{"id":50342686,"url":"https://github.com/adrianvillamayor/vaultsieve","last_synced_at":"2026-05-29T18:00:55.063Z","repository":{"id":357623939,"uuid":"1237590255","full_name":"AdrianVillamayor/VaultSieve","owner":"AdrianVillamayor","description":"A Python terminal assistant for auditing exported password vaults for duplicates, weak passwords, reuse, and optional breach exposure.","archived":false,"fork":false,"pushed_at":"2026-05-13T16:15:18.000Z","size":512,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-13T16:36:05.370Z","etag":null,"topics":["audit","breach-check","hibp","password","password-manager","privacy","python","security","security-tools","tui","vault"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AdrianVillamayor.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-05-13T10:18:42.000Z","updated_at":"2026-05-13T16:15:23.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/AdrianVillamayor/VaultSieve","commit_stats":null,"previous_names":["adrianvillamayor/vaultsieve"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/AdrianVillamayor/VaultSieve","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AdrianVillamayor%2FVaultSieve","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AdrianVillamayor%2FVaultSieve/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AdrianVillamayor%2FVaultSieve/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AdrianVillamayor%2FVaultSieve/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AdrianVillamayor","download_url":"https://codeload.github.com/AdrianVillamayor/VaultSieve/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AdrianVillamayor%2FVaultSieve/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33664259,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-29T02:00:06.066Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit","breach-check","hibp","password","password-manager","privacy","python","security","security-tools","tui","vault"],"created_at":"2026-05-29T18:00:52.859Z","updated_at":"2026-05-29T18:00:55.045Z","avatar_url":"https://github.com/AdrianVillamayor.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/logos/vaultsieve-wordmark.svg\" alt=\"VaultSieve\" width=\"360\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cstrong\u003eAudit your exported password vaults. Find duplicates, weak passwords, breached services, missing 2FA, and dead domains — then clean up.\u003c/strong\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/AdrianVillamayor/VaultSieve/actions\"\u003e\u003cimg src=\"https://github.com/AdrianVillamayor/VaultSieve/actions/workflows/test.yml/badge.svg\" alt=\"CI\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/AdrianVillamayor/VaultSieve/blob/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/github/license/AdrianVillamayor/VaultSieve\" alt=\"MIT License\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://www.python.org/\"\u003e\u003cimg src=\"https://img.shields.io/badge/python-3.11+-blue\" alt=\"Python 3.11+\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/AdrianVillamayor/VaultSieve/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/AdrianVillamayor/VaultSieve\" alt=\"Stars\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"#quick-start\"\u003eQuick Start\u003c/a\u003e \u0026middot;\n  \u003ca href=\"#features\"\u003eFeatures\u003c/a\u003e \u0026middot;\n  \u003ca href=\"#supported-formats\"\u003eFormats\u003c/a\u003e \u0026middot;\n  \u003ca href=\"#html-report\"\u003eReport Preview\u003c/a\u003e \u0026middot;\n  \u003ca href=\"#safety--privacy\"\u003ePrivacy\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n## HTML Report\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/screenshots/dark-report.png\" width=\"48%\" alt=\"HTML report — dark theme\"\u003e\n  \u003cimg src=\"assets/screenshots/light-report.png\" width=\"48%\" alt=\"HTML report — light theme\"\u003e\n\u003c/p\u003e\n\n## Features\n\n- **Interactive TUI** — arrow-key guided assistant by default, or direct CLI for automation\n- **10 analyzers** — duplicates, reused passwords, weak/empty passwords, insecure HTTP, domain concentration, plus optional HIBP password checks, known breached services, 2FA availability, and domain existence\n- **4 report formats** — terminal summary, TXT, JSON, and self-contained HTML with health score, severity chart, action board, and filterable findings