Search the Community

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts: Agent Multiple clients (C#, Python), easily customizable to suit any need. Server several PHP/CSS files operating on two endpoints: an Admin GUI and an Agent Connection Point Aiming for high usability even on restricted networks, Hashtopolis communicates over HTTP(S) using a human-readable, hashing-specific dialect of JSON. The server part runs on PHP using MySQL as the database backend. It is vital that your MySQL server is configured with performance in mind. Queries can be very expensive and proper configuration makes the difference between a few milliseconds of waiting and disastrous multi-second lags. The database schema heavily profits from indexing. Therefore, if you see a hint about pre-sorting your hashlist, please do so. The web admin interface is the single point of access for all client agents. New agent deployments require a one-time password generated in the New Agent tab. This reduces the risk of leaking hashes or files to rogue or fake agents. Features Easy and comfortable to use Accessible from anywhere via web interface Server component highly compatible with common web hosting setups Unattended agents File management for word lists, rules, … Self-updating of both Hashtopolis and Hashcat Cracking multiple hashlists of the same hash type as though they were a single hashlist Running the same client on Windows, Linux and OS X Files and hashes marked as “secret” are only distributed to agents marked as “trusted” Many data import and export options Rich statistics on hashes and running tasks Visual representation of chunk distribution Multi-user support User permission levels Various notification types Small and/or CPU-only tasks Group assignment for agents and users for fine-grained access-control Compatible with crackers supporting certain flags Changelog v0.13.1 Bugfixes When deleting a supertask that was created from an import, pretasks that were removed from this supertask should also be deleted (issue #865). Setting config values to false using the user API now works as intended. When using the rulesplit function an internal server error was thrown. (#836) Deleting the last Hashlist resulted in an fatal error issue #888. Enhancements Hash.hash is now of type MEDIUMTEXT to avoid issues with longer hashes (e.g. LUKS, issue #851). [hide][Hidden Content]]

A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the –proxies switch, it acts just like any other multi-threaded SSH brute-forcing script. When the –proxies switch is added, the script pulls a list (usually thousands) of SOCKS4 proxies from ProxyScrape and launches all brute-force attacks over the SOCKS4 proxies so brute-force attempts will be less likely to be rate-limited by the target host. [hide][Hidden Content]]

Kraken: A multi-platform distributed brute-force password cracking system. What is Kraken Kraken is an online distributed brute force password cracking tool. It allows you to parallelize dictionaries and crunch word generator-based cracking across multiple machines both as a web app in a web browser and as a standalone electron-based client. Kraken aims to be easy to use, fault-tolerant and scalable. I wrote Kraken because I wanted to learn more about offensive security and to write an easy solution to overcome the limitation of using a single device when attempting to distribute brute force workloads. [hide][Hidden Content]]

Automatically grab and crack WPA-2 handshakes with distributed client-server architecture. [hide][Hidden Content]]

Kraker Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and workstations, focused on easy of use. There were two main goals during the design and development: to create the most simple tool for distributed hash cracking and make it fault-tolerant. Kraker consists of two main components – a server and an agent, which communicate through a REST API. You can read about their installation and configuration below. Kraker continues to be in development, so the new functionality, documentation, and updates will be released as they become available. Changelog v1.2 Fixed: Mur-mur-hash instead of MD5. [hide][Hidden Content]]

[hide][Hidden Content]]

Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and workstations, focused on easy of use. There were two main goals during the design and development: to create the most simple tool for distributed hash cracking and make it fault-tolerant. Kraker consists of two main components – a server and an agent, which communicate through a REST API. You can read about their installation and configuration below. Kraker continues to be in development, so the new functionality, documentation, and updates will be released as they become available. [hide][Hidden Content]]

Scantron Scantron is a distributed nmap scanner comprised of two components. The first is a master node that consists of a web front end used for scheduling scans and storing nmap scan targets and results. The second component is an agent that pulls scan jobs from the master and conducts the actual nmap scanning. A majority of the application’s logic is purposely placed on the master to make the agent(s) as “dumb” as possible. All nmap target files and nmap results reside on master and are shared through a network file share (NFS) leveraging SSH tunnels. The agents call back to master periodically using a REST API to check for scan tasks and provide scan status updates. [hide][Hidden Content]]

[hide][Hidden Content]]