cyber-security-resources/crypto/crypto_tools.md

447 lines
18 KiB
Markdown
Raw Normal View History

2021-10-01 00:32:57 -04:00
# Cryptography Ethical Hacking Tools
2021-10-01 00:33:54 -04:00
The following list includes some of the most popular tools to test crypto implementations.
2021-10-01 00:32:57 -04:00
<table class="table">
<thead>
<tr>
<th>Name</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=15">aespipe</a></th>
<td>Reads data from stdin and outputs encrypted or decrypted results to stdout.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=60">argon2</a></th>
<td>The password hash Argon2, winner of PHC.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2114">armor</a></th>
<td>A simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=75">athena-ssl-scanner</a></th>
<td>a SSL cipher scanner that checks all cipher codes. It can identify about 150 different ciphers.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=78">auto-xor-decryptor</a></th>
<td>Automatic XOR decryptor tool.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=136">bletchley</a></th>
<td>A collection of practical application cryptanalysis tools.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=162">brute12</a></th>
<td>A tool designed for auditing the cryptography container security in PKCS12 format.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2267">bruteforce-luks</a></th>
<td>Try to find the password of a LUKS encrypted volume.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2268">bruteforce-salted-openssl</a></th>
<td>Try to find the password of a file that was encrypted with the 'openssl' command.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=163">bruteforce-wallet</a></th>
<td>Try to find the password of an encrypted Peercoin (or Bitcoin,Litecoin, etc...) wallet file.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=203">check-weak-dh-ssh</a></th>
<td>Debian OpenSSL weak client Diffie-Hellman Exchange checker.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=216">chrome-decode</a></th>
<td>Chrome web browser decoder tool that demonstrates recovering passwords.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=222">cipherscan</a></th>
<td>A very simple way to find out which SSL ciphersuites are supported by a target.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=223">ciphertest</a></th>
<td>A better SSL cipher checker using gnutls.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=224">ciphr</a></th>
<td>A CLI tool for encoding, decoding, encryption, decryption, and hashing streams of data.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=234">cisco5crack</a></th>
<td>Crypt and decrypt the cisco enable 5 passwords.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=235">cisco7crack</a></th>
<td>Crypt and decrypt the cisco enable 7 passwords.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=240">cloakify</a></th>
<td>Data Exfiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Evade AV Detection.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=251">codetective</a></th>
<td>A tool to determine the crypto/encoding algorithm used according to traces of its representation.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1727">cribdrag</a></th>
<td>An interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=278">crypthook</a></th>
<td>TCP/UDP symmetric encryption tunnel wrapper.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=279">cryptonark</a></th>
<td>SSL security checker.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1791">dagon</a></th>
<td>Advanced Hash Manipulation.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=289">daredevil</a></th>
<td>A tool to perform (higher-order) correlation power analysis attacks (CPA).</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1963">decodify</a></th>
<td>Tool that can detect and decode encoded strings, recursively.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1720">deen</a></th>
<td>Generic data encoding/decoding application built with PyQt5.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2240">demiguise</a></th>
<td>HTA encryption tool for RedTeams.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=330">dislocker</a></th>
<td>A tool to exploit the hash length extension attack in various hashing algorithms. With FUSE capabilities built in.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2502">ducktoolkit</a></th>
<td>Encoding Tools for Rubber Ducky.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=423">evilize</a></th>
<td>Tool to create MD5 colliding binaries.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2085">factordb-pycli</a></th>
<td>CLI for factordb and Python API Client.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=450">featherduster</a></th>
<td>An automated, modular cryptanalysis tool.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=462">findmyhash</a></th>
<td>Crack different types of hashes using free online services</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1798">foresight</a></th>
<td>A tool for predicting the output of random number generators.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2033">gcrypt</a></th>
<td>Simple file encryption tool written in C++.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=529">gnutls2</a></th>
<td>A library which provides a secure layer over a reliable transport layer (Version 2)</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=550">gtalk-decode</a></th>
