ZapCreds is a recon tool that harvests credentials from Zapier.
Given a Zapier user, ZapCreds will scan every Zapier account the user has access to and will retrieve private connections owned by this user and shared connections the user has access to.
Disclaimer: these materials are presented from an attacker’s perspective with the goal of raising awareness to the risks of underestimating the security impact of No Code/Low Code. No Code/Low Code is awesome.
| account_name | app_name | app_icon | connection_created | connection_title | connection_owner |
|---|---|---|---|---|---|
| Marketing | Dropbox |  |
2021-06-06T10:54:52Z | Dropbox [email protected] | [email protected] |
| Marketing | Gmail |  |
2021-06-06T10:00:14Z | Gmail [email protected] | [email protected] |
| Marketing | Gmail | |
2021-06-06T07:53:42Z | Gmail [email protected] #2 | [email protected] |
| Marketing | Google Calendar |  |
2022-01-25T21:08:48Z | Google Calendar [email protected] | [email protected] |
| Marketing | Google Drive |  |
2022-01-26T11:10:41Z | Google Drive [email protected] | [email protected] |
| SalesOps | Google Sheets |  |
2022-02-20T09:20:15Z | Google Sheets [email protected] | [email protected] |
| SalesOps | OneNote |  |
2022-03-03T09:18:36Z | OneNote [email protected] #2 | [email protected] |
git clone https://github.com/mbrg/zapcreds
# use python>=3.6
python -m pip install .Command line
zapcreds --email [email protected] --password password -out found_creds.csvPython
import requests
from zapcreds.harvest import authenticate_session, get_credentials
session = requests.Session()
authenticate_session(session, "[email protected]", "password")
creds = get_credentials(session)
print(creds.columns)
# Index(['account_name', 'account_owner', 'app_name', 'app_version', 'app_icon', 'connection_created', 'connection_title', 'connection_description', 'connection_owner'],Pull requests and issues are always welcome.