table\n- **Dark and light themes** — HTML report follows system preference, toggleable, persisted\n- **Clean output** — generate a deduplicated/cleaned vault export without touching the original\n- **Passkey and SSH-key aware** — skips password-specific checks where they don't apply\n- **Privacy first** — all checks run locally; optional HIBP uses k-anonymity (only 5-char SHA-1 prefixes sent); no emails or usernames ever leave your machine\n- **Persistent config** — set defaults once via TUI or `vaultsieve config`, override per-run with CLI flags\n\n## Supported Formats\n\n| Manager | Formats | Notes |\n|---------|---------|-------|\n| **Bitwarden** | JSON | Login items (type 1), passkeys, TOTP |\n| **LastPass** | CSV | TOTP detection |\n| **Dashlane** | CSV, ZIP, JSON | ZIP extracts `credentials.csv`; `.dash` rejected with clear error |\n| **1Password** | CSV, 1PUX | Auto-detected by extension |\n| **KeePass / KeePassXC** | CSV, XML | Recycle Bin filtered; TOTP from custom fields |\n| **Keeper** | CSV, JSON | CSV auto-detects headers vs positional |\n| **RoboForm** | CSV | BOM-safe (`utf-8-sig`) |\n| **Generic CSV** | CSV | Needs `name`, `url`, `username`, `password` columns — works with Chrome, NordPass, Google Password Manager, Firefox, and others |\n\nAdding new importers is ~20 lines; see [`docs/adding-importers.md`](docs/adding-importers.md).\n\n## Quick Start\n\n**Install with pipx:**\n\n```bash\n$ pipx install git+https://github.com/AdrianVillamayor/VaultSieve.git\n$ vaultsieve\n```\n\n**Or via install script:**\n\n```bash\n$ curl -fsSL https://raw.githubusercontent.com/AdrianVillamayor/VaultSieve/main/install.sh | bash\n```\n\n**Development install:**\n\n```bash\n$ python3 -m venv .venv \u0026\u0026 .venv/bin/python -m pip install -e '.[dev]'\n$ ./vaultsieve\n```\n\nSee [`docs/install.md`](docs/install.md) for all install methods including Homebrew.\n\n## CLI\n\nRun without arguments to launch the interactive TUI:\n\n```bash\n$ vaultsieve\n```\n\nOr run audits directly:\n\n```bash\n$ vaultsieve audit vault.json --format bitwarden\n$ vaultsieve audit passwords.csv --format csv\n$ vaultsieve audit export.zip --format dashlane\n```\n\nFor Dashlane, 1Password, KeePass, and Keeper the file extension (`.csv`, `.json`, `.xml`, `.zip`, `.1pux`) picks the right parser automatically.\n\n### Optional Checks\n\nAll optional checks are off by default. Enable them per-run or set defaults with `vaultsieve config`:\n\n```bash\n$ vaultsieve audit vault.json --format bitwarden --check-breaches        # HIBP password check\n$ vaultsieve audit vault.json --format bitwarden --check-known-breaches  # breached services\n$ vaultsieve audit vault.json --format bitwarden --check-2fa             # missing TOTP\n$ vaultsieve audit vault.json --format bitwarden --check-domains         # dead domains\n```\n\n### Reports and Clean Output\n\n```bash\n$ vaultsieve audit vault.json --format bitwarden --report-dir reports\n$ vaultsieve audit vault.json --format bitwarden --clean-output clean.json --clean-mode all\n```\n\nClean modes: `duplicates` (default), `obsolete`, `all`.\n\n### Config\n\n```bash\n$ vaultsieve config list                          # show all settings\n$ vaultsieve config set check_2fa true            # enable by default\n$ vaultsieve config set output_formats html,json  # choose report formats\n$ vaultsieve config unset report_dir              # reset to default\n```\n\n## Safety \u0026 Privacy\n\n- Never modifies the original vault file\n- Reports never include plaintext passwords\n- HIBP password checks use k-anonymity — only 5-char SHA-1 prefixes sent, with padding\n- Known breach and 2FA checks download public catalogues and match locally\n- Domain checks use DNS only — no credentials sent\n- All optional network checks are disabled by default\n\nFull details in [`docs/privacy.md`](docs/privacy.md).\n\n## Tests\n\n```bash\n$ python3 -m pytest\n```\n\n## Contributing\n\nPull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.\n\nPlease make sure to update tests as appropriate.\n\n\n## License\n\n[MIT](LICENSE) — Adrián Villamayor\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadrianvillamayor%2Fvaultsieve","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadrianvillamayor%2Fvaultsieve","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadrianvillamayor%2Fvaultsieve/lists"}