.webp)
In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system in scrambled form.
A common approach (brute-force attack) is to repeatedly try guesses for the password and to check them against an available cryptographic hash of the password.
This is a curated list of awesome tools, research, papers and other projects related to password cracking and password security by @n0kovo@infosec.exchange.
Read CONTRIBUTING.md before contributing! In short:
- List is alphabetically sorted
- If in doubt, use awesome-lint
- If you think an item shouldn’t be here open an issue
Contents
- Books
- Cloud
- Conversion
- Hashcat
- Automation
- Distributed cracking
- Rules
- Rule tools
- Web interfaces
- John the Ripper
- Misc
- Notable People
- Websites
- Communities
- Lookup services
- Wordlist tools
- Analysis
- Generation/Manipulation
- Wordlists
- Laguage specific
- Other
- Specific file formats
- PEM
- JKS
- ZIP
- Artificial Intelligence
- Research
- Articles and Blog Posts
- Papers
- Talks
Books
- Hash Crack: Password Cracking Manual (v3) – Password Cracking Manual v3 is an expanded reference guide for password recovery (cracking) methods, tools, and analysis techniques.
Cloud
- Cloud_crack – Crack passwords using Terraform and AWS.
- Cloudcat – A script to automate the creation of cloud infrastructure for hash cracking.
- Cloudstomp – Automated deployment of instances on EC2 via plugin for high CPU/GPU applications at the lowest price.
- Cloudtopolis – A tool that facilitates the installation and provisioning of Hashtopolis on the Google Cloud Shell platform, quickly and completely unattended (and also, free!).
- NPK – NPK is a distributed hash-cracking platform built entirely of serverless components in AWS including Cognito, DynamoDB, and S3.
- Penglab – Abuse of Google Colab for cracking hashes.
- Rook – Automates the creation of AWS p3 instances for use in GPU-based password cracking.
For more information click here.