kerbrute: perform kerberos bruteforcing
kerbrute A script to perform Kerberos bruteforcing by using the Impacket library. When is executed, as input it receives a user or list of users and a password or list of passwords. Then is...
Category: Password Attacks
enumdb v2.2 released: MySQL and MSSQL brute force and post exploitation tool
Enumdb is a brute force and post-exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each targeted host looking for valid credentials. By default,...
brutespray v1.6.8 released: Brute-Forcing from Nmap output
BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. It can even find non-standard ports by using the -sV inside Nmap. Supported Services ssh ftp telnet vnc mssql mysql...
PAKURI v1.1.1 releases: Penetration test Achieve Knowledge Unite Rapid Interface
What’s PAKURI Sometimes, penetration testers love to perform a complicated job. However, I always prefer the easy way. PAKURI is a semi-automated user-friendly penetration testing tool framework. You can run the popular pentest tools...
OWASP D4N155 v1.3 releases: Intelligent and dynamic wordlist using OSINT
OWASP D4N155 OWASP Tool Project D4N155The project uses OSINT for a dynamic and smart attack of brute force, using a complex operation and get the word list using expressions find. KEY FEATURES Make smart...
MSOLSpray: password spraying tool for Microsoft Online accounts
MSOLSpray A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid if MFA is enabled on the account if a tenant doesn’t exist if a user...
ssh-auditor v0.16 releases: scan for weak ssh passwords
SSH Auditor The best way to scan for weak ssh passwords on your network Features ssh-auditor will automatically: Re-check all known hosts as new credentials are added. It will only check the new credentials....
hashtopolis v0.12 released: A Hashcat wrapper for distributed hashcracking
Hashtopolis Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts:...
BruteX v2.1 releases: Automatically brute force all services running on a target
BruteX is a shell script and automates the process of analyzing one or many targets. BruteX include Nmap,Hydra & DNS enum. Nmap scan opens ports and defines running on the target server service. Thereafter,...
credcheck: Credentials Checking Framework
CredCheck - A credential Pentesting framework A framework to test all kinds of Credentials found during Pen-testing exercise. I had a lot of keys while testing multiple targets, testing them is a tedious task. There are...
