private key. The process results in addresses that support different transaction protocols and optimizations.<br> Implementing Address Generation</p> <p>The script below initializes a Bitcoin object and generates four types of addresses: <code>P2PKH</code>, <code>P2SH</code>, <code>P2WPKH</code>, and <code>P2WSH</code>, based on the provided private key.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Bitcoin</span> <span class="n">btc</span> <span class="o">=</span> <span class="nc">Bitcoin</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># Generate P2PKH address </span><span class="n">p2pkh</span> <span class="o">=</span> <span class="n">btc</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">,</span> <span class="sh">'</span><span class="s">p2pkh</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Generate P2SH address </span><span class="n">p2sh</span> <span class="o">=</span> <span class="n">btc</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">,</span> <span class="sh">'</span><span class="s">p2sh</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Generate P2WPKH address </span><span class="n">p2wpkh</span> <span class="o">=</span> <span class="n">btc</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">,</span> <span class="sh">'</span><span class="s">p2wpkh</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Generate P2WSH address </span><span class="n">p2wsh</span> <span class="o">=</span> <span class="n">btc</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">,</span> <span class="sh">'</span><span class="s">p2wsh</span><span class="sh">'</span><span class="p">)</span> </code></pre> </div> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>type</th> <th>description</th> <th>example</th> </tr> </thead> <tbody> <tr> <td><code>p2pkh</code></td> <td>Pay to Public Key Hash</td> <td><code>1M8Qk46ERsPrEtWLBRSET5NUH2Ck5wwREU</code></td> </tr> <tr> <td><code>p2sh</code></td> <td>Pay to Script Hash</td> <td><code>34omeRgNLiDqbP7BTdVUSGoPBoFKy3BX44</code></td> </tr> <tr> <td><code>p2wpkh</code></td> <td>Pay to Witness Public Key Hash</td> <td><code>bc1qmnyn7x24xj6vraxeeq56dfkxa009tvhgqffstc</code></td> </tr> <tr> <td><code>p2wsh</code></td> <td>Pay to Witness Script Hash</td> <td><code>bc1qgahjmt5vkm8wkv70adwyrvw9qy22cygafc7h9nur9nfk8gj6dc3s3v24wf</code></td> </tr> </tbody> </table></div> <h3> Private Key To Compressed and Uncompressed </h3> <p>use the <code>hex_to_addr</code> method from the <code>Convertor</code> class for compressed and uncompressed addresses:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Convertor</span> <span class="n">conv</span> <span class="o">=</span> <span class="nc">Convertor</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># Compressed Bitcoin Address Wallet </span><span class="n">compressed_addr</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">hex_to_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">,</span> <span class="bp">True</span><span class="p">)</span> <span class="c1"># Uncompressed Bitcoin Address Wallet </span><span class="n">uncompressed_addr</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">hex_to_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span> </code></pre> </div> <h3> Private Key To Ethereum Wallet </h3> <p>convert private key hex to Ethereum address wallet<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Ethereum</span> <span class="n">ETH</span> <span class="o">=</span> <span class="nc">Ethereum</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># Ethereum Address Wallet </span><span class="n">ethereum_address</span> <span class="o">=</span> <span class="n">ETH</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">)</span> </code></pre> </div> <h3> Private Key To Dash Wallet </h3> <p>convert private key hex to Dash address wallet<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Dash</span> <span class="n">DASH</span> <span class="o">=</span> <span class="nc">Dash</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># Dash Address Wallet </span><span class="n">dash_address</span> <span class="o">=</span> <span class="n">DASH</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">)</span> </code></pre> </div> <h3> Private Key To Dogecoin Wallet </h3> <p>convert private key hex to Dogecoin address