54 matches found
How to build a password cracking rig during a worldwide chip shortage
… and keep a domain password auditing service online. Making money on GPUs, the hard way… At PTP we had a fairly decent GPU password cracking box called Titan. It used 4×1080 GPUs and had an NTLM hash rate of around 180GH/s. Several years ago I realised that the box was sitting idle much of the...
Password choice
Introduction We’ve been advocates of regular password auditing for years. Over that time, we’ve noticed that password choice is not only very personal, but hugely influenced by current events, trends, and even what’s sat on your desk. Its given us a unique opportunity to see these common influenc...
Introducing GoCrack: A Managed Password Cracking Tool
FireEye's Innovation and Custom Engineering ICE team released a tool today called GoCrack that allows red teams to efficiently manage password cracking tasks across multiple GPU servers by providing an easy-to-use, web-based real-time UI Figure 1 shows the dashboard to create, view, and manage...
deluge-rpc-brute NSE Script
Performs brute force password auditing against the DelugeRPC daemon. Script Arguments passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. creds.service, creds.global See the documentation for the creds library. brute.credfile,...
ipmi-brute NSE Script
Performs brute force password auditing against IPMI RPC server. Script Arguments brute.credfile, brute.delay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly, brute.retries, brute.start, brute.threads, brute.unique, brute.useraspass See the documentation for the brute...
mikrotik-routeros-brute NSE Script
Performs brute force password auditing against Mikrotik RouterOS devices with the API RouterOS interface enabled. Additional information: Script Arguments mikrotik-routeros-brute.threads sets the number of threads. Default: 1 brute.credfile, brute.delay, brute.emptypass, brute.firstonly,...
[JBrute] Open Source Security tool to audit hashed passwords
JBrute is an open source tool written in Java to audit security and stronghold of stored password for several open source and commercial apps. It is focused to provide multi-platform support and flexible parameters to cover most of the possible password-auditing scenarios. Java Runtime version 1....
Nmap NSE 6.01: ftp-brute
Performs brute force password auditing against FTP servers. This uses the standard unpwdb username/password list. However, in tests FTP servers are significantly slower than other servers when responding, so the number of usernames/passwords can be artificially limited using script arguments...
cassandra-brute NSE Script
Performs brute force password auditing against the Cassandra database. For more information about Cassandra, see: Script Arguments passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. creds.service, creds.global See the documentation f...
irc-sasl-brute NSE Script
Performs brute force password auditing against IRC Internet Relay Chat servers supporting SASL authentication. Script Arguments irc-sasl-brute.threads the number of threads to use while brute-forcing. Defaults to 2. passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the...
metasploit-msgrpc-brute NSE Script
Performs brute force username and password auditing against Metasploit msgrpc interface. Script Arguments creds.service, creds.global See the documentation for the creds library. smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername See the documentation for the smbauth library. passd...
ajp-brute NSE Script
Performs brute force passwords auditing against the Apache JServ protocol. The Apache JServ Protocol is commonly used by web servers to communicate with back-end Java application server containers. Script Arguments ajp-brute.path URL path to request. Default: / creds.service, creds.global See the...
mmouse-brute NSE Script
Performs brute force password auditing against the RPA Tech Mobile Mouse servers. The Mobile Mouse server runs on OS X, Windows and Linux and enables remote control of the keyboard and mouse from an iOS device. For more information: Script Arguments mmouse-brute.timeout socket timeout for...
rpcap-brute NSE Script
Performs brute force password auditing against the WinPcap Remote Capture Daemon rpcap. Script Arguments passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. creds.service, creds.global See the documentation for the creds library...
mongodb-brute NSE Script
Performs brute force password auditing against the MongoDB database. Script Arguments mongodb-brute.db Database against which to check. Default: admin passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. creds.service, creds.global See...
rsync-brute NSE Script
Performs brute force password auditing against the rsync remote file syncing protocol. Script Arguments rsync-brute.module - the module against which brute forcing should be performed passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library...
iax2-brute NSE Script
Performs brute force password auditing against the Asterisk IAX2 protocol. Guessing fails when a large number of attempts is made due to the maxcallnumber limit default 2048. In case your getting "ERROR: Too many retries, aborted ..." after a while, this is most likely what's happening. In order ...
nessus-xmlrpc-brute NSE Script
Performs brute force password auditing against a Nessus vulnerability scanning daemon using the XMLRPC protocol. Script Arguments nessus-xmlrpc-brute.timeout socket timeout for connecting to Nessus default 5s nessus-xmlrpc-brute.threads sets the number of threads. passdb, unpwdb.passlimit,...
membase-brute NSE Script
Performs brute force password auditing against Couchbase Membase servers. Script Arguments membase-brute.bucketname if specified, password guessing is performed only against this bucket. creds.service, creds.global See the documentation for the creds library. smbdomain, smbhash, smbnoguest,...
redis-brute NSE Script
Performs brute force passwords auditing against a Redis key-value store. Script Arguments passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. creds.service, creds.global See the documentation for the creds library. brute.credfile,...