A vast collection of security tools for bug bounty, pentest and red teaming

#passwords

69 results
pypykatz on offsec.tools
Featured
pypykatz

Mimikatz implementation in pure Python.

#bruteforce   #cracker   #ntlm   #passwords   #python   #windows  

mimikatz on offsec.tools
Featured
mimikatz

A little tool to play with Windows security.

#cracker   #hash   #ntlm   #passwords   #windows  

h8mail on offsec.tools
h8mail

Powerful and user-friendly password hunting tool.

#emails   #leaks   #passwords   #usernames  

LDAP Password Hunter on offsec.tools
LDAP Password Hunter

Password Hunter in active directory.

#activedirectory   #ldap   #passwords   #windows  

Invoke-WCMDump on offsec.tools
Invoke-WCMDump

PowerShell script to dump Windows credentials from the Credential Manager.

#passwords   #windows  

Ciphey on offsec.tools
Ciphey

Automates decryptions & decodings with encodings, classical ciphers, hashes, or more.

#cryptography   #hash   #passwords  

NetworkMiner on offsec.tools
NetworkMiner

Network forensic analysis tool for Windows.

#emails   #forensic   #network   #passwords   #sniffer  

jackdaw on offsec.tools
jackdaw

Gather gather gather.

#activedirectory   #domains   #hash   #passwords   #usernames   #windows  

Responder on offsec.tools
Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner.

#dns   #exploits   #ftp   #hash   #ldap   #mssql   #passwords   #samba   #windows  

Vajra on offsec.tools
Vajra

UI-based tool with multiple techniques for attacking and enumerating Azure and AWS environment.

#aws   #azure   #cloud   #passwords   #subdomains  

ShadowSpray on offsec.tools
ShadowSpray

Spray shadow credentials across an entire domain.

#domain   #passwords   #windows  

brutespray on offsec.tools
brutespray

Automatically attempts default creds on found services based on Nmap output.

#passwords  

afrog on offsec.tools
afrog

A vulnerability scanning tools for penetration testing.

#cves   #fingerprint   #passwords   #scanner   #vulnerabilities  

ggshield on offsec.tools
ggshield

Find multiple types of hardcoded secrets & types of infrastructure-as-code misconfigurations.

#codeanalysis   #passwords   #secrets  

l0phtcrack on offsec.tools
l0phtcrack

Crack Windows passwords from hashes.

#cracker   #hash   #ntlm   #passwords   #windows  

Ophcrack on offsec.tools
Ophcrack

Windows password cracker based on rainbow tables.

#bruteforce   #cracker   #ntlm   #passwords   #windows  

dsniff on offsec.tools
dsniff

Collection of tools for network auditing and penetration testing.

#mitm   #network   #passwords   #sniffer  

Cain and Abel on offsec.tools
Cain and Abel

Password recovery tool for Microsoft Operating Systems.

#bruteforce   #network   #passwords   #voip   #windows   #wireless  

OrbitalDump on offsec.tools
OrbitalDump

A simple multi-threaded distributed SSH brute-forcing tool.

#bruteforce   #passwords   #ssh  

Medusa on offsec.tools
Medusa

Medusa is a speedy, parallel, and modular, login brute-forcer.

#bruteforce   #passwords  

crackerjack on offsec.tools
crackerjack

Hashcat Web Interface.

#cracker   #passwords  

ADRT on offsec.tools
ADRT

Active Directory Report Tool.

#activedirectory   #domains   #passwords   #users   #windows  

padding-oracle-attacker on offsec.tools
padding-oracle-attacker

Execute padding oracle attacks with support for concurrent network requests and an elegant UI.

#oracle   #passwords   #secrets  

default-http-login-hunter on offsec.tools
default-http-login-hunter

Login hunter of default credentials for administrative web interfaces.

#passwords  

SharpHose on offsec.tools
SharpHose

Asynchronous password spraying tool for Windows environments.

#activedirectory   #passwords   #spraying   #windows  

Words Scraper on offsec.tools
Words Scraper

Selenium based web scraper to generate passwords list.

#crawler   #passwords   #wordlists  

JWTweak on offsec.tools
JWTweak

Detects JWT algorithm and provides options to generate a new JWT based on another algorithm.

#jwt   #passwords  

cstc on offsec.tools
cstc

Burp Suite extension that allows request/response modification using a GUI.

#burpsuite   #cryptography   #hash   #passwords  

Cr3dOv3r on offsec.tools
Cr3dOv3r

Know the dangers of credential reuse attacks.

#leaks   #passwords  

airbash on offsec.tools
airbash

Fully automated WPA PSK PMKID and handshake capture script.

#cracker   #network   #passwords   #wifi   #wpa  

evil SSDP on offsec.tools
evil SSDP

Spoof SSDP replies to phish for credentials and NetNTLM challenge/response.

#network   #ntlm   #passwords   #phishing   #spoofing   #ssdp   #xml  

RouterSploit on offsec.tools
RouterSploit

Exploitation framework for embedded devices.

#exploits   #framework   #passwords   #payloads   #routers   #scanner  

leakScraper on offsec.tools
leakScraper

Set of tools to process and visualize huge text files containing credentials.

