Information Security
SharpHose is a C# password spraying tool designed to be fast, safe, and usable over Cobalt Strike’s execute-assembly. It provides a flexible way to interact with Active Directory using domain-joined and non-joined contexts, while...
PwnedPasswordsChecker PwnedPasswordsChecker is a tool that checks if the hash of a known password (in SHA1 or NTLM format) is present in the list of I Have Been Pwned leaks and the number of occurrences....
Pantagrule gargantuan hashcat rulesets generated from over 840 million passwords Pantagrule is a series of rules for the hashcat password cracker generated from large amounts of real-world password compromise data. While Pantagrule rule files can be...
hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux,...
THC-Hydra is a very fast (multi-threaded) network logon cracker which supports many different services: AFP, Cisco, cisco-enable, CVS, Firebird, ftp, http-get, http-head, http-proxy, https-get, https-head, https-form-get, https-form-post, ICQ, IMAP, IMAP-NTLM, ldap2, ldap3, MySQL, mysql,...
What is patator? It is a universal tool brute force, having on board a decent number of modules and the ability to fairly flexible settings. Patator is, as usual, a python script, management is made...
What is a CMS? A content management system (CMS) manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Functions...
LeakDB LeakDB is a toolset designed to allow organizations to build and deploy their own internal plaintext “Have I Been Pwned”-like service. The LeakDB toolset can normalize, deduplicate, index, sort, and search leaked data...
OWASP Nettacker project is created to automate information gathering, vulnerability scanning, and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP...
kerberoast Kerberos attack toolkit -pure python- Install pip3 install kerberoast Use For the impatient IMPORTANT: the accepted target url formats for LDAP and Kerberos are the following <ldap_connection_url> : <protocol>+<auth-type>://<domain>\<user>:<password>@<ip_or_hostname>/?<param1>=<value1> <kerberos_connection_url>: <protocol>+<auth-type>://<domain>\<user>:<password>@<ip_or_hostname>/?<param1>=<value1> Steps -with SSPI-: kerberoast auto...
Suggested Reading