[ad] You may remember some time back we did a fairly exhaustive post on Password Cracking Wordlists and Tools for Brute Forcing. Wyd the Password Profiling Tool also does something similar to AWLG but it’s a PERL script rather than being based online. I’d prefer if AWLG let us download an offline version too personally. […]
password-hacking
Brits Give Up Passwords For a £5 Gift Voucher
[ad] So it turns out you don’t need any fancy password cracking software like John the Ripper or Cain and Abel you just need a handful of £5 gift vouchers for Marks and Spencers! But we had discussed this in part before, some people will give out their passwords if you just ask, some if […]
Medusa 1.4 – Parallel Password Cracker Released for Download
[ad] It’s been a long time coming but here it is, after almost a year (Remember Medusa 1.3?) finally version 1.4 is here! Version 1.4 of Medusa is now available for public download! What is Medusa? Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. The […]
piggy – Download MS-SQL Password Brute Forcing Tool
[ad] Piggy is yet another tool for performing online password guessing against Microsoft SQL servers. It supports scanning multiple servers using a dictionary file or a file with predefined accounts (username and password combinations). It’s a pretty simple tool and has a Win32 binary verson – it is a command line tool however.
1 2 3 4 5 6 7 8 9 10 11 12 13 |
Piggy v1.0.1 by patrik@cqure.net -------------------------------- usage: piggy [options] options: -u [username] - Single username -p [password] - Single password -s [server] - Single server -S [srvfile] - File containing ip/hostnames -D [dicfile] - File containing passwords -A [accounts] - File containing username;password combinations -N - Do not check availability before scan -v verbose - Verbose logging |
You […]
ObiWaN – Web Server Brute Forcing from Phenoelit
[ad] This Phenoelit tool called ObiWaN is written to carry out brute force security testing on Webservers. The idea behind this is webservers with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. In fact this is the point to start from. Every user with […]