wallet<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Dogecoin</span> <span class="n">doge</span> <span class="o">=</span> <span class="nc">Dogecoin</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># Dogecoin Address Wallet </span><span class="n">dogecoin_address</span> <span class="o">=</span> <span class="n">doge</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">)</span> </code></pre> </div> <h3> Private Key To Litecoin Wallet </h3> <p>convert private key hex to Litecoin address wallet<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Litecoin</span> <span class="n">LTC</span> <span class="o">=</span> <span class="nc">Litecoin</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># Litecoin Address Wallet </span><span class="n">litecoin_address</span> <span class="o">=</span> <span class="n">LTC</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">)</span> </code></pre> </div> <h3> Private Key To Tron Wallet </h3> <p>convert private key hex to Tron address wallet<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Tron</span> <span class="n">TRX</span> <span class="o">=</span> <span class="nc">Tron</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># Tron Address Wallet </span><span class="n">tron_address</span> <span class="o">=</span> <span class="n">TRX</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">)</span> </code></pre> </div> <h3> Private Key To Bitcoin Gold Wallet </h3> <p>convert private key hex to Bitcoin Gold address wallet<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">BitcoinGold</span> <span class="n">BTG</span> <span class="o">=</span> <span class="nc">BitcoinGold</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># Bitcoin Gold Address Wallet </span><span class="n">bitcoin_gold_address</span> <span class="o">=</span> <span class="n">BTG</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">)</span> </code></pre> </div> <h3> Private Key To Zcash Wallet </h3> <p>convert private key hex to Zcash address wallet<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Zcash</span> <span class="n">ZEC</span> <span class="o">=</span> <span class="nc">Zcash</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># Zcash Address Wallet </span><span class="n">zcash_address</span> <span class="o">=</span> <span class="n">ZEC</span><span class="p">.</span><span class="nf">hex_addr</span><span class="p">(</span><span class="n">privatekey</span><span class="p">)</span> </code></pre> </div> <h3> TON Wallet </h3> <h4> basic chain (workchain 0) </h4> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Ton</span> <span class="n">ton</span> <span class="o">=</span> <span class="nc">Ton</span><span class="p">(</span><span class="n">mainnet</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="n">workchain</span><span class="o">=</span><span class="mi">0</span><span class="p">)</span> </code></pre> </div> <h4> masterchain (workchain -1) </h4> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Ton</span> <span class="n">ton</span> <span class="o">=</span> <span class="nc">Ton</span><span class="p">(</span><span class="n">mainnet</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="n">workchain</span><span class="o">=-</span><span class="mi">1</span><span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Ton</span> <span class="n">ton</span> <span class="o">=</span> <span class="nc">Ton</span><span class="p">(</span><span class="n">mainnet</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="n">workchain</span><span class="o">=-</span><span class="mi">1</span><span class="p">)</span> <span class="c1"># or </span><span class="n">ton</span> <span class="o">=</span> <span class="nc">Ton</span><span class="p">(</span><span class="n">mainnet</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="n">workchain</span><span class="o">=</span><span class="mi">0</span><span class="p">)</span> <span class="c1"># default </span></code></pre> </div> <p>testnet supported <code>mainnet=False</code></p> <h4> Private Key To TON Address Wallet </h4> <p>convert private key hex to TON address wallet from <code>privatekey_to_address</code> function in <code>Ton</code> class<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Ton</span> <span class="n">TON</span> <span class="o">=</span> <span class="nc">Ton</span><span class="p">()</span> <span class="c1"># private key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="sh">"</span><span class="s">0A97965...A45517</span><span class="sh">"</span> <span class="c1"># TON Address Wallet bounceable </span><span class="n">bounceable_address</span> <span class="o">=</span> <span class="n">TON</span><span class="p">.