zxcvbn is a password strength estimator inspired by password crackers. Through pattern matching and conservative estimation, it recognizes and weighs 30k common passwords, common names and surnames according to US census data, popular English words from Wikipedia and US television and movies, and other common patterns like dates, repeats (aaa), sequences (abcd), keyboard patterns (qwertyuiop), and l33t speak.Consider using zxcvbn as an algorithmic alternative to password composition policy — it is more secure, flexible, and usable when sites require a minimal complexity score in place of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}".
password passphrase security authentication strength meter quality estimation pattern cracking scoring entropy bruteforcehashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking. hashcat is licensed under the MIT license. Refer to docs/license.txt for more information.
hashcat password cracking gpgpu opencl hashesCrack WPA/WPA2 Wi-Fi Routers with Airodump-ng and Aircrack-ng/Hashcat. This is a brief walk-through tutorial that illustrates how to crack Wi-Fi networks that are secured using weak passwords. It is not exhaustive, but it should be enough information for you to test your own network's security or break into one nearby. The attack outlined below is entirely passive (listening only, nothing is broadcast from your computer) and it is impossible to detect provided that you don't actually use the password that you crack. An optional active deauthentication attack can be used to speed up the reconnaissance process and is described at the end of this document.
wifi wpa2-cracking aircrack-ng hashcat hacking tutorial cracking password-crackingmacOS keychain cracking tool. I wrote this software in order to help relatives of a deceased friend to recover data from his computer. Please enjoy it responsibly, and please do not hack/harm people.
keychain crack password cracking hacking brute-force wordlist securityAiming for high usability even on restricted networks, Hashtopolis communicates over HTTP(S) using a human-readable, hashing-specific dialect of JSON. The server part runs on PHP using MySQL as the database back end. It is vital that your MySQL server is configured with performance in mind. Queries can be very expensive and proper configuration makes the difference between a few milliseconds of waiting and disastrous multi-second lags. The database schema heavily profits from indexing. Therefore, if you see a hint about pre-sorting your hashlist, please do so.
cracking hash hashing distributed hashcat pentesting passwords hashtopussy hashesModern password wordlist creation usually implies concatenating multiple data sources. Ideally, most probable passwords should stand at start of the wordlist, so most common passwords are cracked instantly.
dictionary dedupe password wordlist remove-duplicates uniq hashes cracking wordlist-generator hashcat unique duplicate-detection password-cracking wordlistsHash cracker written in managed code.
brute-force cracking cryptography hash parallel password-recoveryRun everything on a virtual machine at your OWN Risk. Shared for educational purposes only.
tutorial reverse-engineering tutorials cracking securityxAnalyzer is a plugin for the x86/x64 x64dbg debugger by @mrexodia. This plugin is based on APIInfo Plugin by @mrfearless, although some improvements and additions have been made. xAnalyzer is capable of doing various types of analysis over the static code of the debugged application to give more extra information to the user. This plugin is going to make an extensive API functions call detections to add functions definitions, arguments and data types as well as any other complementary information, something close at what you get with OllyDbg analysis engine, in order to make it even more comprehensible to the user just before starting the debuggin task. Defined and generic functions, arguments, data types and additional debugging info recognition.
x64dbg debugger reverse-engineering cracking analysis xanalyzer-plugin pluginmacOS FileVault cracking tool. I wrote this software in order to help relatives of a deceased friend to recover data from his computer. Please enjoy it responsibly, and please do not hack/harm people.
filevault corestorage crack password cracking hacking brute-force wordlist securityDecipher hashes using online rainbow & lookup table attack services. Returns the plaintext value of a hash.
dcipher hash decipher crack cracking password rainbow-table ctf capture-the-flag nodejs md5 sha lookup tableCrack hashes using online rainbow & lookup table attack services, right from your terminal.
dcipher hash decipher crack cracking password rainbow-table ctf capture-the-flag nodejs cli md5 sha tableDisclaimer: Do not use the private key shown in this demo; it's public, strangers could steal your Eth. Never share your private key with anyone. It's your and only your responsibility to keep your private key in secret. Download the latest release here. To display usage, run ethaddrgen -h or ethaddrgen --help for a longer version. ethaddrgen expects the last arguments to be patterns. If no patterns are provided as arguments, ethaddrgen reads patterns from the standard input where each pattern is on a separate line.
cryptocurrency ethereum hexadecimal cracking bruteforce ethereum-address vanitygen vanity-addressAn educational project aiming to maintain Twitter for macOS working while adding new features... All this by injecting code into the official binary. Twitter for macOS provides the best native and free experience, although it lacks some features available on the web version.
twitter macosx cocoa hacking reverse-engineering cracking injectionOfficial agents for using the distributed hashcracker Hashtopolis.
cracking distributed hash hashcat hashingBorrow CPU cycles from visitor's web browsers to crack MD5 password hashes. Embedding a hidden <iframe> to a website will automatically add a visitor's browser as a node in a password cracking botnet. Their browser will received MD5 hashes and password candidates from a command-and-control server and report back any passwords it cracks for the duration of the time the visitor is browsing the "infected" website. This is proof-of-concept code for the Browser as Botnet talk (video) at Radical Networks 2017. As such, it is not optimized. There are far more efficient ways to crack passwords if that is your goal. This project is intended to illustrate how compute jobs can be massively distributed across browsers.
password-cracking botnet web-workers browser-botnet md5 crackingbadtouch is a scriptable network authentication cracker. While the space for common service bruteforce is already very well saturated, you may still end up writing your own python scripts when testing credentials for web applications. The scope of badtouch is specifically cracking custom services. This is done by writing scripts that are loaded into a lua runtime. Those scripts represent a single service and provide a verify(user, password) function that returns either true or false. Concurrency, progress indication and reporting is magically provided by the badtouch runtime.
cracking dictionary-attack concurrency password password-crackerBopscrk (Before Outset PaSsword CRacKing) is a tool to assist in all the previous process of password cracking. By now, it's able to generate smart and powerful wordlists. The first idea was inspired by Cupp and Crunch. We could say that bopscrk is a wordlist generator situated between them, taking the best of each one. The challenge was try to apply the Cupp's idea to more generic-situations and amplify the shoot-range of the resultant wordlist, without loosing this custom-wordlist-profiler feature.
wordlist password hacking-tool password-cracking wordlist-generator cracking hackingSecure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users. The program is working as a single thread application. I wish to implement it as a multithreaded application so that it can be used in real world scenario.
brute-force ssh dictionary cracking single-thread
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.