Category: Password Attacks

hashcat

hashcat v6.2.6 releases: advanced password recovery utility

hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux,...

bopscrk

bopscrk v2.4.5 releases: generate smart and powerful wordlists

Bopscrk Bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists. Included in BlackArch Linux pentesting distribution and Rawsec’s Cybersecurity Inventory since August 2019. The first idea was inspired by Cupp and Crunch. We could say that...

Office 365 password spraying

Spray365 v0.2.2 beta releases: password spraying tool

What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray365 different from the many other password spraying tools that are...

password spraying tool

spraycharles: Low and slow password spraying tool

spraycharles Low and slow password spraying tool, designed to spray on an interval over a long period of time. Associated blog post by @sprocket_ed covering NTLM over HTTP, Exchange Web Services, and spraycharles. Usage Config File It...

Go365

Go365 v2.0 releases: Office365 User Attack Tool

Go365 Go365 is a tool designed to perform user enumeration* and password guessing attacks on organizations that use Office365 (now/soon Microsoft365). Go365 uses a unique SOAP API endpoint on login.microsoftonline.com that most other tools...