acccheck |
0.2.1 |
A password dictionary attack tool that targets windows authentication via the SMB protocol. |
|
adfspray |
6.3d7745d |
Python3 tool to perform password spraying against Microsoft Online service using various methods. |
|
aesfix |
1.0.1 |
A tool to find AES key in RAM. |
|
aeskeyfind |
1.0 |
A tool to find AES key in RAM. |
|
against |
0.2 |
A very fast ssh attacking script which includes a multithreaded port scanning module (tcp connect) for discovering possible targets and a multithreaded brute-forcing module which attacks parallel all discovered hosts or given ip addresses from a list. |
|
ares |
v0.10.0.r72.gff0af1c |
Automated decoding of encrypted text without knowing the key or ciphers used. |
|
asleap |
2.2 |
Actively recover LEAP/PPTP passwords. |
|
beleth |
36.0963699 |
A Multi-threaded Dictionary based SSH cracker. |
|
bgp-md5crack |
0.1 |
RFC2385 password cracker |
|
bios_memimage |
1.2 |
A tool to dump RAM contents to disk (aka cold boot attack). |
|
bkcrack |
v1.7.0.r8.g834278a |
Crack legacy zip encryption with Biham and Kocher known plaintext attack. |
|
bkhive |
1.1.1 |
Program for dumping the syskey bootkey from a Windows NT/2K/XP system hive. |
|
blackhash |
0.2 |
Creates a filter from system hashes. |
|
bob-the-butcher |
0.7.1 |
A distributed password cracker package. |
|
brute-force |
52.78d1d8e |
Brute-Force attack tool for Gmail Hotmail Twitter Facebook Netflix. |
|
bruteforce-luks |
54.788d637 |
Try to find the password of a LUKS encrypted volume. |
|
bruteforce-salted-openssl |
64.30b272e |
Try to find the password of a file that was encrypted with the 'openssl' command. |
|
bruteforce-wallet |
43.648d7d7 |
Try to find the password of an encrypted Peercoin (or Bitcoin,Litecoin, etc...) wallet file. |
|
brutessh |
0.6 |
A simple sshd password bruteforcer using a wordlist, it's very fast for internal networks. It's multithreads. |
|
chapcrack |
17.ae2827f |
A tool for parsing and decrypting MS-CHAPv2 network handshakes. |
|
cintruder |
14.f8a3f12 |
An automatic pentesting tool to bypass captchas. |
|
cisco-auditing-tool |
1 |
Perl script which scans cisco routers for common vulnerabilities. Checks for default passwords, easily guessable community names, and the IOS history bug. Includes support for plugins and scanning multiple hosts. |
|
cisco-ocs |
0.2 |
Cisco Router Default Password Scanner. |
|
cisco-scanner |
0.2 |
Multithreaded Cisco HTTP vulnerability scanner. Tested on Linux, OpenBSD and Solaris. |
|
cisco5crack |
2.c4b228c |
Crypt and decrypt the cisco enable 5 passwords. |
|
cisco7crack |
2.f1c21dd |
Crypt and decrypt the cisco enable 7 passwords. |
|
cmospwd |
5.1 |
Decrypts password stored in CMOS used to access BIOS setup. |
|
compp |
1.0.5 |
Company Passwords Profiler helps making a bruteforce wordlist for a targeted company. |
|
crackhor |
2.ae7d83f |
A Password cracking utility. |
|
crackle |
111.d83b4b6 |
Crack and decrypt BLE encryption. |
|
crackpkcs12 |
0.2.10.11.c7dedb1 |
A multithreaded program to crack PKCS#12 files (p12 and pfx extensions). |
|
crackq |
48.89b7318 |
Hashcrack.org GPU-accelerated password cracker. |
|
crackserver |
33.e5763ab |
An XMLRPC server for password cracking. |
|
creddump |
3.ed95e1a |
A python tool to extract various credentials and secrets from Windows registry hives. |
|
credmaster |
205.b3c2a5b |
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling. |
|
crowbar |
v4.2.r1.g4b563dc |
Brute forcing tool that can be used during penetration tests. |
|
cryptohazemultiforcer |
1.31a |
High performance multihash brute forcer with CUDA support. |
|
cudahashcat |
2.01 |
Worlds fastest WPA cracker with dictionary mutation engine. |
|
cupp |
77.56547fd |
Common User Password Profiler |
|
dbpwaudit |
