PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Brute-force

Windows10

Black Window 10 v2 (codename: Polemos)

by D4RkN

Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system and…

Read More Black Window 10 v2 (codename: Polemos)
Debian

Cerberus Linux v3

by D4RkN

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Read More Cerberus Linux v3
Windows Hacking

Black Window 10 Enterprise

by D4RkN

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

Read More Black Window 10 Enterprise
Auditing SSHBrute-forceNEW TOOLSScanSSHSSH Auditorssh securitySSH server

SSH Auditor – The Best Way To Scan For Weak Ssh Passwords On Your Network

by Black Hat Sec

The Best Way To Scan For Weak Ssh Passwords On Your NetworkFeaturesssh-auditor will automatically:Re-check all known hosts as new credentials are added. It will only check the new credentials.Queue a full credential scan on any new host discovered.Queue a full credential scan on any known host whose ssh version or key fingerprint changes.Attempt command execution as well as attempt to tunnel a TCP connection.Re-check each credential using a per credential scan_interval - default 14 days.It's designed so that you can run ssh-auditor discover +…

Read More SSH Auditor – The Best Way To Scan For Weak Ssh Passwords On Your Network
Brute-forceFingerprintingHASSHNEW TOOLSSSHSSH ClientSSH HoneypotSSH server

HASSH – A Network Fingerprinting Standard Which Can Be Used To Identify Specific Client And Server SSH Implementations

by Black Hat Sec

"HASSH" is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint.What can HASSH help with:Use in highly controlled, well understood environments, where any fingerprints outside of a known good set are alertable.It is possible to detect, control and investigate brute force or Cred Stuffing password attempts at a higher level of granularity than IP Source - which may be impacted by…

Read More HASSH – A Network Fingerprinting Standard Which Can Be Used To Identify Specific Client And Server SSH Implementations
Brute-forceCaptive PortalEvil TwinKaliMacMac ChangerNEW TOOLSPcapPenetration TestSniffAirTP-LINKWPA2

SniffAir – A Framework For Wireless Pentesting

by Black Hat Sec

SniffAir is an open-source wireless security framework which provides the ability to easily parse passively collected wireless data as well as launch sophisticated wireless attacks. SniffAir takes care of the hassle associated with managing large or multiple pcap files while thoroughly cross-examining and analyzing the traffic, looking for potential security flaws. Along with the prebuilt queries, SniffAir allows users to create custom queries for analyzing the wireless data stored in the backend SQL database. SniffAir is built on the concept of using these queries…

Read More SniffAir – A Framework For Wireless Pentesting
badKarmaBrute-forceIncident responseInformation GatheringNetwork SecurityNEW TOOLSNmapOffensive Securitypenetration testingPentest ToolPython3ScanSecurity Audit

badKarma – Advanced Network Reconnaissance Toolkit

by Black Hat Sec

badKarma is a python3 GTK+ network infrastructure penetration testing toolkit.badKarma aim to help the tester in all the penetration testing phases (information gathering, vulnerability assessment,exploitation,post-exploitation and reporting). It allow the tester to save time by having point-and-click access to their toolkit and interacte with them through GUIs or Terminals, also every task is logged under a sqlite database in order to help during the reporting phase or in a incident response scenario.It is also available a proxychains switch that let everything go through proxies,…

Read More badKarma – Advanced Network Reconnaissance Toolkit
Brute-forceGNUHashHash CrackerMacNEW TOOLSPassword CrackerPassword CrackingPassword Recovery

Hashcat v4.2.1 – World’s Fastest and Most Advanced Password Recovery Utility

by Black Hat Sec

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking. Installation Download the latest release and unpack it in the desired location. Please remember to use 7z x when unpacking the archive from the command line to ensure full file paths remain intact.GPU Driver requirements:AMD GPUs on Windows…

Read More Hashcat v4.2.1 – World’s Fastest and Most Advanced Password Recovery Utility
Brute-forceCTF ToolDATAHiddenKaliKali LinuxNEW TOOLSParameterpenetration testingStegcrackerSteghideWordlist

StegCracker – Steganography Brute-Force Utility To Uncover Hidden Data Inside Files

by Black Hat Sec

Steganography brute-force utility to uncover hidden data inside files.UsageUsing stegcracker is simple, pass a file to it as it's first parameter and optionally pass the path to a wordlist of passwords to try as it's second parameter. If this is not set it will default to the rockyou.txt password file which ships with Kali Linux or can be downloaded here.$ stegcracker <file> [<wordlist>]InstallationTo install the program, follow these steps:$ sudo apt-get install steghide -y$ sudo curl > /bin/stegcracker$ sudo chmod +x /bin/stegcrackerDownload StegCracker

Read More StegCracker – Steganography Brute-Force Utility To Uncover Hidden Data Inside Files
AutocrackBrute-forceMasksNEW TOOLSParameterWordlistsWrapper

Autocrack – Hashcat Wrapper To Help Automate The Cracking Process

by Black Hat Sec

This python script is a Hashcat () wrapper to help automate the cracking process. The script includes multiple functions to select a set of wordlists and rules, as well as the ability to run a bruteforce attack, with custom masks, before the wordlist/rule attacks.Autocrack uses Python 3, which is usually installed already in various Linux distributions. To install Python 3 in OS X, follow the instructions here: sure to set the path variables at the beginning of the script.usage: autocrack.py [-h] [-b NUM]…

Read More Autocrack – Hashcat Wrapper To Help Automate The Cracking Process
Brute-forceCeWLCommand LineCTFCTF ToolsDecodeHiddenMacNEW TOOLSStego-Toolkit

Stego-Toolkit – Collection Of Steganography Tools (Helps With CTF Challenges)

by Black Hat Sec

This project is a Docker image useful for solving Steganography challenges as those you can find at CTF platforms like hackthebox.eu. The image comes preinstalled with many popular (see list below) and several screening scripts you can use check simple things (for instance, run check_jpg.sh image.jpg to get a report for this JPG file).UsageFirst make sure you have Docker installed (how to). Then you can use the shell scripts bin/buid.sh and bin/run.sh in this repo to build the image and run the container. You…

Read More Stego-Toolkit – Collection Of Steganography Tools (Helps With CTF Challenges)
AmassBrute-forceCrawlingDiscoverInformation GatheringMacMaltegoNEW TOOLSRed TeamScrapingSubdomain Enumeration

Amass – In-depth Subdomain Enumeration

by Black Hat Sec

The Amass tool performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting and altering of names and reverse DNS sweeping to obtain additional subdomain names. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the information is then used to build maps of the target networks.How to InstallPrebuiltA precompiled version is available for each release.If your operating environment supports Snap, you can click here to install, or perform the following from the command-line:$…

Read More Amass – In-depth Subdomain Enumeration