Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).
72561acd14c84ecec909167d27343a8b27a65938523aafc053e663e0b06674fe
Slowbrute is a slow SSH brute-forcing utility written in Python. Paramiko must be installed and if Tor is being leveraged in order to anonymize the scan, run it at 127.0.0.1:9050.
246f2736f830b35ba9fbd27adbf3c1c10ecc3d92b86bd6fedfac43078b095acb
phpMyAdmin versions 3.3.9 and below suffers from brute force and path disclosure vulnerabilities.
57dff876815eb07a5a14b2a29cab989fa9f079aa94371b1d74b85134fb0f35f5
oclHashcat GPU hash cracking utility that has multi-GPU and multi-hash support. It supports dictionary-based and mask-attacks for hybrid cracking. Linux and Windows binaries are included.
19077748589c65f302bf68f488ac33ab55f6f1f62053087de4a1e3bbb3b370ce
oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. Linux and Windows binaries are included.
196a49145a9a65032b5a225b6d7fe9397b32670c984be1fa6e801a298e9d301d
Hashcat is a CPU hash cracking tool that supports multi-hash functionality and is multi-threaded. Linux and Windows binaries are included.
b12331b96592de8246e7b870d155e03f55fef7b9dd344dee58df68bc26a54e43
Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).
3f9b7c4d196350b048d7f52fe2d43932e987b746c07dcb0b6675f382015c25c1
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.
2bbc034089dceb05f7284a0f997225b240d96b085ef8b399eb2d4b6aefb348d9
Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).
f8937e68a9bd2310ef51ada559931442d443ed81fddcd3ca5b33dd8e43a602da
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.
4b8b8f3ddb904ec93ed94335cbe1267ec509403e9c22467167e18259f7d7202a
ssh2ftpcrack is a simple FTP and SSH dictionary brute force cracking tool written in Perl.
117bb96f36c8247626e9110c63097fe81c130b235dee0c2bec0d4bd579495eb1
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
85fbcf53bc7d8ae99a8bd31dd09810abd9cf9397679a94aea52cd1b1c8e06ac0
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
c0d473c29d57fe44c5dd301b3161fdf853b3bbac57c099acf47cffb4d2707e64
Huawei HG520 and HG530 routers are vulnerable to weak cipher attacks. It is possible to generate the default WEP/WPA key from the MAC address. This python code demonstrates the issue.
c5c634174c47951bb956edb6dd96f6515e4a2e857387c1b589cc81559cfed7b3
ProxBrute is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 465) to support brute force attacks against proximity card access control systems. This version of ProxBrute requires the knowledge of a [once] valid tag value to vertically or horizontally escalate the tag's privileges.
a155a9dd000312c20ecbe6ca6bab1bc991183e9dea73578a76754b148ab1332a
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
66023f94460abe76e76c1c6b187d44e82bafafb4c517314261bbd34429f913a7
BlueBerry is a tool written in java that can be used to decrypt BlackBerry Administration Service passwords.
02b7b2bb7cbc5ac3d61fd4b60523949d0abf0119c799d18becadc5ee8b085ed4
This is a simple shellscript to bruteforce attack Fritz!Box.
b875368cd36b21097b1848e3b3f86cc8df00b3170437851f7c9786e9279d84ef
This shell script takes in a md5 sum and uses various online cracking resources to try and figure out what was hashed.
b4bde0e95d3672d6aed81e49a5aa2f7653d49d7b9b0fce5ca6c48c4dddb8ae3b
Hashkill is an opensource hash cracker for Linux that uses OpenSSL. Currently it supports 4 attack methods (dictionary, bruteforce, hybrid) and has 31 plugins for different types of hashes (md5, sha1, phpbb3, mysql, md5 (unix), des(unix), sha(unix), vbulletin, smf, etc). It is multithreaded and supports session save/restore.
c741c725023bcd6a30ae4767ea8e5d24f206168aa28aa6f3a452d350ceca979b
Void SSH is a python script that performs multithreaded bruteforcing.
4b537bed529692e7a377f1559b3cb1255c25773329e525eaeda49f0a6e0e97d7
WordPress bruteforcing utility written in Python.
a2034c763500e62ae673b23d3340fe7b390d6fb4594623e33a4d8d8ef4f850c7
This is a simple Facebook bruteforcing script that makes use of the Python Mechanize module and a wordlist.
0ca36c97c9d96b5b5bc5d03574a420ab3e18f9fd869d9167d4517662c938c229
Hashkill is an opensource hash cracker for Linux that uses OpenSSL. Currently it supports 3 attack methods (dictionary, bruteforce, hybrid) and has 16 plugins for different types of hashes (md5, sha1, phpbb3, mysql, md5 (unix), des(unix), sha(unix), vbulletin, smf, etc). It is multithreaded and supports session save/restore.
4286e56faccb2d2d1fbc57e5e2a094739c85fc3f1261733ebd5c8e38a1394d3a
Gridsphere - gridportlet remote user enumeration exploit.
249ca5e05eb4aeec67fecb5c368d2622bf8a2f1922a1270945505790462ad293