Psudohash – Password List Generator That Focuses On Keywords Mutated By Commonly Used Password Creation Patterns

psudohash is a password list generator for orchestrating brute force attacks. It imitates certain password creation patterns commonly used by humans, like substituting a word’s letters with symbols or numbers, using char-case variations, adding a common padding before or after the word and more. It is keyword-based and highly customizable. Pentesting Corporate Environments System administratorsRead More

Awesome-Password-Cracking – A Curated List Of Awesome Tools, Research, Papers And Other Projects Related To Password Cracking And Password Security

A curated list of awesome tools, research, papers and other projects related to password cracking and password security. Read the guidelines before contributing! In short: List is alphabetically sorted If in doubt, use awesome-lint If you think an item shouldn’t be here open an issue Books Hash Crack: Password Cracking Manual (v3) – Password CrackingRead More

RedTeam-Physical-Tools – Red Team Toolkit – A Curated List Of Tools That Are Commonly Used In The Field For Physical Security, Red Teaming, And Tactical Covert Entry

Commonly used tools for Red Teaming Engagements, Physical Security Assessments, and Tactical Covert Entry. In this list I decided to share most of the tools I utilize in authorized engagements, along with my personal ranking of their value based on their usage and for you to consider if they should be in your toolkit, includingRead More

GoodHound – Uses Sharphound, Bloodhound And Neo4j To Produce An Actionable List Of Attack Paths For Targeted Remediation

Attackers think in graphs, defenders think in actions, management think in charts. GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths. Usage Quick Start For a very quick start with most of the default options, make sure you have your neo4j serverRead More

Ocr-Recon – Tool To Find A Particular String In A List Of URLs Using Tesseract’S OCR (Optical Character Recognition) Capabilities

This tool is useful to find a particular string in a list of URLs using tesseract’s OCR (Optical Character Recognition) capabilities. Usage Usage: python3 ocr-recon.py listwithURLs stringtosearch Download Ocr-Recon

SentryPeer – A Distributed Peer To Peer List Of Bad Actor IP Addresses And Phone Numbers Collected Via A SIP Honeypot

A distributed list of bad actor IP addresses and phone numbers collected via a SIP Honeypot. Introduction This is basically a fraud detection tool. It lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call. Those details are then used to block themRead More

Log4J-Detect – Script To Detect The "Log4j" Java Library Vulnerability (CVE-2021-44228) For A List Of URLs With Multithreading

Simple Python 3 script to detect the “Log4j” Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script “log4j-detect.py” developed in Python 3 is responsible for detecting whether a list of URLs are vulnerable to CVE-2021-44228. To do so, it sends a GET request using threads (higher performance) to each of theRead More

SharpSpray – Active Directory Password Spraying Tool. Auto Fetches User List And Avoids Potential Lockouts

SharpSpray is a Windows domain password spraying tool written in .NET C#. Introduction SharpSpray is a C# port of DomainPasswordSpray with enhanced and extra capabilities. This tool uses LDAP Protocol to communicate with the Domain active directory services. Features Can operate from inside and outside a domain context. Exclude domain disabled accounts from the spraying.Read More

Spraygen – Password List Generator For Password Spraying

Password list generator for password spraying – prebaked with goodies Version 1.4 Generates permutations of Months, Seasons, Years, Sports Teams (NFL, NBA, MLB, NHL), Sports Scores, “Password”, and even Iterable Keyspaces of a specified size. All permutations are generated with common attributes appended/prepended (such as “!” or “#”), or custom separators (such as “.” orRead More

X