Password list generator for password spraying – prebaked with goodies Version 1.4 Generates permutations of Months, Seasons, Years, Sports Teams (NFL, NBA, MLB, NHL), Sports Scores, “Password”, and even Iterable Keyspaces of a specified size. All permutations are generated with common attributes appended/prepended (such as “!” or “#”), or custom separators (such as “.” orRead More
A script to test credentials against Active Directory Federation Services (ADFS), calculating the ADFS url of an organization and allowing password spraying or bruteforce attacks. The main idea is carrying out password spraying attacks with a random and high delay between each test and using a list of proxies or Tor to make the detectionRead More
Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and workstations, focused on easy of use. There were two main goals during the design and development: to create the most simple tool for distributed hash cracking and make it fault-tolerant. Kraker consists of two mainRead More
An open source implementation of the grantor role in Apple’s Wi-Fi Password Sharing protocol. Disclaimer OpenWifiPass is experimental software and is the result of reverse engineering efforts by the Open Wireless Link project. The code serves solely documentary and educational purposes. It is untested and incomplete. For example, the code does not verify the identityRead More
Please Note – This Program Do Not Store Passwords In Any Form And All The Passwords Are Generated Locally Inside You Device. Diceware is a method used to generate cryptographically strong memorable passphrases. This is a python implementation of the diceware password generating algorithm. Inspired after watching this video. How DPG Generate Passwords? Traditional DicewareRead More
Quickly fetch your WiFi password and if needed, generate a QR code of your WiFi to allow phones to easily connect. Works on macOS and Linux and Windows Installation Install using pip $ python3 -m pip install –user wifi-password Install using git $ git clone https://github.com/sdushantha/wifi-password$ cd wifi-password$ python3 setup.py install Install using the AURRead More
A tool to enumerate and spray valid Active Directory accounts through Kerberos Pre-Authentication. Background Although many Kerberos password spraying tools currently exist on the market, I found it difficult to find tools with the following built-in functionality: The ability to prevent users from locking out the domain The ability to integrate username enumeration with theRead More
Credential Dumping Tool for SolarWinds Orion Blog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/ Credit to @asolino, @gentilkiwi, and @skelsec for helping me figuring out DPAPI. ============================================| Collecting RabbitMQ Erlang Cookie| Erlang Cookie: abcdefg12456789abcde============================================| Collecting SolarWinds Certificate| SolarWinds Orion Certificate Found!| Subject Name: CN=SolarWinds-Orion| Thumbprint : BE85C6C3AACA8840E166187B6AB8C6BA9DA8DE80| Password : alcvabkajp4| Private Key : MIIKHwIBAzCCCd8GCSqGSIb3DQEHAaCCCdAEggn<snip>============================================| Collecting Default.DAT file| Encrypted: 01000000D08C9DDF0115D<snip>| Decrypted:Read More
[*] Talon is a tool designed to perform automated password guessing attacks while remaining undetected. Talon can enumerate a list of users to identify which users are valid, using Kerberos. Talon can also perform a password guessing attack against the Kerberos and LDAPS (LDAP Secure) services. Talon can either use a single domain controller orRead More
The Trident project is an automated password spraying tool developed to meet the following requirements: the ability to be deployed on several cloud platforms/execution providers the ability to schedule spraying campaigns in accordance with a target’s account lockout policy the ability to increase the IP pool that authentication attempts originate from for operational security purposesRead More
