| Tools |
Description |
| BruteSpray |
It takes nmap GNMAP/XML output and automatically brute-force services with default credentials using Medusa. |
| Burp Suite |
It is a platform to perform security testing of web applications. |
| CeWL |
It is a custom wordlist generator that spread a given url to a specified depth, optionally following external links. It also returns a list of words which can be used for password crackers. |
| chntpw |
It is a tool that allows you to view information and change user passwords in a Windows NT/2000 user database file. |
| Cisco-auditing-tool |
It scans cisco routers for common vulnerability and errors. |
| CmosPwd |
It is a tool to decrypt the password stored in CMOS used to access a computer BIOS setup. |
| creddump |
It is used to extract various credentials and secrets from Windows registry hives. |
| crowbar |
It is a brute-forcing tool that can be used during penetration tests. |
| crunch |
It creates a wordlist based on the criteria we specify. |
| findmyhash |
It cracks hashes using online services. |
| gpp-decrypt |
It will decrypt a given GPP (Group Policy Preference) encrypted string. |
| hash-identifier |
It is a tool to identify the different types of hashes used to encrypt data. |
| Hashcat |
It is the world's fastest and most advanced password recovery tool. |
| HexorBase |
It is a database application designed for administrating and auditing multiple database servers simultaneously from a centralized location. |
| THC-Hydra |
It is a fast network login cracker which supports a huge number of protocols to attack. |
| John |
the Ripper It is a password cracking tool. |
| Johnny |
It provides a GUI for the "John the Ripper" password cracking tool. |
| keimpx |
It checks for valid credentials across a network over SMB. |
| Maskprocessor |
It is a high-performance word generator with a per-position configurable charset packed into a single binary package. |
| multiforcer |
It is a multi-GPU password cracker with support for many hash types such as MD5, SHA1, LM, NTLM, etc... |
| Ncrack |
It is a High-speed network authentication cracking tool that gives a user full access over the network operations that allows the very sophisticated bruteforcing attacks. |
| oclgausscrack |
It cracks the verification hash of the encrypted payload of the Gauss Virus. |
| ophcrack |
It is a Microsoft Windows password cracker based on rainbow tables. |
| PACK |
It is a password cracking tool that generates dictionary file statistics. |
| patator |
It is a multi-purpose brute-forcer that supports a huge number of modules. |
| Phrasendrescher |
It is a passphrase cracking tool that runs on FreeBSD, netBSD, OpenBSD, MacOS, and Linux. |
| Polenum |
It is a tool to extract the password policy from a Windows system. |
| RainbowCrack |
A rainbow table password cracker that uses the time-memory trade-off algorithm to crack hashes. |
| rcracki-mt |
It is a modified version of rcrack which supports hybrid and indexed tables. |
| RSMangler |
It is a wordlist mangling tool that performs various manipulations similarly to John the Ripper. |
| SecLists |
It is a security tester. It consists of multiple types of lists used during security assessments, collected in one place. |
| SQLdict |
It is a dictionary attack tool used for the SQL server. |
| Statsprocessor |
It is a High-performance word generator based on hashcat markov stats. |
| THC-pptp-bruter |
It is a brute force program against pptp vpn endpoints. |
| TrueCrack |
It is a brute-force password cracker for TrueCrypt volumes. |
| WebScarab |
It is a web application review tool for those who need to expose the working of a HTTPs based application. |
| Wordlists |
It contains the rockyou wordlist and contains symlinks to a number of other password files present in the Kali Linux distribution. |
| zaproxy |
It is a penetration testing tool for finding vulnerabilities in web applications. |