0.8 |
A Java tool that allows you to perform online audits of password quality for several database engines. |
|
depant |
0.3a |
Check network for services with default passwords. |
|
device-pharmer |
40.b06a460 |
Opens 1K+ IPs or Shodan search results and attempts to login. |
|
doozer |
9.5cfc8f8 |
A Password cracking utility. |
|
dpeparser |
beta002 |
Default password enumeration project |
|
eapmd5pass |
3.3d5551f |
An implementation of an offline dictionary attack against the EAP-MD5 protocol. |
|
enabler |
1 |
Attempts to find the enable password on a cisco system via brute force. |
|
evilize |
0.2 |
Tool to create MD5 colliding binaries. |
|
evilmaid |
1.01 |
TrueCrypt loader backdoor to sniff volume password |
|
f-scrack |
19.9a00357 |
A single file bruteforcer supports multi-protocol. |
|
facebrute |
7.ece355b |
This script tries to guess passwords for a given facebook account using a list of passwords (dictionary). |
|
fang |
22.4f94552 |
A multi service threaded MD5 cracker. |
|
flask-unsign |
v1.2.0.r2.ge934573 |
Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys. |
|
ftp-scanner |
0.2.5 |
Multithreaded ftp scanner/brute forcer. Tested on Linux, OpenBSD and Solaris. |
|
gomapenum |
v1.1.0.r110.g8b344df |
User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin. |
|
gpocrack |
3.cf63c86 |
Active Directory Group Policy Preferences cpassword cracker/decrypter. |
|
hasher |
48.40173c5 |
A tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally. |
|
hashtag |
0.41 |
A python script written to parse and identify password hashes. |
|
hostbox-ssh |
0.1.1 |
A ssh password/account scanner. |
|
htpwdscan |
23.e995d6f |
A python HTTP weak pass scanner. |
|
ibrute |
12.3a6a11e |
An AppleID password bruteforce tool. It uses Find My Iphone service API, where bruteforce protection was not implemented. |
|
icloudbrutter |
15.1f64f19 |
Tool for AppleID Bruteforce. |
|
iheartxor |
0.01 |
A tool for bruteforcing encoded strings within a boundary defined by a regular expression. It will bruteforce the key value range of 0x1 through 0x255. |
|
iisbruteforcer |
15 |
HTTP authentication cracker. It's a tool that launchs an online dictionary attack to test for weak or simple passwords against protected areas on an IIS Web server. |
|
ikecrack |
1.00 |
An IKE/IPSec crack tool designed to perform Pre-Shared-Key analysis of RFC compliant aggressive mode authentication |
|
ikeforce |
30.575af15 |
A command line IPSEC VPN brute forcing tool for Linux that allows group name/ID enumeration and XAUTH brute forcing capabilities. |
|
inguma |
0.1.1 |
A free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler. |
|
instashell |
44.8f867bd |
Multi-threaded Instagram Brute Forcer without password limit. |
|
ipmipwn |
6.74a08a8 |
IPMI cipher 0 attack tool. |
|
jbrute |
0.99 |
Open Source Security tool to audit hashed passwords. |
|
jeangrey |
43.9bf3cf4 |
A tool to perform differential fault analysis attacks (DFA). |
|
johnny |
20120424 |
GUI for John the Ripper. |
|
jwt-cracker |
23.8130879 |
JWT brute force cracker written in C. |
|
jwt-tool |
73.e4f380f |
Toolkit for validating, forging and cracking JWTs (JSON Web Tokens). |
|
jwtcat |
77.f80f3d9 |
Script performs offline brute-force attacks against JSON Web Token (JWT) |
|
keimpx |
300.37190f4 |
Tool to verify the usefulness of credentials across a network over SMB. |
|
kerbrute |
90.9cfb81e |
A tool to perform Kerberos pre-auth bruteforcing. |
|
khc |
0.2 |
A small tool designed to recover hashed known_hosts fiels back to their plain-text equivalents. |
|
ldap-brute |
21.acc06e3 |
A semi fast tool to bruteforce values of LDAP injections over HTTP. |
|
levye |
84.5406303 |
A brute force tool which is support sshkey, vnckey, rdp, openvpn. |
|
lodowep |
