SSH brute-forcer tool written in PHP.
08f9c868b0313146d0173f0cde17a330350b2b9cff9a1f9150365b03c1c13a7a
PACK (Password Analysis and Cracking Kit) is a toolkit that allows researchers to optimize their password cracking tasks, analyze previously cracked passwords, and implements a novel attack on corporate passwords using minimum password policy. The goal of this toolkit is to assist in automatic preparation for the "better than bruteforce" password attacks by analyzing common ways that people create passwords. After the analysis stage, the statistical database can be used to generate attack masks for common tools such as Hashcat, oclHashcat, and others.
aeac60e45a4d1bf191add36613a0e11f96afec1bb56b4a1a61e5c776e75f1ee9
S7 Password offline bruteforcing tool written in Python.
878839bd23896003334de59ea25bee609cb1e1ed6bc559a6d7ff2fd0ba72c3a3
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
adfe253428416ece9257957cb21e606d178dc448da92c137783f0162160a0f6b
Hashkill is an opensource hash cracker for Linux that uses OpenSSL. Currently it supports 4 attack methods (dictionary, bruteforce, hybrid) and has 31 plugins for different types of hashes (md5, sha1, phpbb3, mysql, md5 (unix), des(unix), sha(unix), vbulletin, smf, etc). It is multithreaded and supports session save/restore.
e90e0c15bfdb083b5bec4b1082999d86fa5b858af385821f83bd38cfaadf6c77
MODx versions 1.0.6 and below suffer from brute force and path disclosure vulnerabilities.
3fcdf4269d467ee8f82d84c5299a488fa4bfb70f46049f9d3f6361fd6aa59922
Wisecracker is an open source high performance distributed cryptanalysis framework that leverages GPUs and multiple CPUs. It allows security researchers to write their own cryptanalysis tools that can distribute brute-force cryptanalysis work across multiple systems with multiple multi-core processors and GPUs. Security researchers can also use the sample tools provided out-of-the-box. The differentiating aspect of Wisecracker is that it uses OpenCL and MPI together to distribute the work across multiple systems, each having multiple CPUs and/or GPUs.
2d665503012b9624c671aa3baf865d92c5661427873b0007104aa8506cab66e7
This is a basic DNS brute forcing utility that takes in a dictionary file. Requires pyDNS and is written in Python.
ccf4b13bb77e7f6b233b15740f62935577f5ebfd78e85d18af69b9638e2a194d
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. When Medusa, Hydra or other brute-force tools fail to do what you want, Patator might be what you need.
af7aed50ba0db1d2e932d9edecb1b2945e675ea8e1fcb27da48273b00db8c1f0
Janissaries Wordpress brute forcing utility written in PHP.
57c6451b85bfa914e3e4472c5bd179bb31af4039fea140cee01ca387435c0272
Hashkill is an opensource hash cracker for Linux that uses OpenSSL. Currently it supports 4 attack methods (dictionary, bruteforce, hybrid) and has 31 plugins for different types of hashes (md5, sha1, phpbb3, mysql, md5 (unix), des(unix), sha(unix), vbulletin, smf, etc). It is multithreaded and supports session save/restore.
5f6ccb96277ad049c3765c9cc331fb0821255d47d81991d24fc14bed83bbfa75
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.
f3dbedbacea4d87f5724cc8f99f635729c37d88cbfdcae91a5e310ee3973e8a9
This was submitted anonymously as a Palestine wordlist for cracking purposes. It has proper names of middle eastern figures, cities, and more.
29e4632ecf61c4e7013b0a1252e46f45e85b190d38482d5cd6b7b5b89269f5e1
This is a php script that takes a list of sites and password possibilities and runs as a cracker against Joomla administrative panels.
974b9077b4f38d6b7f57f47c692af49a1e15451c3a0e96836e451c9e45bcb875
Chapcrack is a tool for parsing MS-CHAPv2 handshakes, which can then be submitted to CloudCracker for cracking.
ff9720e841128269952f9459353d4052432bb7c937b940b8ed65d9d9451495f5
This cracker was created to brute force master passwords for the Password Safe tool at http://passwordsafe.sourceforge.net/.
9240452d901cbdc70840e61553e42a2cb50559acbc476a049ea72583be9c28e1
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
14805ba70f3f22beb00344db161a1a84d61059655f2be37dd02a5c5cceae306d
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.
27456073b0c2eda16714f4bf64a9731ba7dd9750bab5ee7ad4ba632ee2a6779c
This is a php script called Private Cpanel Cracker. It takes in a site list and a word list.
9010f814de78bf1a146d22d4d389da8a9ffa95ac443a2a0ba005711f250c5e96
Quarks PwDump is a native Win32 tool to extract credentials from Windows operating systems. It currently extracts local accounts NT/LM hashes and history, domain accounts NT/LM hashes and history, cached domain password, and Bitlocker recovery information.
2eacce746014f5b388071f4ac9185d0040e4e0b9d6ad96eadfdb72d65f73e252
This is a simple python script for cracking MySQL MD5 passwords.
2eabc6d50aa0308a12f9f621132d81ab8133f46b0854377425c4d9b0bac9f450
oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. 32-bit version.
619a15cfcb80ab0c595c05dd9771cef8edb986716110df6007e589fb9313db05
oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. 64-bit version.
216e918ae767ffdc89f9582d7d8b22672195a20158c9d05a9d674edb52ea5325
SHA-1 MySQL database brute forcing utility. Written in Python.
0068129733662bae54b4b7a0b553891a45edd277617355e6aec8c7aae793b8ad
This is a simple bash script for bruteforcing WordPress.
a04595fb1fae7483302800dc402320dae1656bd040d010c93927bb2d7e92208a