PassAudit is a professional command line tool designed to evaluate password strength using modern security metrics. It combines realistic attack modeling with entropy estimation and breach dictionary checks, while also offering secure password generation features.
The tool is suitable for:
- Cybersecurity students
- Blue team learning and awareness
- Developers validating password policies
- Personal password hygiene
- Strength estimation using zxcvbn
- Detection against large compromised password dictionaries
- Entropy calculation and character set analysis
- Pattern detection such as dates, sequences, and dictionary words
- Human readable security recommendations
- Strong passphrase generation using the EFF Large Wordlist
- Mixed character passwords with symbols, numbers, and casing
- Alphanumeric and PIN generation
- Cryptographically secure randomness
- Rich terminal output with colorized results
- Export reports in JSON or CSV format
- Batch password analysis from files
- Optional HTML report generation
- Clean and intuitive CLI powered by Typer
- Secure password input using hidden prompts
- Fast feedback with structured output via Rich
- Python 3.10 or higher
- pip
# Clone the repository
git clone https://github.com/0xayb/PassAudit.git
cd PassAudit
# Create virtual environment (recommended)
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
# Install dependencies
pip install -r requirements.txt
# Make the script executable (optional, Unix/Linux)
chmod +x main.pypython3 main.py infoIf you see the PassAudit information screen, the installation is successful!
python main.py check
# Enter password when prompted (input is hidden)# Check a specific password
python3 main.py check --password "MyP@ssw0rd123" --show
# Export report
python3 main.py check --password "MyPassword" --export report.json
# With additional dictionary
python3 main.py check -p "test123" --dict custom_passwords.txt# Generate 1 passphrase (default)
python main.py generate
# Generate 5 passphrases with high entropy
python main.py generate --count 5 --entropy 60
# Generate mixed character passwords
python main.py generate --style mixed --count 3
# Generate alphanumeric passwords
python main.py generate --style alphanumeric --count 5Available styles:
passphrase- Word-based passwords (e.g., "Correct-Horse-Battery-Staple42")mixed- Random mix of letters, numbers, and symbolsalphanumeric- Letters and numbers onlypin- Numeric only
# Create a test file
echo -e "password123\nadmin\nqwerty\nMyP@ssw0rd!" > passwords.txt
# Analyze passwords from file
python3 main.py batch passwords.txt
# Custom output file
python3 main.py batch passwords.txt --output results.csvpython main.py infoPassword: ********
Length: 8 characters
Strength: Weak (1/4)
Entropy: 37.6 bits
SHA-256 Hash: a665a45920422f...
โ WARNING: This is a commonly used password!
It appears in known password breach databases and should not be used.
Security Recommendations:
1. โ ๏ธ This password has been exposed in data breaches
2. Use at least 12 characters for better security
3. Add uppercase letters, special characters for better security
Suggested Strong Password:
Ceramic-Snowman-Tropical-Bagel89
Strength: 4/4
Generating 3 strong password(s):
โโโโโโณโโโโโโโโโโโโโโโโโโโโโโโโโโโโโณโโโโโโโโโณโโโโโโโโโโโ
โ # โ Password โ Length โ Entropy โ
โกโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฉ
โ 1 โ Bamboo-Acrobat-Olive32 โ 23 โ 61.2 bitsโ
โ 2 โ Gadget-Flamingo-Metric77 โ 25 โ 64.5 bitsโ
โ 3 โ Plumber-Cosmic-Anchor91 โ 24 โ 62.3 bitsโ
โโโโโโดโโโโโโโโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโโโดโโโโโโโโโโโ
- Passwords are never stored or logged
- Dictionary checks use SHA-256 hashes only
- Secure random number generator is used
- This tool is not a password manager
This project is licensed under the MIT License.