1.2.1 |
Lodowep is a tool for analyzing password strength of accounts on a Lotus Domino webserver system. |
|
mdcrack |
1.2 |
MD4/MD5/NTLM1 hash cracker |
|
mkbrutus |
27.ddd5f8e |
Password bruteforcer for MikroTik devices or boxes running RouterOS. |
|
morxbook |
1.0 |
A password cracking tool written in perl to perform a dictionary-based attack on a specific Facebook user through HTTPS. |
|
morxbrute |
1.01 |
A customizable HTTP dictionary-based password cracking tool written in Perl. |
|
morxbtcrack |
1.0 |
Single Bitcoin private key cracking tool released. |
|
morxcoinpwn |
1.0 |
Mass Bitcoin private keys brute forcing/Take over tool released. |
|
morxcrack |
1.2 |
A cracking tool written in Perl to perform a dictionary-based attack on various hashing algorithm and CMS salted-passwords. |
|
mybff |
98.094d443 |
A Brute Force Framework. |
|
o365enum |
19.522a54c |
Username enumeration and password enuming tool aimed at Microsoft O365. |
|
o365spray |
160.28d8d1b |
Username enumeration and password spraying tool aimed at Microsoft O365. |
|
obevilion |
409.29fbe9d |
Another archive cracker created in python, cracking [zip/7z/rar]. |
|
oclhashcat |
2.01 |
Worlds fastest WPA cracker with dictionary mutation engine. |
|
omen |
19.10aa99e |
Ordered Markov ENumerator - Password Guesser. |
|
onesixtyone |
0.7 |
An SNMP scanner that sends multiple SNMP requests to multiple IP addresses |
|
outlook-webapp-brute |
1.61d7177 |
Microsoft Outlook WebAPP Brute. |
|
owabf |
1.3 |
Outlook Web Access bruteforcer tool. |
|
pack |
0.0.4 |
Password Analysis and Cracking Kit |
|
passcracking |
20131214 |
A little python script for sending hashes to passcracking.com and milw0rm |
|
passe-partout |
0.1 |
Tool to extract RSA and DSA private keys from any process linked with OpenSSL. The target memory is scanned to lookup specific OpenSSL patterns. |
|
passgan |
38.5927158 |
A Deep Learning Approach for Password Guessing. |
|
patator |
229.78d6aa3 |
A multi-purpose bruteforcer. |
|
pdgmail |
1.0 |
A password dictionary attack tool that targets windows authentication via the SMB protocol. |
|
pemcrack |
12.66e02b8 |
Cracks SSL PEM files that hold encrypted private keys. Brute forces or dictionary cracks. |
|
pemcracker |
9.a741c93 |
Tool to crack encrypted PEM files. |
|
phoss |
0.1.13 |
Sniffer designed to find HTTP, FTP, LDAP, Telnet, IMAP4, VNC and POP3 logins. |
|
php-mt-seed |
4.0 |
PHP mt_rand() seed cracker. |
|
php-rfi-payload-decoder |
30.bd42caa |
Decode and analyze RFI payloads developed in PHP. |
|
phrasendrescher |
1.2.2c |
A modular and multi processing pass phrase cracking tool. |
|
pipal |
3.4.0.r9.g392f0aa |
A password analyser. |
|
pipeline |
19.f4935c9 |
Designed to aid in targeted brute force password cracking attacks. |
|
pkcrack |
1.2.2 |
A PkZip encryption cracker. |
|
pwcrack |
368.b6fba8a |
Password hash automatic cracking framework. |
|
pybozocrack |
87.ceb0cd9 |
A silly & effective MD5 cracker in Python. |
|
pyrit |
0.5.0 |
The famous WPA precomputed cracker. |
|
rainbowcrack |
1.8 |
Password cracker based on the faster time-memory trade-off. With MySQL and Cisco PIX Algorithm patches. |
|
rcracki-mt |
0.7.0 |
A tool to perform rainbow table attacks on password hashes. It is intended for indexed/perfected rainbow tables, mainly generated by the distributed project www.freerainbowtables.com |
|
rdesktop-brute |
1.5.0 |
It connects to windows terminal servers - Bruteforce patch included. |
|
rdpassspray |
33.c1ba58e |
Python3 tool to perform password spraying using RDP. |
|
rfcrack |
103.cc20093 |
A Software Defined Radio Attack Tool. |
|
ridenum |
75.9e3b89b |
A null session RID cycle attack for brute forcing domain controllers. |
|
rlogin-scanner |
0.2 |
