Search the Community

pdfrip is a fast multithreaded PDF password cracking utility written in Rust with support for wordlist-based dictionary attacks, date and number range bruteforcing, and a custom query builder for password formats. Features Fast: Performs about 50-100k+ passwords per second utilising full CPU cores. Custom Query Builder: You can write your own queries like STRING{69-420} with the -q option which would generate a wordlist with the full number range. Date Bruteforce: You can pass in a year as the input with the -d option which would bruteforce all 365 days of the year in DDMMYYYY format which is a pretty commonly used password format for PDFs. Number Bruteforce: Just give a number range like 5000-100000 with the -n option and it would bruteforce with the whole range. [hide][Hidden Content]]

Async DNS Brute A Python 3.5+ tool that uses asyncio to brute force domain names asynchronously. Speed It’s fast. Benchmarks on small VPS hosts put around 100k DNS resolutions at 1.5-2mins. An amazon M3 box was used to make 1 mil requests in just over 3 minutes. Your mileage may vary. It’s probably best to avoid using Google’s resolvers if you’re purely interested in speed. DISCLAIMER Your ISP’s and home router’s DNS servers probably suck. Stick to a VPS with fast resolvers (or set up your own) if you’re after speed. WARNING This tool is capable of sending LARGE amounts of DNS traffic. I am not responsible if you DoS someone’s DNS servers. Changelog v0.3.3 output bug fixes [hide][Hidden Content]]

hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking. Features World’s fastest password cracker World’s first and only in-kernel rule engine Free Open-Source (MIT License) Multi-OS (Linux, Windows and macOS) Multi-Platform (CPU, GPU, DSP, FPGA, etc., everything that comes with an OpenCL runtime) Multi-Hash (Cracking multiple hashes at the same time) Multi-Devices (Utilizing multiple devices in same system) Multi-Device-Types (Utilizing mixed device types in same system) Supports password candidate brain functionality Supports distributed cracking networks (using overlay) Supports interactive pause / resume Supports sessions Supports restore Supports reading password candidates from file and stdin Supports hex-salt and hex-charset Supports automatic performance tuning Supports automatic keyspace ordering markov-chains Built-in benchmarking system Integrated thermal watchdog 200+ Hash-types implemented with performance in mind … and much more Changelog v6.2.5 ## Algorithms ## – Added hash-mode: CRC32C – Added hash-mode: CRC64Jones – Added hash-mode: MultiBit Classic .wallet (scrypt) – Added hash-mode: MurmurHash3 – Added hash-mode: Windows Hello PIN/Password ## ## Performance ## – PDF Kernel (10700): Improved performance on AMD GPUs by using shared memory for the scratch buffer and disabled inlining to save spilling ## ## Bugs ## – Fixed divide by zero error because backend_ctx->hardware_power_all was not re-inserted after refactoring device_param->hardware_power – Fixed invalid handling of initialization value for -m 11500 – Fixed invalid progress counter initialization in attack-mode 9 when using –skip or –restore – Fixed out-of-boundary reads in attack-mode 9 that were caused by a missing work item limit in the refactored autotune engine – Fixed out-of-boundary reads in hash-mode 22400 (AES Crypt) kernel – Fixed strategy for eliminating hashes with zero length in LM when multiple hashes contain a zero hash ## ## Technical ## – AMD Driver: Updated requirements for AMD Linux drivers to ROCm 4.5 or later due to new HIP interface – Backend devices: In -S mode, limit the number of workitems so that no more than 2GB of host memory is required per backend device – Backend devices: In non -S mode, limit the number of workitems so that no more than 4GB of host memory is required per backend device – Backend types: The default filter for the device types is now set so that only the GPU is used, except for APPLE, where we set CPU – Benchmark: Update benchmark_deep.pl with new hash modes added (also new hash modes which were added with v6.2.3) – Electrum Wallet: Added new entropy-based check to test whether the decryption was successful or not – Module Optimizers: Added OPTS_TYPE_MAXIMUM_THREADS to deactivate the else branch route in the section to find -T before compilation – Makefile: Added wildcard include src/modules/module_*.mk directive so that plugin developers can add 3rd party libraries for their plugins – Rejects: Disabled checking of the minimum and maximum length of the password candidate in attack-mode 9 because they are incompatible – POCL: Added a workaround for an issue in POCL where a quote character is used as a part of the path itself which is passed as a path for the -I option – Device Threads: The default maximum device thread number has been reduced from 1024 to 256, users can still overwrite with the -T option – Tuning-DB: Add missing entries for -m 25600 and -m 25800 for CPU cracking – OpenCL Backend: added workaround to support Apple Silicon (GPU: M1, M1 Pro, and M1 Max) – MacOS v10.8+ (PBKDF2-SHA512): Added support for parsing new mac2john hash format directly in the module for -m 7100 [hide][Hidden Content]]

