Day 17: Looking for Credit Cards in Files

Sometimes you’re on a pentest and they want to know if credit cards are stored anywhere from payment system activity, in that case, you need some help to get through all the files or network traffic you may see on a global production network. Fear not, python to the rescue.

I build this regex list after many pentests of PCI/DSS environments through findings, if anyone has any suggestions or card filters to add, let me know. You can TCPDump and run parsed pcap through this or just enum entire file system.