</span><span class="nf">privatekey_to_address</span><span class="p">(</span><span class="n">privatekey</span><span class="p">)</span> <span class="c1"># TON Address Wallet non-bounceable </span><span class="n">unbounceable_address</span> <span class="o">=</span> <span class="n">TON</span><span class="p">.</span><span class="nf">privatekey_to_address</span><span class="p">(</span><span class="n">privatekey</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>privatekey_to_address</code></strong>: in_privatekey: <code>str</code>, bounceable: <code>bool</code> (<em>default: True</em>)</li> <li> <strong>Returns</strong>: <code>str</code> address in Base64 format (<code>urlsafe_b64encode</code>)</li> <li> <strong>Example</strong>: <code>baddr = ton.privatekey_to_address('0abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef', True)</code> </li> <li> <strong>Example</strong>: <code>uaddr = ton.privatekey_to_address('0abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef', False)</code> </li> </ul> <h4> Mnemonic To TON Address Wallet </h4> <p>Convert Mnemonic to User-Friendly TON Address (bounceable, Un-Bounceable)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Ton</span> <span class="n">ton</span> <span class="o">=</span> <span class="nc">Ton</span><span class="p">(</span><span class="n">mainnet</span><span class="o">=</span><span class="bp">True</span><span class="p">)</span> <span class="c1"># Create mnemonic (Only : *24 words) </span><span class="n">mnemonic</span> <span class="o">=</span> <span class="p">(</span><span class="sh">'</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon </span><span class="sh">'</span> <span class="sh">'</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Convert mnemonic to Bounceable TON address </span><span class="n">baddr</span> <span class="o">=</span> <span class="n">ton</span><span class="p">.</span><span class="nf">mnemonic_to_address</span><span class="p">(</span><span class="n">mnemonic</span><span class="p">,</span> <span class="bp">True</span><span class="p">)</span> <span class="c1"># Convert mnemonic to Unbounceable TON address </span><span class="n">uaddr</span> <span class="o">=</span> <span class="n">ton</span><span class="p">.</span><span class="nf">mnemonic_to_address</span><span class="p">(</span><span class="n">mnemonic</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>mnemonic_to_address</code></strong>: mnemonic: <code>str</code>, bounceable: <code>bool</code> (<em>default: True</em>)</li> <li> <strong>Returns</strong>: <code>str</code> address in Base64 format (<code>urlsafe_b64encode</code>)</li> <li> <strong>Example</strong>: <code>baddr = ton.mnemonic_to_address('abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about', True)</code> </li> <li> <strong>Example</strong>: <code>uaddr = ton.mnemonic_to_address('abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about', False)</code> </li> </ul> <h4> Decimal To TON Address Wallet </h4> <p>Convert Decimal to User-Friendly TON Address (bounceable, Un-Bounceable)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Ton</span> <span class="n">ton</span> <span class="o">=</span> <span class="nc">Ton</span><span class="p">(</span><span class="n">mainnet</span><span class="o">=</span><span class="bp">True</span><span class="p">)</span> <span class="c1"># Convert decimal to Bounceable TON address </span><span class="n">baddr</span> <span class="o">=</span> <span class="n">ton</span><span class="p">.</span><span class="nf">decimal_to_address</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="bp">True</span><span class="p">)</span> <span class="c1"># Convert decimal to Unbounceable TON address </span><span class="n">uaddr</span> <span class="o">=</span> <span class="n">ton</span><span class="p">.