Displaying 1 to 20 from 32 results

zxcvbn - Low-Budget Password Strength Estimation

  •    CoffeeScript

zxcvbn is a password strength estimator inspired by password crackers. Through pattern matching and conservative estimation, it recognizes and weighs 30k common passwords, common names and surnames according to US census data, popular English words from Wikipedia and US television and movies, and other common patterns like dates, repeats (aaa), sequences (abcd), keyboard patterns (qwertyuiop), and l33t speak.Consider using zxcvbn as an algorithmic alternative to password composition policy — it is more secure, flexible, and usable when sites require a minimal complexity score in place of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}".

routersploit - Exploitation Framework for Embedded Devices

  •    Python

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. Update RouterSploit Framework often. The project is under heavy development and new modules are shipped almost every day.

BruteX - Automatically brute force all services running on a target.

  •    Shell

This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use. Donations are welcome. This will help fascilitate improved features, frequent updates and better overall support for sniper.

CMSeeK - CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and 130 other CMSs

  •    Python

A content management system (CMS) manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. CMSeeK is built using python3, you will need python3 to run this tool and is compitable with unix based systems as of now. Windows support will be added later. CMSeeK relies on git for auto-update so make sure git is installed.




express-rate-limit - Basic rate-limiting middleware for express

  •    Javascript

Basic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Note: this module does not share state with other processes/servers by default. If you need a more robust solution, I recommend using an addon store or trying out one of the excelent competing options.

express-brute - Brute-force protection middleware for express routes by rate limiting incoming requests

  •    Javascript

A brute-force protection middleware for express routes that rate-limits incoming requests, increasing the delay with each request in a fibonacci-like sequence. An in-memory store for persisting request counts. Don't use this in production, instead choose one of the more robust store implementations listed below.

goHackTools - Hacker tools on Go (Golang)

  •    Go

This project is licensed under MIT license. Please read the LICENSE file. Welcomes any kind of contribution. Please read the CONTRIBUTING, ISSUE TEMPLATE and CODE_OF_CONDUCT file.


Advanced Router Tester

  •    

tool per testare la sicurezza del vostro router recuperando la wpa di default per alice, fastweb e infostrada inoltre permette il cambio del mac della vostra scheda wireless e la geolocalizzazione del router

0d1n - Web security tool to make fuzzing at HTTP/S, Beta

  •    C

===== 0d1n is a tool for automating customized attacks against web applications. *other functions...

OpenDoor - OWASP WEB Directory Scanner

  •    Python

OpenDoor OWASP is console multifunctional web sites scanner. This application find all possible ways to login, index of/ directories, web shells, restricted access points, subdomains, hidden data and large backups. The scanning is performed by the built-in dictionary and external dictionaries as well. Anonymity and speed are provided by means of using proxy servers. Software is written for informational purposes and is open source product under the GPL license.

distributed-jwt-cracker - An experimental distributed JWT token cracker built using Node

  •    Javascript

An experimental distributed JWT token cracker built using Node.js and ZeroMQ. It can be used to discover the password (or "secret") of an unencrypted JWT token using a HS256 signature. Requires ZeroMq libraries to be already installed in your machine.

jwt-cracker - Simple HS256 JWT token brute force cracker

  •    Javascript

Simple HS256 JWT token brute force cracker. Effective only to crack JWT tokens with weak secrets. Recommendation: Use strong long secrets or RS256 tokens.

dirsearch - A Go implementation of dirsearch.

  •    Go

DirSearch takes an input URL ( -url parameter ) and a wordlist ( -wordlist parameter ), it will then perform concurrent HEAD requests using the lines of the wordlist as paths and files eventually bruteforcing folders and files on a web server. This project is copyleft of Simone Margaritelli and released under the GPL 3 license.

subquest - Fast, Elegant subdomain scanner using nodejs

  •    Javascript

Than you can require it in your script and use it, following examples below. Before the version 1.5.0 the module makes use of event emitters to determine when it's done.

hashdog - Break MD5/SHA1/SHA256/SHA512 hashes using wordlists, password lists and string permutations

  •    Javascript

Break MD5/SHA1/SHA256/SHA512 hashes using wordlists, password lists and string permutations. Written in ES6/ES2015, and runs multiple forked processes for better performance. Using IPC calls in the cluster. Three different strategies are used for finding the correct hash. The first method is a english dictionary, along with a few word variations. The second path is using common passwords, while the third strategy is a bruteforce approach. The approach in this case is standard sequential recursive string permutation.

ethaddrgen - Custom Ethereum vanity address generator made in Rust

  •    Rust

Disclaimer: Do not use the private key shown in this demo; it's public, strangers could steal your Eth. Never share your private key with anyone. It's your and only your responsibility to keep your private key in secret. Download the latest release here. To display usage, run ethaddrgen -h or ethaddrgen --help for a longer version. ethaddrgen expects the last arguments to be patterns. If no patterns are provided as arguments, ethaddrgen reads patterns from the standard input where each pattern is on a separate line.





We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.