SecretScanner – Find Secrets And Passwords In Container Images And File Systems

Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets? Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure (such as accounts, devices, network, cloud based services), applications, storage, databases and other kinds of critical data for an organization.Read More

Stegseek – Worlds Fastest Steghide Cracker, Chewing Through Millions Of Passwords Per Second

Stegseek is a lightning fast steghide cracker that can be used to extract hidden data from files. It is built as a fork of the original steghide project and, as a result, it is thousands of times faster than other crackers and can run through the entirety of rockyou.txt* in under 2 seconds. Stegseek canRead More

Depix – Recovers Passwords From Pixelized Screenshots

Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with a linear box filter. In this article I cover background information on pixelization and similar research. Example python -p images/testimages/testimage3_pixels.png -s images/searchimages/debruinseq_notepad_Windows10_closeAndSpaced.png -o output.png Usage Cut out the pixelated blocks from the screenshot asRead More

Lil-Pwny – Auditing Active Directory Passwords Using Multiprocessing In Python

A multiprocessing approach to auditing Active Directory passwords using Python. About Lil Pwny Lil Pwny is a Python application to perform an offline audit of NTLM hashes of users’ passwords, recovered from Active Directory, against known compromised passwords from Have I Been Pwned. The usernames of any accounts matching HIBP will be returned in aRead More

PwnedPasswordsChecker – Search (Offline) If Your Password (NTLM Or SHA1 Format) Has Been Leaked (HIBP Passwords List V5)

PwnedPasswordsChecker is a tool that checks if the hash of a known password (in SHA1 or NTLM format) is present in the list of I Have Been Pwned leaks and the number of occurrences. You can download the hash-coded version for SHA1 here or the hash-coded version for NTLM here Once the list is downloadedRead More

Stegcloak – Hide Secrets With Invisible Characters In Plain Text Securely Using Passwords

StegCloak is a pure JavaScript steganography module designed in functional programming style, to hide secrets inside text by compressing and encrypting with Zero Width Characters. It can be used to safely watermark strings, invisible scripts on webpages, texts on social media or for any other covert communication. Completely invisible!. See how it works in-depth hereRead More

Words Scraper – Selenium Based Web Scraper To Generate Passwords List

Selenium based web scraper to generate passwords list. Installation # Download Firefox webdriver from$ tar xzf geckodriver-v{VERSION-HERE}.tar.gz$ sudo mv geckodriver /usr/local/bin # Make sure it is in your PATH$ geckodriver –version # Make sure webdriver is properly installed$ git clone$ sudo pip3 install -r words-scraper/requirements.txt Use cases Scraping words from the target’s pagesRead More

Adamantium-Thief – Decrypt Chromium Based Browsers Passwords, Cookies, Credit Cards, History, Bookmarks

Get chromium browsers: passwords, credit cards, history, cookies, bookmarks.Chrome 80 > is supported!Examples: Get passwords from browsers: Stealer.exe PASSWORDS Get credit cards from browsers: Stealer.exe CREDIT_CARDS Get history from browsers: Stealer.exe HISTORY Get bookmarks from browsers: Stealer.exe BOOKMARKS Get cookies from browsers: Stealer.exe COOKIES Browsers list: Google Chrome Opera Chromium Brave-Browser Epic Privacy Browser AmigoRead More

Chromepass – Hacking Chrome Saved Passwords

Chromepass is a python-based console application that generates a windows executable with the following features: Decrypt Chrome saved paswords Send a file with the login/password combinations remotely (email or reverse-http) Custom icon Completely undetectable by AntiVirus Engines AV Detection!Due to the way this has been coded, it is currently fully undetected. Here are some linksRead More

SauronEye – Search Tool To Find Specific Files Containing Specific Words, I.E. Files Containing Passwords

[*] SauronEye is a search tool built to aid red teams in finding files containing specific keywords. Features: Search multiple (network) drives Search contents of files Search contents of Microsoft Office files (.doc, .docx, .xls, .xlsx) Find VBA macros in old 2003 .xls and .doc files Search multiple drives multi-threaded for increased performance Supports regularRead More