#leaks   #osint   #passwords  

Hash Buster on offsec.tools
Hash Buster

Crack hashes in seconds.

#cracker   #passwords  

Have i been pwned? on offsec.tools
Have i been pwned?

Check if your email or phone is in a data breach.

#leaks   #online   #passwords  

AttackSurfaceMapper on offsec.tools
AttackSurfaceMapper

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

#ips   #osint   #passwords   #ports   #screenshots   #subdomains  

SSH PuTTY login bruteforcer on offsec.tools
SSH PuTTY login bruteforcer

A wrapper script which uses PuTTY to perform SSH login bruteforce attacks.

#bruteforce   #passwords   #ssh   #windows  

DefaultPassword on offsec.tools
DefaultPassword

Default passwords database sorted by manufacturers.

#passwords   #resources  

SprayCannon on offsec.tools
SprayCannon

Fast multithreaded password spraying tool with backend database.

#passwords  

JWT4B on offsec.tools
JWT4B

JWT Support for Burp Suite.

#burpsuite   #jwt   #passwords  

JOSEPH on offsec.tools
JOSEPH

JavaScript Object Signing and Encryption Pentesting Helper.

#burpsuite   #jwt   #passwords  

SecLists on offsec.tools
SecLists

Collection of multiple types of lists used during security assessments, collected in one place.

#fuzzing   #passwords   #payloads   #resources   #wordlists  

cariddi on offsec.tools
cariddi

Crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more.

#crawler   #endpoints   #passwords   #secrets  

jwt-hack on offsec.tools
jwt-hack

JWT encoding/decoding, generates payloads for JWT attack and very fast cracking.

#cracker   #jwt   #passwords  

JWT Key ID Injector on offsec.tools
JWT Key ID Injector

Simple python script to check against hypothetical JWT vulnerability.

#jwt   #passwords  

jwtear on offsec.tools
jwtear

Modular command-line tool to parse, create and manipulate JWT tokens.

#jwt   #passwords  

jwt-heartbreaker on offsec.tools
jwt-heartbreaker

Burp Suite extension to check JWT for using keys from known from public sources.

#burpsuite   #jwt   #passwords  

JWT cracker on offsec.tools
JWT cracker

JWT brute force cracker written in C.

#bruteforce   #cracker   #jwt   #passwords  

BruteX on offsec.tools
BruteX

Automatically brute force all services running on a target.

#bruteforce   #passwords   #ports   #usernames  

changeme on offsec.tools
changeme

A default credential scanner.

#passwords   #scanner  

Default Credentials Cheat Sheet on offsec.tools
Default Credentials Cheat Sheet

One place for all the default credentials to assist on finding devices with default password.

#passwords   #resources  

lnkbomb on offsec.tools
lnkbomb

Malicious shortcut generator for collecting NTLM hashes from insecure file shares.

#exploits   #passwords   #smb  

Oh365UserFinder on offsec.tools
Oh365UserFinder

O365 user enumeration and password spraying tool.

#cloud   #enumeration   #office   #osint   #passwords  

Depix on offsec.tools
Depix

Recovers passwords from pixelized screenshots.

#passwords  

RainbowCrack on offsec.tools
RainbowCrack

It crack hashes with rainbow tables.

#cracker   #passwords  

Reaver on offsec.tools
Reaver

Implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs.

#network   #passwords   #wifi  

fcrackzip on offsec.tools
fcrackzip

Zip password cracker.

#cracker   #passwords   #zip  

crunch on offsec.tools
crunch

Wordlist generator where you can specify a character set or any set of characters to be used.

#passwords   #wordlists  

wifite on offsec.tools
wifite

Runs existing wireless-auditing tools for you. Stop memorizing command arguments & switches!

#network   #passwords   #wifi  

aircrack-ng on offsec.tools
aircrack-ng

Complete suite of tools to assess WiFi network security.

#network   #passwords   #wifi  

CeWL on offsec.tools
CeWL

Custom Word List Generator.

#crawler   #passwords   #wordlists  

cook on offsec.tools
cook

Overpower wordlist generator, words permutation and combinations, encoding/decoding...

#fuzzing   #passwords   #wordlists  

Patator on offsec.tools
Patator

Multi-purpose brute-forcer, with a modular design and a flexible usage.

#bruteforce   #passwords  

Hydra on offsec.tools
Hydra

Very fast password cracking tool.

#bruteforce   #passwords  

John The Ripper on offsec.tools
John The Ripper

Password cracker tool.

#cracker   #passwords  

Hashcat on offsec.tools
Hashcat

World's fastest and most advanced password recovery utility

#cracker   #passwords  

JWT Tool on offsec.tools
JWT Tool

A toolkit for testing, tweaking and cracking JSON Web Tokens.

#jwt   #passwords  

EyeWitness on offsec.tools
EyeWitness

Take screenshots of websites, provide server header info and identify default credentials.

#endpoints   #passwords   #screenshots  

DumpsterDiver on offsec.tools
DumpsterDiver

Tool to search secrets in various filetypes.

#aws   #azure   #passwords   #secrets