# Password & Cracking

[**Depix**](https://github.com/beurtschipper/Depix)**:** Recovers passwords from pixelized screenshots.

![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MWd-VcvRHVgUtkahm85%2Fuploads%2FsZAw2T9B1m96rrrX6wj1%2Fimage.png?alt=media\&token=4b5e1438-8e80-4418-8d76-2fd9fc70b49b)

{% embed url="<https://github.com/beurtschipper/Depix>" %}

**bopscrk:** Before Outset PaSsword CRacKing is a tool to generate smart and powerful wordlists for targeted attacks.

![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWd-VcvRHVgUtkahm85%2F-MX-29iq5C5dE_0vDCBv%2F-MX-60xKnId0KCxRMFhB%2Fbopscrk-2.3.gif?alt=media\&token=ba958a7c-1f64-4a63-a9ff-6de29a06b341)

[**spraygen**](https://github.com/3ndG4me/spraygen)**:** Password list generator for password spraying - prebaked with goodie.

[**cook**](https://github.com/giteshnxtlvl/cook)**:** Easily create word's permutation and combination to generate complex wordlists and passwords.

![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWd-VcvRHVgUtkahm85%2F-MZF-kN_OYS8zExuXkJJ%2F-MZFCkxPSC0naJG8L2zJ%2Fimage.png?alt=media\&token=5705c14f-7c3e-4a52-a28b-4e9f5ea06713)

![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWd-VcvRHVgUtkahm85%2F-MZF-kN_OYS8zExuXkJJ%2F-MZFCt9UfWg0CnWj81_7%2Fimage.png?alt=media\&token=80d459aa-4ba2-48cd-8eb8-bcca4b5d1b42)

[**crackpkcs12:**](https://github.com/crackpkcs12/crackpkcs12) A multithreaded program to crack PKCS#12 files (p12 and pfx extensions) by Aestu.

```
crackpkcs12 -d dictionary.txt certificate.pfx
```

[**hashcat:**](https://hashcat.net/hashcat/)  This is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 300 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking.

```
Linux:
hashcat hash.txt -a 0 -m 3200 -w 4 --username -r /usr/share/hashcat/rules/best64.rule wordlist.txt --force

-r option will permutate the words, e.g:
password, password!, password1, password21, password30

Windows:
hashcat64.exe -a 0 --session=2021-04-02 -m 3200 -w 4 --username --force --status --status-timer=60 -p : -O --hwmon-disable -o "C:\Users\xxx\Desktop\cracked.txt" --outfile-format=3 -r "C:\Users\xxx\Desktop\hashcat-5.1.0\rules\nsav2.rule" "C:\Users\xxx\Desktop\hash.txt" "C:\Users\xxx\Desktop\wordlist.txt"
```

![](https://4052868066-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MWd-VcvRHVgUtkahm85%2Fuploads%2FK5ykc6KlDP6Eq34FeKDv%2Fimage.png?alt=media\&token=2bcbf852-3db3-4125-a479-a4b95084cd7a)

&#x20;[**pack**](https://github.com/iphelix/pack): PACK (Password Analysis and Cracking Toolkit) is a collection of utilities developed to aid in analysis of password lists in order to enhance password cracking through pattern detection of masks, rules, character-sets and other password characteristics. The toolkit generates valid input files for Hashcat family of password crackers.

```
python statsgen.py rockyou.txt
```

[**pipal**](https://github.com/digininja/pipal): Pipal, THE password analyser.

{% embed url="<https://github.com/digininja/pipal>" %}

Script to keep repetition of NTDS passwords when cracked with hashcat before analyze them with pipal:

```
#script to count repetitions of cracked passwords
import sys

if len(sys.argv) != 3:
    print("Usage: python script.py arg1[ntds_file] arg2[cracked_file]")
    print("Please provide exactly 2 arguments.")
    sys.exit(1)

if __name__ == "__main__":
	ntds_hashes = {}
	cracked_hashes= {}
	file_name_ntds = sys.argv[1]
	file_name_cracked= sys.argv[2]
	file_name_output = "output.txt"

	with open(file_name_output, 'w') as output_file:

	#open ntds file and compare if the hash is in cracked
		with open(file_name_ntds, 'r') as ntds_file:
			for line_ntds in ntds_file:
				parts = line_ntds.strip().split(':')
				with open(file_name_cracked, 'r') as cracked_file:
					for line_cracked in cracked_file:
						parts1 = line_cracked.strip().split(':')
						if parts[3] == parts1[0]:
						    output_file.write(parts1[1]+"\n")




```

&#x20;[**BridgeKeeper**](https://github.com/0xZDH/BridgeKeeper): Scrape employee names from search engine LinkedIn profiles. Convert employee names to a specified username format.

```
$ python3 bridgekeeper.py --file names.txt --format {f}{last}@example.com --output example-employees/ --debug

Name: John Adams Smith
{f}{last}                   > jsmith
{f}{m}.{last}               > ja.smith
{f}{last}[4]@example.com    > jsmit@example.com
```

## assless-chaps

\
Crack MSCHAPv2/NTLMv1 challenge/responses quickly using a database of NT hashes<br>

{% embed url="<https://github.com/sensepost/assless-chaps.git>" %}

## Hashes online

{% embed url="<https://hashes.com/en/decrypt/hash>" %}

{% embed url="<https://crackstation.net>" %}

{% embed url="<https://www.tunnelsup.com/hash-analyzer>" %}

{% embed url="<https://hashcat.net/hashcat>" %}

{% embed url="<https://weakpass.com>" %}

{% embed url="<https://hashmob.net/hashlists>" %}

{% embed url="<https://cybertoolbank.cc/leakcheck.php>" %}

{% embed url="<https://dehashed.com>" %}

{% embed url="<https://leakcheck.io>" %}

{% embed url="<https://haveibeenpwned.com>" %}