Lnkbomb – Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares

Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file. This icon file can be directed to a penetration tester’s machine running Responder or smbserver to gather NTLMv1 or NTLMv2 hashes (depending on configuration of theRead More

Assless-Chaps – Crack MSCHAPv2 Challenge/Responses Quickly Using A Database Of NT Hashes

Crack MSCHAPv2/NTLMv1 challenge/responses quickly using a database of NT hashes Introduction Assless CHAPs is an efficient way to recover the NT hash used in a MSCHAPv2/NTLMv1 exchange if you have the challenge and response (e.g. from a WiFi EAP WPE attack). It requires a database of NT hashes, instructions on how to make these fromRead More

Uchihash – A Small Utility To Deal With Malware Embedded Hashes

Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dynamically importing APIs (especially in shellcode) Checking running process used by analysts (Anti-Analysis) Checking VM or Antivirus artifacts (Anti-Analysis) Uchihash can generate hashes with your own custom hashing algorithm, search forRead More

Hash-Buster v3.0 – Crack Hashes In Seconds

Why crack hashes when you can bust them? Features Automatic hash type identification Supports MD5, SHA1, SHA256, SHA384, SHA512 Can extract & crack hashes from a file Can find hashes from a directory, recursively Multi-threading Insallation & Usage Note: Hash Buster isn’t compatible with python2, run it with python3 instead. Also, Hash-Buster uses some APIsRead More

SharpWebServer – HTTP And WebDAV Server With Net-NTLM Hashes Capture Functionality

A Red Team oriented simple HTTP & WebDAV server written in C# with functionality to capture Net-NTLM hashes. To be used for serving payloads on compromised machines for lateral movement purposes. Requires .NET Framework 4.5 and System.Net and System.Net.Sockets references. Usage :: SharpWebServer :: a Red Team oriented C# Simple HTTP Server with Net-NTLMv1/2 hashesRead More

Karkinos – Penetration Testing And Hacking CTF’s Swiss Army Knife With: Reverse Shell Handling – Encoding/Decoding – Encryption/Decryption – Cracking Hashes / Hashing

Karkinos is a light-weight ‘Swiss Army Knife’ for penetration testing and/or hacking CTF’s. Currently, Karkinos offers the following: Encoding/Decoding characters Encrypting/Decrypting text or files Reverse shell handling Cracking and generating hashes Dependancies Any server capable of hosting PHP; tested with Apache Server Tested with PHP 7.4.9 Python3 (in your path) pip3 Raspberry Pi Zero friendlyRead More

NTLMRawUnHide – A Python3 Script Designed To Parse Network Packet Capture Files And Extract NTLMv2 Hashes In A Crackable Format

NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The tool was developed to extract NTLMv2 hashes from files generated by native Windows binaries like NETSH.EXE and PKTMON.EXE without conversion. The following binary network packet capture formats are supported: *.pcap *.pcapng *.cap *.etl UsageRead More

Cloudtopolis – Cracking Hashes In The Cloud For Free

Cloudtopolis is a tool that facilitates the installation and provisioning of Hashtopolis on the Google Cloud Shell platform, quickly and completely unattended (and also, free!).RequirementsHave 1 Google account (at least). InstallationCloudtopolis installation is carried out in two phases: Phase 1Access Google Cloud Shell from the following link:https://ssh.cloud.google.com/cloudshell/editor?hl=es&fromcloudshell=true&shellonly=trueThen, run the following commands: wget https://raw.githubusercontent.com/JoelGMSec/Cloudtopolis/master/Cloudtopolis.shchmod +x Cloudtopolis.sh./Cloudtopolis.shRead More

Terrier – A Image And Container Analysis Tool To Identify And Verify The Presence Of Specific Files According To Their Hashes

[*] Terrier is a Image and Container analysis tool that can be used to scan OCI images and Containers to identify and verify the presence of specific files according to their hashes. A detailed writeup of Terrier can be found on the Heroku blog, https://blog.heroku.com/terrier-open-source-identifying-analyzing-containers. Installation BinariesFor installation instructions from binaries please visit the ReleasesRead More