Multithreaded rlogin scanner. Tested on Linux, OpenBSD and Solaris. |
|
rootbrute |
0.1 |
Local root account bruteforcer. |
|
rpdscan |
2.a71b0f3 |
Remmina Password Decoder and scanner. |
|
rsakeyfind |
1.0 |
A tool to find RSA key in RAM. |
|
samdump2 |
3.0.0 |
Dump password hashes from a Windows NT/2k/XP installation |
|
samydeluxe |
2.2ed1bac |
Automatic samdump creation script. |
|
shreder |
115.a108575 |
A powerful multi-threaded SSH protocol password bruteforce tool. |
|
sidguesser |
1.0.5 |
Guesses sids/instances against an Oracle database according to a predefined dictionary file. |
|
sipcrack |
0.2 |
A SIP protocol login cracker. |
|
skul |
27.7bd83f1 |
A PoC to bruteforce the Cryptsetup implementation of Linux Unified Key Setup (LUKS). |
|
smbbf |
0.9.1 |
SMB password bruteforcer. |
|
snmp-brute |
19.830bb0a |
SNMP brute force, enumeration, CISCO config downloader and password cracking script. |
|
speedpwn |
8.3dd2793 |
An active WPA/2 Bruteforcer, original created to prove weak standard key generation in different ISP labeled routers without a client is connected. |
|
spray365 |
42.58fd193 |
Makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. |
|
spraycharles |
227.a93a388 |
Low and slow password spraying tool, designed to spray on an interval over a long period of time. |
|
sqlpat |
1.0.1 |
This tool should be used to audit the strength of Microsoft SQL Server passwords offline. |
|
ssh-privkey-crack |
0.4 |
A SSH private key cracker. |
|
sshatter |
1.2 |
Password bruteforcer for SSH. |
|
sshprank |
1.4.2 |
A fast SSH mass-scanner, login cracker and banner grabber tool using the python-masscan and shodan module. |
|
sshscan |
1.0 |
A horizontal SSH scanner that scans large swaths of IPv4 space for a single SSH user and pass. |
|
sshtrix |
0.0.3 |
A very fast multithreaded SSH login cracker. |
|
sslnuke |
5.c5faeaa |
Transparent proxy that decrypts SSL traffic and prints out IRC messages. |
|
sucrack |
1.2.3 |
A multi-threaded Linux/UNIX tool for brute-force cracking local user accounts via su. |
|
talon |
v3.1.r1.g8acc175 |
A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment. |
|
tftp-bruteforce |
0.1 |
A fast TFTP filename bruteforcer written in perl. |
|
thc-keyfinder |
1.0 |
Finds crypto keys, encrypted data and compressed data in files by analyzing the entropy of parts of the file. |
|
thc-pptp-bruter |
0.1.4 |
A brute force program that works against pptp vpn endpoints (tcp port 1723). |
|
thc-smartbrute |
1.0 |
This tool finds undocumented and secret commands implemented in a smartcard. |
|
timeverter |
83.24b715e |
Bruteforce time-based tokens and to convert several time domains. |
|
trevorspray |
2.3.0 |
A modular password sprayer with threading, clever proxying, loot modules, and more! |
|
truecrack |
35 |
Password cracking for truecrypt(c) volumes. |
|
tweetshell |
21.47a415c |
Multi-thread Twitter BruteForcer in Shell Script. |
|
ufo-wardriving |
4 |
Allows you to test the security of wireless networks by detecting their passwords based on the router model. |
|
vnc-bypauth |
0.0.1 |
Multi-threaded bypass authentication scanner for VNC smaller than v4.1.1 servers. |
|
vncrack |
1.21 |
What it looks like: crack VNC. |
|
wmat |
0.1 |
Automatic tool for testing webmail accounts. |
|
wordbrutepress |
30.5165648 |
Python script that performs brute forcing against WordPress installs using a wordlist. |
|
wpbf |
7.11b6ac1 |
Multithreaded WordPress brute forcer. |
|
wpbrute-rpc |
3.e7d8145 |
Tool for amplified bruteforce attacks on wordpress based website via xmlrcp API. |
|
wyd |
0.2 |
Gets keywords from personal files. IT security/forensic tool. |
|
zulu |
0.1 |
A light weight 802.11 wireless frame generation tool to enable fast and easy debugging and probing of 802.11 networks. |
|