pcfg_cracker This project uses machine learning to identify password creation habits of users. A PCFG model is generated by training on a list of disclosed plaintext/cracked passwords. In the context of this project, the...
XposedOrNot XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real-time passwords. The usage of such compromised passwords is detrimental to individual account security. What is Xposed...
Check-LocalAdminHash Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to determine if the provided credential is a local administrator. It’s useful...
BaseQuery Your private data is being traded and sold all over the internet as we speak. Tons of leaks come out on a daily basis which can make you feel powerless. The majority of...
What’s PAKURI Sometimes, penetration testers love to perform a complicated job. However, I always prefer the easy way. PAKURI is a semi-automated user-friendly penetration testing tool framework. You can run the popular pentest tools...
CrackQ Python 3 REST API & JS GUI for managing hashcat crack jobs in a queuing system. Install Requirements This tool has the following requirements: Drivers OpenCL drivers – these can be installed from...
NPK NPK is a distributed hash-cracking platform built entirely of serverless components in AWS including Cognito, DynamoDB, and S3. It was designed for easy deployment and the intuitive UI brings high-power hash-cracking to everyone....
ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack...
email2phonenumber email2phonenumber is an OSINT tool that allows you to obtain a target’s phone number just by having his email address. This tool helps automate discovering someone’s phone number by abusing password reset design...
passphrase-wordlist Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords People think they are getting smarter by using passphrases. Let’s prove them wrong! This project includes a massive wordlist of phrases...
Cracklord CrackLord is a system designed to provide a scalable, pluggable, and distributed system for both passwords cracking as well as any other jobs needing lots of computing resources. Better said, CrackLord is a...
m4ngl3m3 Common password pattern generator using strings list Install $ git clone https://github.com/localh0t/m4ngl3m3 $ cd m4ngl3m3 $ ./main.py Use –from-year (-fy), –to-year (-ty): Here we set where we want our script to start and end iterating over years....
Brutemap Brutemap is an open source penetration testing tool that automates testing accounts to the site’s login page, based on Dictionary Attack. With this, you no longer need to search for other bruteforce tools and you also...
Hashtopolis Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts:...
RDPassSpray RDPassSpary is a python tool to perform password spray attack in a Microsoft domain environment. ALWAYS VERIFY THE LOCKOUT POLICY TO PREVENT LOCKING USERS. Install git clone https://github.com/xFreed0m/RDPassSpray.git pip3 install -r requirements.txt apt-get...