</span><span class="nf">decimal_to_address</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>decimal_to_address</code></strong>: decimal: <code>int</code>, bounceable: <code>bool</code> (<em>default: True</em>)</li> <li> <strong>Returns</strong>: <code>str</code> address in Base64 format (<code>urlsafe_b64encode</code>)</li> <li> <strong>Example</strong>: <code>baddr = ton.decimal_to_address(1, True)</code> </li> <li> <strong>Example</strong>: <code>uaddr = ton.decimal_to_address(1, False)</code> </li> <li> <strong>Note</strong>: Decimal Value must be less than <code>2^256 - 1</code> </li> </ul> <h3> TON Address To Raw Address </h3> <p>Convert User-Friendly TON Address To Raw Address<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Ton</span> <span class="n">ton</span> <span class="o">=</span> <span class="nc">Ton</span><span class="p">(</span><span class="n">mainnet</span><span class="o">=</span><span class="bp">True</span><span class="p">)</span> <span class="n">addr</span> <span class="o">=</span> <span class="sh">'</span><span class="s">EQDlW5BbpUj6J0ApOxTlZ_CHYYR9NlPc3ahYQ8HtVlbQc6AA</span><span class="sh">'</span> <span class="n">baddr</span> <span class="o">=</span> <span class="n">ton</span><span class="p">.</span><span class="nf">raw_address</span><span class="p">(</span><span class="n">addr</span><span class="p">)</span> <span class="c1"># output: 0:E55B905BA548FA2740293B14E567F08761847D3653DCDDA85843C1ED5656D073 </span></code></pre> </div> <ul> <li> <strong>Parameters <code>raw_address</code></strong>: address: <code>str</code> </li> <li> <strong>Returns</strong>: <code>str</code> raw address</li> <li> <strong>Example</strong>: <code>baddr = ton.raw_address('EQDlW5BbpUj6J0ApOxTlZ_CHYYR9NlPc3ahYQ8HtVlbQc6AA')</code> </li> <li> <strong>Note</strong>: Address Value must be in Base64 format (<code>urlsafe_b64encode</code>)</li> </ul> <h2> Mnemonic </h2> <h3> Generate Mnemonic </h3> <p>Generate Mnemonic (Only : 12 , 24 words)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Generator</span> <span class="n">gen</span> <span class="o">=</span> <span class="nc">Generator</span><span class="p">()</span> <span class="c1"># 12 words </span><span class="n">mnemonic_12</span> <span class="o">=</span> <span class="n">gen</span><span class="p">.</span><span class="nf">generate_mnemonic</span><span class="p">(</span><span class="mi">12</span><span class="p">)</span> <span class="c1"># 24 words </span><span class="n">mnemonic_24</span> <span class="o">=</span> <span class="n">gen</span><span class="p">.</span><span class="nf">generate_mnemonic</span><span class="p">(</span><span class="mi">24</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>generate_mnemonic</code></strong>: length: <code>int</code> (_default: 12)</li> <li> <strong>Returns</strong>: <code>str</code> mnemonic</li> <li> <strong>Example</strong>: <code>mnemonic_12 = gen.generate_mnemonic(12)</code> </li> <li> <strong>Example</strong>: <code>mnemonic_24 = gen.generate_mnemonic(24)</code> </li> </ul> <h3> Mnemonic To Private Key </h3> <p>Convert Mnemonic to Private Key<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Convertor</span> <span class="n">conv</span> <span class="o">=</span> <span class="nc">Convertor</span><span class="p">()</span> <span class="c1"># Mnemonic </span><span class="n">mnemonic</span> <span class="o">=</span> <span class="p">(</span><span class="sh">'</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon </span><span class="sh">'</span> <span class="sh">'</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Private Key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">mne_to_hex</span><span class="p">(</span><span class="n">mnemonic</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>mne_to_hex</code></strong>: mnemonic: <code>str</code> </li> <li> <strong>Returns</strong>: <code>str</code> private key</li> <li> <strong>Example</strong>: <code>privatekey = conv.mne_to_hex(mnemonic)</code> </li> </ul> <h3> Mnemonic To Address </h3> <p>Convert Mnemonic to compressed address and uncompressed bitcoin address<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Convertor</span> <span class="n">conv</span> <span class="o">=</span> <span class="nc">Convertor</span><span class="p">()</span> <span class="c1"># Mnemonic </span><span class="n">mnemonic</span> <span class="o">=</span> <span class="p">(</span><span class="sh">'</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon </span><span class="sh">'</span> <span class="sh">'</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># compressed address </span><span class="n">compressed_address</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">mne_to_addr</span><span class="p">(</span><span class="n">mnemonic</span><span class="p">)</span> <span class="c1"># uncompressed address </span><span class="n">uncompressed_address</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">mne_to_addr</span><span class="p">(</span><span class="n">mnemonic</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>mne_to_addr</code></strong>: mnemonic: <code>str</code>, compressed: <code>bool</code> (<em>default: True</em>)</li> <li> <strong>Returns</strong>: <code>str</code> address <ul> <li>compressed address: <code>str</code> compressed address</li> <li>uncompressed address: <code>str</code> uncompressed address</li> <li>Example: <code>compressed_address = conv.mne_to_addr(mnemonic)</code>, <code>uncompressed_address = conv.mne_to_addr(mnemonic, False)</code> </li> </ul> </li> </ul> <h3> Mnemonic To Seed </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Mnemonic</span> <span class="n">mne</span> <span class="o">=</span> <span class="nc">Mnemonic</span><span class="p">()</span> <span class="n">words</span> <span class="o">=</span> <span class="sh">"</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about</span><span class="sh">"</span> <span class="n">seed</span> <span class="o">=</span> <span class="n">mne</span><span class="p">.</span><span class="nf">to_seed</span><span class="p">(</span><span class="n">words</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>to_seed</code></strong>: mnemonic: <code>str</code> </li> <li> <strong>Returns</strong>: <code>bytes</code> seed</li> </ul> <h3> Mnemonic To Root Private Key (Extended Private Key / XPRV) </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Convertor</span> <span class="n">conv</span> <span class="o">=</span> <span class="nc">Convertor</span><span class="p">()</span> <span class="c1"># Mnemonic </span><span class="n">mne</span> <span class="o">=</span> <span class="sh">"</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about</span><span class="sh">"</span> <span class="c1"># Root Private Key </span><span class="n">root_private_key</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">mne_to_xprv</span><span class="p">(</span><span class="n">mne</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>mne_to_xprv</code></strong>: mnemonic: <code>str</code> </li> <li> <strong>Returns</strong>: <code>str</code> root private key</li> <li> <strong>Example</strong>: <code>root_private_key = conv.mne_to_xprv(mne)</code> </li> <li> <strong>Note</strong>: Mnemonic must be 12 or 24 words</li> </ul> <h3> Mnemonic To Root Public Key (Extended Public Key / XPUB) </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Convertor</span> <span class="n">conv</span> <span class="o">=</span> <span class="nc">Convertor</span><span class="p">()</span> <span class="c1"># Mnemonic </span><span class="n">mne</span> <span class="o">=</span> <span class="sh">"</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about</span><span class="sh">"</span> <span class="c1"># Root Public Key </span><span class="n">root_public_key</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">mne_to_xpub</span><span class="p">(</span><span class="n">mne</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>mne_to_xpub</code></strong>: mnemonic: <code>str</code> </li> <li> <strong>Returns</strong>: <code>str</code> root public key</li> <li> <strong>Example</strong>: <code>root_public_key = conv.mne_to_xpub(mne)</code> </li> <li> <strong>Note</strong>: Mnemonic must be 12 or 24 words</li> </ul> <h3> Mnemonic To Wallet Import Format (WIF) </h3> <p>convert mnemonic words to wallet import format (WIF) compressed and uncompressed<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Convertor</span> <span class="n">conv</span> <span class="o">=</span> <span class="nc">Convertor</span><span class="p">()</span> <span class="c1"># Mnemonic </span><span class="n">mne</span> <span class="o">=</span> <span class="sh">"</span><span class="s">abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about</span><span