Tools |
Description |
BruteSpray |
It takes nmap GNMAP/XML output and automatically brute-force services with default credentials using Medusa. |
Burp Suite |
It is a platform to perform security testing of web applications. |
CeWL |
It is a custom wordlist generator that spread a given url to a specified depth, optionally following external links. It also returns a list of words which can be used for password crackers. |
chntpw |
It is a tool that allows you to view information and change user passwords in a Windows NT/2000 user database file. |
Cisco-auditing-tool |
It scans cisco routers for common vulnerability and errors. |
CmosPwd |
It is a tool to decrypt the password stored in CMOS used to access a computer BIOS setup. |
creddump |
It is used to extract various credentials and secrets from Windows registry hives. |
crowbar |
It is a brute-forcing tool that can be used during penetration tests. |
crunch |
It creates a wordlist based on the criteria we specify. |
findmyhash |
It cracks hashes using online services. |
gpp-decrypt |
It will decrypt a given GPP (Group Policy Preference) encrypted string. |
hash-identifier |
It is a tool to identify the different types of hashes used to encrypt data. |
Hashcat |
It is the world's fastest and most advanced password recovery tool. |
HexorBase |
It is a database application designed for administrating and auditing multiple database servers simultaneously from a centralized location. |
THC-Hydra |
It is a fast network login cracker which supports a huge number of protocols to attack. |
John |
the Ripper It is a password cracking tool. |
Johnny |
It provides a GUI for the "John the Ripper" password cracking tool. |
keimpx |
It checks for valid credentials across a network over SMB. |
Maskprocessor |
It is a high-performance word generator with a per-position configurable charset packed into a single binary package. |
multiforcer |
It is a multi-GPU password cracker with support for many hash types such as MD5, SHA1, LM, NTLM, etc... |
Ncrack |
It is a High-speed network authentication cracking tool that gives a user full access over the network operations that allows the very sophisticated bruteforcing attacks. |
oclgausscrack |
It cracks the verification hash of the encrypted payload of the Gauss Virus. |
ophcrack |
It is a Microsoft Windows password cracker based on rainbow tables. |
PACK |
It is a password cracking tool that generates dictionary file statistics. |
patator |
It is a multi-purpose brute-forcer that supports a huge number of modules. |
Phrasendrescher |
It is a passphrase cracking tool that runs on FreeBSD, netBSD, OpenBSD, MacOS, and Linux. |
Polenum |
It is a tool to extract the password policy from a Windows system. |
RainbowCrack |
A rainbow table password cracker that uses the time-memory trade-off algorithm to crack hashes. |
rcracki-mt |
It is a modified version of rcrack which supports hybrid and indexed tables. |
RSMangler |
It is a wordlist mangling tool that performs various manipulations similarly to John the Ripper. |
SecLists |
It is a security tester. It consists of multiple types of lists used during security assessments, collected in one place. |
SQLdict |
It is a dictionary attack tool used for the SQL server. |
Statsprocessor |
It is a High-performance word generator based on hashcat markov stats. |
THC-pptp-bruter |
It is a brute force program against pptp vpn endpoints. |
TrueCrack |
It is a brute-force password cracker for TrueCrypt volumes. |
WebScarab |
It is a web application review tool for those who need to expose the working of a HTTPs based application. |
Wordlists |
It contains the rockyou wordlist and contains symlinks to a number of other password files present in the Kali Linux distribution. |
zaproxy |
It is a penetration testing tool for finding vulnerabilities in web applications. |