Patator was written out of frustration from using Hydra, Medusa, Ncrack, Metasploit modules and Nmap NSE scripts for password guessing attacks. I opted for a different approach in order to not create yet another brute-forcing tool and avoid repeating the same shortcomings. Patator is a multi-threaded tool written in Python, that strives to be more reliable and flexible than his fellow predecessors. The name "Patator" comes from this.
pentest brute-forcemacOS keychain cracking tool. I wrote this software in order to help relatives of a deceased friend to recover data from his computer. Please enjoy it responsibly, and please do not hack/harm people.
keychain crack password cracking hacking brute-force wordlist securityThis software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use. Donations are welcome. This will help fascilitate improved features, frequent updates and better overall support for sniper.
brute-force bruteforce bruteforcing bruteforce-attacks brute hackingA powerful and useful hacker dictionary builder for a brute-force attack
password-generator wordlist-generator social-engineering-attacks password-dictionaries password-wordlist bruteforce-attacks brute-force blasting pentesting pentest hackertools password-cracker hacking-tool hacking wordlist weak-passwords bruteforce bruteforce-password-cracker bruteBasic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Note: this module does not share state with other processes/servers by default. If you need a more robust solution, I recommend using an addon store or trying out one of the excelent competing options.
express-rate-limit express rate limit ratelimit rate-limit middleware ip auth authorization security brute force bruteforce brute-force attackI've always been a big proponent of a tactical approach to penetration testing that does not focus on exploiting known software vulnerabilities, but relies on old school techniques such as information gathering and brute force. While being able to appreciate the occasional usefulness of a well-timed 0day, as a veteran penetration tester I favor an exploit-less approach. Tactical exploitation provides a smoother and more reliable way of compromising targets by leveraging process vulnerabilities, while minimizing attack detection and other undesired side effects. This repository aims to provide a tactical exploitation toolkit to assist penetration testers during their assignments. The tools currently released are described below. See also http://www.0xdeadbeef.info/ for some older tools and techniques.
penetration-testing active-directory information-gathering brute-force metasploit-frameworkBlazy is a modern login page bruteforcer.
brute-force bruteforce csrf clickjacking scanner cloudflare waf detector sql-injectionForce plot is a user friendly graphing calculator which uses brute-force computing. It can plot difficult equations that many popular programs cannot plot.
brute-force calculator graph graphing plotHash cracker written in managed code.
brute-force cracking cryptography hash parallel password-recoveryThis is a Silverlight 4 interactive Sudoku game, full source included.
brute-force game puzzle silverlight-4 silverlight-sudokuThis Java project is a rough example of how to develop a brute force validation algorithm to make your computer look like "making guesses". It will take the role of a MasterMind player trying to solve the puzzle set by you.
brute-force master-mind mastermind solverSetback is a card game popular in New England. This project uses a combination of brute force and Monte Carlo methods to play Setback. This is an experimental approach to playing cards and other games where incomplete information is available.
brute-force card cards console game monte-carloA Password dictionaries. Fork the project on Github.
duyetdev password-dictionaries seclists password brute-force bruteforce brute-force-attacksCastle adds real-time monitoring of your authentication stack, instantly notifying you and your users on potential account hijacks.Load and configure the library with your Castle API secret in an initializer or similar.
castle sdk login brute-force api authentication passwordmacOS FileVault cracking tool. I wrote this software in order to help relatives of a deceased friend to recover data from his computer. Please enjoy it responsibly, and please do not hack/harm people.
filevault corestorage crack password cracking hacking brute-force wordlist securityThis package aim to provide secure, well configured and ready to use password hashing algorithms for your application.Currently the most vetted hashing algorithm providing most security is BCrypt. PBKDF2 isn't bad either, but if you can use BCrypt you should.
credential nodejs hash-functions security brute-force timing-attacks rainbow-table credential-plus password passwords hashing verification hash-function hash auth authorization authentication login sign-in salt rainbow brute attack stretching timining-attack pbkdf pbkdf2 bcrypt scrypt argon2An experimental distributed JWT token cracker built using Node.js and ZeroMQ. It can be used to discover the password (or "secret") of an unencrypted JWT token using a HS256 signature. Requires ZeroMq libraries to be already installed in your machine.
cracking-jwt-tokens jwt zeromq cracker node-tutorial distributed distributed-systems nodejs node tutorial article brute-force bruteforce brute-force-attacks token password hs256 secret breakExperimental JavaScript module to generate all possible variations of strings over an alphabet using an n-ary virtual tree. Generally useful to create distributed brute-force password recovery tools or other software that might require distributed generation of all possible strings on a given alphabet.
alphabet tree algorithm virtual characters nodejs node library variations duplicates strings string javascript-library variation variants generator generation brute-force cracker n-arySimple HS256 JWT token brute force cracker. Effective only to crack JWT tokens with weak secrets. Recommendation: Use strong long secrets or RS256 tokens.
jwt jwt-cracker secrets alphabet cracker brute-force bruteforce brute-force-attacks nodejs command-line commandIt tries to be more efficient by parallelizing the work performed on different character sets. For example, if the character set abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ is selected then one worker will work with abcdefghijklmnopqrstuvwxyz, another worker will work with ABCDEFGHIJKLMNOPQRSTUVWXYZ, and the last worker will work with abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ. While this tool does what it's supposed to, it has some major downfalls. For starters, it's using Python. I'm not saying Python is a bad language or anything like that. The issue is Python's GIL which prevents multiple threads from executing Python's bytecode at the same time. This means that I am unable to achieve parallelism with threads since only one character set would be worked on at a time. What needs to be done instead is splitting the work up across multiple processes and share data across those processes. This is less efficient than working with threads in general but is a necessary evil with Python.
ntlm md5 sha1 password-cracker brute-force parallel
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.