Bopscrk Bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists. Included in BlackArch Linux pentesting distribution and Rawsec’s Cybersecurity Inventory since August 2019. The first idea was inspired by Cupp and Crunch. We could say that...
What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray365 different from the many other password spraying tools that are...
spraycharles Low and slow password spraying tool, designed to spray on an interval over a long period of time. Associated blog post by @sprocket_ed covering NTLM over HTTP, Exchange Web Services, and spraycharles. Usage Config File It...
msprobe Finding all things on-prem Microsoft for password spraying and enumeration. The tool will use a list of common subdomains associated with your target apex domain to attempt to discover valid instances of on-prem...
Hashview is a tool for security professionals to help organize and automate the repetitious tasks related to password cracking. Hashview is a web application that manages hashcat (https://hashcat.net) commands. Hashview strives to bring consistency...
Go365 Go365 is a tool designed to perform user enumeration* and password guessing attacks on organizations that use Office365 (now/soon Microsoft365). Go365 uses a unique SOAP API endpoint on login.microsoftonline.com that most other tools...
OrbitalDump A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the –proxies switch, it acts just like any other multi-threaded SSH brute-forcing script. When the...
SSOh-No This tool is designed to enumerate users, password spray, and perform brute force attacks against any organisation that utilises Azure AD or O365. Generally, this endpoint provides extremely verbose errors which can be...
authoscope authoscope is a scriptable network authentication cracker. While the space for common service bruteforce is already very well saturated, you may still end up writing your own python scripts when testing credentials for web applications....
pdfrip pdfrip is a fast multithreaded PDF password cracking utility written in Rust with support for wordlist-based dictionary attacks, date and number range bruteforcing, and a custom query builder for password formats. Features Fast: Performs...