<td>Google Talk decoder tool that demonstrates recovering passwords from accounts.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2403">haiti</a></th>
<td>A CLI tool to identify the hash type of a given hash.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1836">hash-buster</a></th>
<td>A python script which scraps online hash crackers to find cleartext of a hash.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=563">hash-extender</a></th>
<td>A hash length extension attack tool.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2351">hash-identifier</a></th>
<td>Software to identify the different types of hashes used to encrypt data and especially passwords.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2780">hashcheck</a></th>
<td>Search for leaked passwords while maintaining a high level of privacy using the k-anonymity method.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1903">hashdb</a></th>
<td>A block hash toolkit.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=567">hasher</a></th>
<td>A tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=568">hashfind</a></th>
<td>A tool to search files for matching password hash types and other interesting data.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=569">hashid</a></th>
<td>Software to identify the different types of hashes used to encrypt data.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=570">hashpump</a></th>
<td>A tool to exploit the hash length extension attack in various hashing algorithms.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2263">hcxkeys</a></th>
<td>Set of tools to generate plainmasterkeys (rainbowtables) and hashes for hashcat and John the Ripper</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=575">hdcp-genkey</a></th>
<td>Generate HDCP source and sink keys from the leaked master key.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1806">hlextend</a></th>
<td>Pure Python hash length extension module.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=619">httpsscanner</a></th>
<td>A tool to test the strength of a SSL web server.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=629">hyperion-crypter</a></th>
<td>A runtime encrypter for 32-bit portable executables.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2462">ja3</a></th>
<td>Standard for creating SSL client fingerprints in an easy to produce and shareable way.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=690">jeangrey</a></th>
<td>A tool to perform differential fault analysis attacks (DFA).</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=727">kraken</a></th>
<td>A project to encrypt A5/1 GSM signaling using a Time/Memory Tradeoff Attack.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2011">libbde</a></th>
<td>A library to access the BitLocker Drive Encryption (BDE) format.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=763">littleblackbox</a></th>
<td>Penetration testing tool, search in a collection of thousands of private SSL keys extracted from various embedded devices.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=772">luksipc</a></th>
<td>A tool to convert unencrypted block devices to encrypted LUKS devices in-place.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=850">morxcrack</a></th>
<td>A cracking tool written in Perl to perform a dictionary-based attack on various hashing algorithm and CMS salted-passwords.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=851">morxkeyfmt</a></th>
<td>Read a private key from stdin and output formatted data values.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=924">nomorexor</a></th>
<td>Tool to help guess a files 256 byte XOR key by using frequency analysis</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1902">omen</a></th>
<td>Ordered Markov ENumerator - Password Guesser.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=947">omnihash</a></th>
<td>Hash files, strings, input streams and network resources in various common algorithms simultaneously.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=953">openstego</a></th>
<td>A tool implemented in Java for generic steganography, with support for password-based encryption of the data.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=968">outguess</a></th>
<td>A universal steganographic tool.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=981">pacumen</a></th>
<td>Packet Acumen - Analyse encrypted network traffic and more (side-channel attacks).</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1037">pip3line</a></th>
<td>The Swiss army knife of byte manipulation.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1057">poracle</a></th>
<td>A tool for demonstrating padding oracle attacks.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1060">posttester</a></th>
<td>A jar file that will send POST requests to servers in order to test for the hash collision vulnerability discussed at the Chaos Communication Congress in Berlin.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1088">pwd-hash</a></th>
<td>A password hashing tool that use the crypt function to generate the hash of a string given on standard input.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1752">pwdlyser</a></th>
<td>Python-based CLI Password Analyser (Reporting Tool).</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1770">pybozocrack</a></th>
<td>A silly &amp; effective MD5 cracker in Python.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1103">pyssltest</a></th>