Penetration testing utility. The goal is to use this tool when access to some Windows OS features through GUI is restricted. Capabilities: invoke the Command Prompt and PowerShell, use Windows Management Instrumentation (WMI), connect to a remote host, run a new process, terminate a running process, dump a process memory, inject a bytecode into a running process, inject a DLL into a running process, list DLLs of a running process, install a hook procedure, enable access token privileges, duplicate the access token of a running process, download a file, add a registry key, schedule a task, list unquoted service paths and restart a running service, replace System32 files. Changelog v3.5.1 Added process hollowing. File read and write update. Added bytecode and DLL injection through an asynchronous procedure call (APC). [hide][Hidden Content]]

Are you looking for a complete Online recharge system for your business, then you are in the right place. No need to pay thousands of dollars to hire developers to build your Online recharge website. PayLab may assist you to handle unlimited users, categories, services, recharge requests, able to accept payment via cards, cryptos, and mobile money. the ready-to-go solution, takes only a few minutes to set up your website with our system. we also here to provide you best support, installation, and customization. [Hidden Content] [hide][Hidden Content]]

hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking. Features World’s fastest password cracker World’s first and only in-kernel rule engine Free Open-Source (MIT License) Multi-OS (Linux, Windows and macOS) Multi-Platform (CPU, GPU, DSP, FPGA, etc., everything that comes with an OpenCL runtime) Multi-Hash (Cracking multiple hashes at the same time) Multi-Devices (Utilizing multiple devices in same system) Multi-Device-Types (Utilizing mixed device types in same system) Supports password candidate brain functionality Supports distributed cracking networks (using overlay) Supports interactive pause / resume Supports sessions Supports restore Supports reading password candidates from file and stdin Supports hex-salt and hex-charset Supports automatic performance tuning Supports automatic keyspace ordering markov-chains Built-in benchmarking system Integrated thermal watchdog 200+ Hash-types implemented with performance in mind … and much more Changelog v6.2.2 ## Algorithms ## – Added hash-mode: bcrypt(md5($pass)) / bcryptmd5 – Added hash-mode: bcrypt(sha1($pass)) / bcryptsha1 – Added hash-mode: FortiGate256 (FortiOS256) – Added hash-mode: Linux Kernel Crypto API (2.4) – Added hash-mode: MurmurHash – Added hash-mode: OpenEdge Progress Encode – Added hash-mode: md5(utf16le($pass)) – Added hash-mode: sha1(utf16le($pass)) – Added hash-mode: sha256(utf16le($pass)) – Added hash-mode: sha384(utf16le($pass)) – Added hash-mode: sha512(utf16le($pass)) – Added hash-mode: md5(md5(md5($pass))) – Added hash-mode: sha1(sha1($salt.$pass.$salt)) – Added hash-mode: sha256($salt.sha256($pass)) – Added hash-mode: sha384($pass.$salt) – Added hash-mode: sha384($salt.$pass) – Added hash-mode: sha384($salt.utf16le($pass)) – Added hash-mode: sha384(utf16le($pass).$salt) [hide][Hidden Content]]

hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking. Features World’s fastest password cracker World’s first and only in-kernel rule engine Free Open-Source (MIT License) Multi-OS (Linux, Windows and macOS) Multi-Platform (CPU, GPU, DSP, FPGA, etc., everything that comes with an OpenCL runtime) Multi-Hash (Cracking multiple hashes at the same time) Multi-Devices (Utilizing multiple devices in same system) Multi-Device-Types (Utilizing mixed device types in same system) Supports password candidate brain functionality Supports distributed cracking networks (using overlay) Supports interactive pause / resume Supports sessions Supports restore Supports reading password candidates from file and stdin Supports hex-salt and hex-charset Supports automatic performance tuning Supports automatic keyspace ordering markov-chains Built-in benchmarking system Integrated thermal watchdog 200+ Hash-types implemented with performance in mind … and much more Changelog v6.2 This release includes a new attack-mode, expanded support for many new algorithms, and a number of bug fixes: Added hash-mode: Apple iWork Added hash-mode: AxCrypt 2 AES-128 Added hash-mode: AxCrypt 2 AES-256 Added hash-mode: BestCrypt v3 Volume Encryption Added hash-mode: Bitwarden Added hash-mode: Dahua Authentication MD5 Added hash-mode: KNX IP Secure – Device Authentication Code Added hash-mode: MongoDB ServerKey SCRAM-SHA-1 Added hash-mode: MongoDB ServerKey SCRAM-SHA-256 Added hash-mode: Mozilla key3.db Added hash-mode: Mozilla key4.db Added hash-mode: MS Office 2016 – SheetProtection Added hash-mode: PDF 1.4 – 1.6 (Acrobat 5 – 8) – edit password Added hash-mode: PKCS#8 Private Keys Added hash-mode: RAR3-p (Compressed) Added hash-mode: RAR3-p (Uncompressed) Added hash-mode: RSA/DSA/EC/OPENSSH Private Keys Added hash-mode: SolarWinds Orion v2 Added hash-mode: SolarWinds Serv-U Added hash-mode: SQLCipher Added hash-mode: Stargazer Stellar Wallet XLM Added hash-mode: Stuffit5 Added hash-mode: Telegram Desktop >= v2.1.14 (PBKDF2-HMAC-SHA512) Added hash-mode: Umbraco HMAC-SHA1 Added hash-mode: sha1($salt.sha1($pass.$salt)) Added hash-mode: sha1(sha1($pass).$salt) [hide][Hidden Content]]

Features [1] Auto Updater Automatically checks for updates when you start the script, and Downloads and Installs if any update is available so. [2] Utilises the Power of CPU-Cores Can utilise Maximum no. of Cores available. This means increases the process of cracking of zip passwords by opening different processes on different independent cores. What this basically does is Split the inputted words from the given WordList and divides them in the no. of Cores Available or Selected and distributes that splitted list among all selected independent cores and work simultaneously ... [hide][Hidden Content]]

hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking. Features World’s fastest password cracker World’s first and only in-kernel rule engine Free Open-Source (MIT License) Multi-OS (Linux, Windows and macOS) Multi-Platform (CPU, GPU, DSP, FPGA, etc., everything that comes with an OpenCL runtime) Multi-Hash (Cracking multiple hashes at the same time) Multi-Devices (Utilizing multiple devices in same system) Multi-Device-Types (Utilizing mixed device types in same system) Supports password candidate brain functionality Supports distributed cracking networks (using overlay) Supports interactive pause / resume Supports sessions Supports restore Supports reading password candidates from file and stdin Supports hex-salt and hex-charset Supports automatic performance tuning Supports automatic keyspace ordering markov-chains Built-in benchmarking system Integrated thermal watchdog 200+ Hash-types implemented with performance in mind … and much more Changelog v6.1.1 This release is mostly about expanding support for new algorithms and fixing bugs: Added hash-mode: Apple Keychain Added hash-mode: XMPP SCRAM Changelog fixed Bugs: Fixed integer overflow for large masks in -a 6 attack mode Fixed alias detection with additional processor core count check Fixed maximum password length in modules of hash-modes 600, 7800, 7801 and 9900 Fixed non-zero status code when using –stdout Fixed uninitialized value in bitsliced DES kernel (BF mode only) leading to false negatives Changelog Improvements: Compile ZLIB: Fixed makefile include paths in case USE_SYSTEM_ZLIB is used Compile macOS: Fixed makefile target ‘clean’ to correctly remove *.dSYM folders OpenCL Kernels: Added datatypes to literals of enum costants OpenCL Kernels: Added pure kernels for hash-mode 600 (BLAKE2b-512) OpenCL Runtime: Reinterpret return code CL_DEVICE_NOT_FOUND from clGetDeviceIDs() as non-fatal OpenCL Runtime: Add some unstable warnings for some SHA512 based algorithms on AMD GPU on macOS Changelog Technical: Backend: Changed the maximum number of compute devices from 64 to 128 Tests: Improved tests for hash-mode 11300 (Bitcoin/Litecoin wallet.dat) Tests: Improved tests for hash-mode 13200 (AxCrypt) Tests: Improved tests for hash-mode 13600 (WinZip) Tests: Improved tests for hash-mode 16400 (CRAM-MD5 Dovecot) Tests: Improved tests for hash-mode 16800 (WPA-PMKID-PBKDF2) [hide][Hidden Content]]

[Hidden Content]

Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities. View the full article

MediaTek Wireless Utility rt2870 suffers from a denial of service vulnerability. View the full article