class="sh">"</span> <span class="c1"># WIF compressed </span><span class="n">wif_compressed</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">mne_to_wif</span><span class="p">(</span><span class="n">mne</span><span class="p">)</span> <span class="c1"># WIF uncompressed </span><span class="n">wif_uncompressed</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">mne_to_wif</span><span class="p">(</span><span class="n">mne</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span> </code></pre> </div> <ul> <li> <strong>Parameters <code>mne_to_wif</code></strong>: mnemonic: <code>str</code>, compress: <code>bool</code> (<em>default: True</em>)</li> <li> <strong>Returns</strong>: <code>str</code> WIF</li> <li> <strong>Example</strong>: <code>wif_compressed = conv.mne_to_wif(mne)</code>, <code>wif_uncompressed = conv.mne_to_wif(mne, False)</code> </li> <li> <strong>Note</strong>: Mnemonic must be 12 or 24 words</li> </ul> <h2> WIF (Wallet Import Format) </h2> <h3> WIF To Private Key </h3> <p>convert WIF to private key (hex)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Convertor</span> <span class="n">conv</span> <span class="o">=</span> <span class="nc">Convertor</span><span class="p">()</span> <span class="c1"># WIF </span><span class="n">wif</span> <span class="o">=</span> <span class="sh">'</span><span class="s">5KQwrPbwdL6PhX7ayB3GEpWUPaK7aRm2MV8NHWl7ZT8g2VTXYG7J</span><span class="sh">'</span> <span class="c1"># Private Key </span><span class="n">privatekey</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">wif_to_hex</span><span class="p">(</span><span class="n">wif</span><span class="p">)</span> </code></pre> </div> <h3> WIF To Address </h3> <p>convert WIF to compressed and uncompressed address<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">Convertor</span> <span class="n">conv</span> <span class="o">=</span> <span class="nc">Convertor</span><span class="p">()</span> <span class="c1"># WIF </span><span class="n">wif</span> <span class="o">=</span> <span class="sh">'</span><span class="s">5KQwrPbwdL6PhX7ayB3GEpWUPaK7aRm2MV8NHWl7ZT8g2VTXYG7J</span><span class="sh">'</span> <span class="c1"># compressed address </span><span class="n">compressed_address</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">wif_to_addr</span><span class="p">(</span><span class="n">wif</span><span class="p">)</span> <span class="c1"># uncompressed address </span><span class="n">uncompressed_address</span> <span class="o">=</span> <span class="n">conv</span><span class="p">.</span><span class="nf">wif_to_addr</span><span class="p">(</span><span class="n">wif</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span> </code></pre> </div> <h2> Block </h2> <p>read block data from block file (bitcoin core sync data file's) [ <code>blk00001.dat</code> ]<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">cryptofuzz</span> <span class="kn">import</span> <span class="n">block</span> <span class="kn">import</span> <span class="n">os</span> <span class="c1"># path block file </span><span class="n">path_data</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="sh">"</span><span class="s">&lt;BITCOIN CORE SYNC BLOCK PATH&gt;</span><span class="sh">"</span><span class="p">)</span> <span class="n">block_path</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="n">path_data</span><span class="p">,</span> <span class="sh">"</span><span class="s">blk00001.dat</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># first block file sync # full block data </span><span class="n">block_data</span> <span class="o">=</span> <span class="n">block</span><span class="p">.</span><span class="nf">reader</span><span class="p">(</span><span class="n">block_path</span><span class="p">)</span> </code></pre> </div> <ul> <li>Cryptofuzz <a href="https://cryptofuzz.readthedocs.io/" rel="noopener noreferrer">Documentation</a> </li> <li>Python Package <a href="https://pypi.org/project/CryptoFuzz/18.6.0/" rel="noopener noreferrer">PyPi Package</a> </li> <li>Cryptofuzz <a href="https://pypi.org/project/CryptoFuzz/18.6.0/#history" rel="noopener noreferrer">PyPi History</a> </li> <li>Cryptofuzz <a href="https://pypi.org/project/CryptoFuzz/18.6.0/#description" rel="noopener noreferrer">Description Package</a> </li> </ul> cryptocurrency cryptofuzz wallet privatekey