ββββββββββββββ βββββββββββββββ ββββββββββββ ββββββ βββββββ ββββ
βββββββββββββββββββββββββββββββββββββββββββββ ββββββ ββββββββ βββββ
βββ ββββββββββββββ βββ βββββββββ ββββββ ββββββ ββββββββββββββ
βββ ββββββββββββββ βββ βββββββββ βββββββββββββ ββββββββββββββ
βββββββββββ ββββββββββββββββββββββββββββββ ββββββββββββββββββ βββ βββ
ββββββββββ ββββββββββββββββββ βββββββββββ βββββ βββββββ βββ βββ
Post-access credential exposure detection for Linux systems, written in Nim.
This is a quick overview. Security theory, architecture, and full walkthroughs are in the learn modules.
- Scans Linux home directories for exposed credentials across 7 categories
- Detects unprotected SSH keys, plaintext cloud credentials, browser credential stores, shell history secrets, keyrings, Git tokens, and application credentials
- Classifies findings by severity based on file permissions and exposure risk
- Reports in terminal with color-coded output or structured JSON for automation
- Compiles to a single static binary with zero runtime dependencies
bash install.sh
credenumTip
This project uses just as a command runner. Type just to see all available commands.
Install: curl -sSf https://just.systems/install.sh | bash -s -- --to ~/.local/bin
Language: Nim 2.2+ (ORC memory management)
Build: Just, Nimble, musl (static linking), UPX (compression), zigcc (cross-compilation)
Testing: Nim unittest, Docker (integration tests with planted credentials)
This project includes step-by-step learning materials covering security theory, architecture, and implementation.
| Module | Topic |
|---|---|
| 00 - Overview | Prerequisites and quick start |
| 01 - Concepts | Security theory and real-world breaches |
| 02 - Architecture | System design and data flow |
| 03 - Implementation | Code walkthrough |
| 04 - Challenges | Extension ideas and exercises |
AGPL 3.0