<td>A python multithreaded script to make use of Qualys ssllabs api to test SSL flaws.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2805">rdp-cipher-checker</a></th>
<td>Enumerate the encryption protocols supported by the server and the cipher strengths supported using native RDP encryption.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1729">rsactftool</a></th>
<td>RSA tool for ctf - retreive private key from weak public key and/or uncipher data.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1172">rsatool</a></th>
<td>Tool that can be used to calculate RSA and RSA-CRT parameters.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2302">rshack</a></th>
<td>Python tool which allows to carry out some attacks on RSA, and offer a few tools to manipulate RSA keys.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2588">rupture</a></th>
<td>A framework for BREACH and other compression-based crypto attacks.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1190">sandy</a></th>
<td>An open-source Samsung phone encryption assessment framework</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1195">sbd</a></th>
<td>Netcat-clone, portable, offers strong encryption - features AES-128-CBC + HMAC-SHA1 encryption, program execution (-e), choosing source port, continuous reconnection with delay + more</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1832">sha1collisiondetection</a></th>
<td>Library and command line tool to detect SHA-1 collision in a file</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1231">sherlocked</a></th>
<td>Universal script packer-- transforms any type of script into a protected ELF executable, encrypted with anti-debugging.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1257">skul</a></th>
<td>A PoC to bruteforce the Cryptsetup implementation of Linux Unified Key Setup (LUKS).</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1288">snapception</a></th>
<td>Intercept and decrypt all snapchats received over your network.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1301">snow</a></th>
<td>Steganography program for concealing messages in text files.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1323">spiped</a></th>
<td>A utility for creating symmetrically encrypted and authenticated pipes between socket addresses.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1966">ssdeep</a></th>
<td>A program for computing context triggered piecewise hashes</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1352">sslcaudit</a></th>
<td>Utility to perform security audits of SSL/TLS clients.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1355">ssllabs-scan</a></th>
<td>Command-line client for the SSL Labs APIs</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1356">sslmap</a></th>
<td>A lightweight TLS/SSL cipher suite scanner.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1358">sslscan</a></th>
<td>A fast tools to scan SSL services, such as HTTPS to determine the ciphers that are supported</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1690">tchunt-ng</a></th>
<td>Reveal encrypted files stored on a filesystem.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1415">testssl</a></th>
<td>Testing TLS/SSL encryption.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2018">testssl.sh</a></th>
<td>Testing TLS/SSL encryption</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1797">tls-attacker</a></th>
<td>A Java-based framework for analyzing TLS libraries.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2763">tls-map</a></th>
<td>CLI &amp; library for mapping TLS cipher algorithm names: IANA, OpenSSL, GnUTLS, NSS.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1433">tls-prober</a></th>
<td>A tool to fingerprint SSL/TLS servers.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1434">tlsenum</a></th>
<td>A command line tool to enumerate TLS cipher-suites supported by a server.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2086">tlsfuzzer</a></th>
<td>SSL and TLS protocol test suite and fuzzer.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1435">tlspretense</a></th>
<td>SSL/TLS client testing framework</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1482">untwister</a></th>
<td>Seed recovery tool for PRNGs.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1506">veracrypt</a></th>
<td>Disk encryption with strong security based on TrueCrypt</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1545">webfixy</a></th>
<td>On-the-fly decryption proxy for MikroTik RouterOS WebFig sessions.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2589">x-rsa</a></th>
<td>Contains a many of attack types in RSA such as Hasted, Common Modulus, Chinese Remainder Theorem.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1615">xorbruteforcer</a></th>
<td>Script that implements a XOR bruteforcing of a given file, although a specific key can be used too.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1616">xorsearch</a></th>
<td>Program to search for a given string in an XOR, ROL or ROT encoded binary file.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=1617">xortool</a></th>
<td>A tool to analyze multi-byte xor cipher.</td>
</tr>
<tr>
<th scope="row"><a href="https://en.kali.tools/all/?tool=2093">zulucrypt</a></th>
<td>Front end to cryptsetup and tcplay and it allows easy management of encrypted block devices.</td>
</tr>
</tbody>
</table>