Open Source Python Brute Force Tools

CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes. Create your own challenges, categories, hints, and flags from the Admin Interface. Dynamic Scoring Challenges. Unlockable challenge support. Challenge plugin architecture to create your own custom challenges. Static & Regex-based flags. Custom flag plugins. Unlockable hints. File uploads to the server or an Amazon S3-compatible backend. Limit challenge attempts & hide challenges. Automatic bruteforce protection. Individual and Team-based competitions. Have users play on their own or form teams to play together. Scoreboard with automatic tie resolution. Hide Scores from the public. Freeze Scores at a specific time. Scoregraphs comparing the top 10 teams and team progress graphs. Markdown content management system. SMTP + Mailgun email support. Email confirmation support. Forgot password support.

An advanced command-line tool designed to brute force directories and files in webservers, AKA web path scanner. Wordlist is a text file, each line is a path. About extensions, unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from -e flag. For wordlists without %EXT% (like SecLists), -f | --force-extensions switch is required to append extensions to every word in wordlist, as well as the /. To use multiple wordlists, you can separate your wordlists with commas. Example: wordlist1.txt,wordlist2.txt. Default values for dirsearch flags can be edited in the configuration file: default.conf. The thread number (-t | --threads) reflects the number of separated brute force processes. And so the bigger the thread number is, the faster dirsearch runs. By default, the number of threads is 30, but you can increase it if you want to speed up the progress.

A powerful and useful hacker dictionary builder for a brute-force attack. You can use pydictor to generate a general blast wordlist, a custom wordlist based on Web content, a social engineering wordlist, and so on; You can use the pydictor built-in tool to safe delete, merge, unique, merge and unique, count word frequency to filter the wordlist, besides, you also can specify your wordlist and use '-tool handler' to filter your wordlist. You can generate highly customized and complex wordlists by modifying multiple configuration files, adding your own dictionary, using leet mode, filter by length, char occur times, types of different char, regex, and even add customized encode scripts in /lib/encode/ folder, add your own plugin script in /plugins/ folder, add your own tool script in /tools/ folder.

Build by Rajib Acharyya(Spid3r64) ANONIMITY Metasploit Armitage Cobalt Strike & veil WIRELESS SECURITY SNIFFERS PYTHON,PERL & RUBY FORENSICS BRUTE FORCE & DDOS ANDROID TOOLS Based on : Ubuntu 12.04 LTS(32bit) (Custom Backbox) user:root pass:india Kernel version =>3.8.0-29 generic Desktop environment's => xfce,conky,Docky Version 1.0(full) Extra Softwares inbuilt => Skype,Virtualbox,Filezila,Chromium Browser,XDM(Xtreme Download Manager) ,Gimp,Python...many more Credit List: Pedro Ubuntu(r00tsect0r) For Netool.sh Asif Iqbal (cobalt strike) w0lf3nst3in3 Rohit Verma(Startx) Navonil Sanpui(M3ghnath) Team BHS

A python script used to generate all possible password combinations for cracking WAP and other logins or password files. This program is open source. If you see the need to repair or change something by all means do so, but share your findings. *HONK* Usage: wordpie.py [-h] [-o OUTPUT] [-min MIN_SIZE] [-max MAX_SIZE] [-N] [-L] [-U] [-S] [-A] [-v] Generate a wordlist with all possible combinations of letters including: -L (Lowercase Letters) -U (Uppercase Letters) -N (Numbers) -S (Special Characters) -A (All Characters, Numbers, and Letters) -min (Minimum Size) -max (Maximum Size) -o outputfile.gz or -o stdout By default -o filename.gz to create a GZ compressed text file of all the words. Use the keyword "stdout" to print to screen or for use with other programs like Aircrack-ng or Medusa ./wordpie.py | xargs -L 1 medusa -h 192.168.1.1 -u admin -M web-form -p ./wordpie.py -o stdout -A | aircrack-ng -b XX:XX:XX:XX:XX:XX -w - *.cap

imgp is a command line image resizer and rotator for JPEG and PNG images. If you have tons of images you want to resize adaptively to a screen resolution or rotate by an angle using a single command, imgp is the utility for you. It can save a lot on storage too. Powered by multiprocessing, an intelligent adaptive algorithm, recursive operations, shell completion scripts, EXIF preservation (and more), imgp is a very flexible utility with well-documented easy to use options. imgp intends to be a stronger replacement of the Nautilus Image Converter extension, not tied to any file manager and way faster. On desktop environments (like Xfce or LxQt) which do not integrate Nautilus, imgp will save your day.

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembl

Questo software permette di decrittografare testi crittografati con il cifrario di Cesare tentando tutte le combinazioni possibili.

A daemon that creates realtime dynamic, expirable iptables rules to block/drop IP addresses attempting brute-force breakin attacks on a linux host via ssh or other mechanism. Highly customizable and extensible.

Simple CGI script which allows you to transfer sensitive ascii data (passwords, hashes, pem keys) via HTTPS. SSL MUST BE implemented by webserver. Algorithm: - Paste new data into textarea, submit. You get link Link consists of three md5 hashes from salt. File, containing your data, named that way. So, it is hard to bruteforce links/files. - Whenever link being opened, script reads file and prints its content into brower in text/plain content-type. Afterthat, script removes file. So one link doesn't work twice and you can securely paste it everywhere. Prefered deployment schema: Nginx + SSL as front Apache + CGI + script as backend

ParamIT is a toolkit aiding the development of molecular mechanical force field parameterization of small, drag like, molecules within CHARMM general force field (CGenFF) protocol. The developed toolkit helps the researchers in following ways: 1) automating the creation of multiple input files for quantum and molecular mechanics programs, 2) automating the output analysis and 3) substitute the use of full MM programs with a faster specialized one. The developed tools include: 1) generator of molecule-water complexes with graphical user interface (GUI), 2) semi-automatic frequency analysis using symbolic potential energy distribution matrix and comparison of optimized internal coordinates, 3) GUI for charge fitting with three modes: manual, Monte-Carlo sampling or brute force, and 4) GUI for dihedral terms fitting. The usage of these tools decreases the labor effort, lowers manual input errors and reduces the time needed for accurate MM parameterization efforts.

A cryptographically secure random password generator for Linux written in python and GTK 2.0.

Setra is a cross-platform command line utility used to brute-force password protected zip file. It is written in the Python programming language.

Sherlock Roams is a Python-based password auditing tool for Un*x-based systems. It uses a brute force approach on the shadow file (or the regular password file if that fails) to determine which users on your system have obviously insecure passwords.

Zinas : Zinas Is Not A Scanner a simple tool written in python to be used by penetration-testers it can brute force FTP,TELNET and POP3 , and verify SMTP users, and fuzzes POP3 password field

A simple proof of concept brute forcer that depends on weak key systems depending on interest I might add more to make it more useful for things other then a reference

BELCH Password List Generator is a simple tool to generate password lists based on a given pattern. You can specify the password pattern and generate multiple unique passwords.

phpbb forum login brute force

An attempt to send a full flagged MIME based email using open relay mail servers (authentication not required). Written in Python3. Using smtplib and email liabraries TODO: Bruteforce the SMTP authentication. Support TLS.

A non-brute-force sudoku solver. Ukodos is sodoku backwards; According to wikipedia, Sodoku is a bacterial zoonotic disease.

ssh bruteforce authentification with multiprocessing, string generator and dictionary attack