18 KiB
18 KiB
Cryptography Ethical Hacking Tools
The following list includes some of the most popular tools to test crypto implementations.
| Name | Description |
|---|---|
| aespipe | Reads data from stdin and outputs encrypted or decrypted results to stdout. |
| argon2 | The password hash Argon2, winner of PHC. |
| armor | A simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners. |
| athena-ssl-scanner | a SSL cipher scanner that checks all cipher codes. It can identify about 150 different ciphers. |
| auto-xor-decryptor | Automatic XOR decryptor tool. |
| bletchley | A collection of practical application cryptanalysis tools. |
| brute12 | A tool designed for auditing the cryptography container security in PKCS12 format. |
| bruteforce-luks | Try to find the password of a LUKS encrypted volume. |
| bruteforce-salted-openssl | Try to find the password of a file that was encrypted with the 'openssl' command. |
| bruteforce-wallet | Try to find the password of an encrypted Peercoin (or Bitcoin,Litecoin, etc...) wallet file. |
| check-weak-dh-ssh | Debian OpenSSL weak client Diffie-Hellman Exchange checker. |
| chrome-decode | Chrome web browser decoder tool that demonstrates recovering passwords. |
| cipherscan | A very simple way to find out which SSL ciphersuites are supported by a target. |
| ciphertest | A better SSL cipher checker using gnutls. |
| ciphr | A CLI tool for encoding, decoding, encryption, decryption, and hashing streams of data. |
| cisco5crack | Crypt and decrypt the cisco enable 5 passwords. |
| cisco7crack | Crypt and decrypt the cisco enable 7 passwords. |
| cloakify | Data Exfiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Evade AV Detection. |
| codetective | A tool to determine the crypto/encoding algorithm used according to traces of its representation. |
| cribdrag | An interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys. |
| crypthook | TCP/UDP symmetric encryption tunnel wrapper. |
| cryptonark | SSL security checker. |
| dagon | Advanced Hash Manipulation. |
| daredevil | A tool to perform (higher-order) correlation power analysis attacks (CPA). |
| decodify | Tool that can detect and decode encoded strings, recursively. |
| deen | Generic data encoding/decoding application built with PyQt5. |
| demiguise | HTA encryption tool for RedTeams. |
| dislocker | A tool to exploit the hash length extension attack in various hashing algorithms. With FUSE capabilities built in. |
| ducktoolkit | Encoding Tools for Rubber Ducky. |
| evilize | Tool to create MD5 colliding binaries. |
| factordb-pycli | CLI for factordb and Python API Client. |
| featherduster | An automated, modular cryptanalysis tool. |
| findmyhash | Crack different types of hashes using free online services |
| foresight | A tool for predicting the output of random number generators. |
| gcrypt | Simple file encryption tool written in C++. |
| gnutls2 | A library which provides a secure layer over a reliable transport layer (Version 2) |
| gtalk-decode | Google Talk decoder tool that demonstrates recovering passwords from accounts. |
| haiti | A CLI tool to identify the hash type of a given hash. |
| hash-buster | A python script which scraps online hash crackers to find cleartext of a hash. |
| hash-extender | A hash length extension attack tool. |
| hash-identifier | Software to identify the different types of hashes used to encrypt data and especially passwords. |
| hashcheck | Search for leaked passwords while maintaining a high level of privacy using the k-anonymity method. |
| hashdb | A block hash toolkit. |
| hasher | A tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally. |
| hashfind | A tool to search files for matching password hash types and other interesting data. |
| hashid | Software to identify the different types of hashes used to encrypt data. |
| hashpump | A tool to exploit the hash length extension attack in various hashing algorithms. |
| hcxkeys | Set of tools to generate plainmasterkeys (rainbowtables) and hashes for hashcat and John the Ripper |
| hdcp-genkey | Generate HDCP source and sink keys from the leaked master key. |
| hlextend | Pure Python hash length extension module. |
| httpsscanner | A tool to test the strength of a SSL web server. |
| hyperion-crypter | A runtime encrypter for 32-bit portable executables. |
| ja3 | Standard for creating SSL client fingerprints in an easy to produce and shareable way. |
| jeangrey | A tool to perform differential fault analysis attacks (DFA). |
| kraken | A project to encrypt A5/1 GSM signaling using a Time/Memory Tradeoff Attack. |
| libbde | A library to access the BitLocker Drive Encryption (BDE) format. |
| littleblackbox | Penetration testing tool, search in a collection of thousands of private SSL keys extracted from various embedded devices. |
| luksipc | A tool to convert unencrypted block devices to encrypted LUKS devices in-place. |
| morxcrack | A cracking tool written in Perl to perform a dictionary-based attack on various hashing algorithm and CMS salted-passwords. |
| morxkeyfmt | Read a private key from stdin and output formatted data values. |
| nomorexor | Tool to help guess a files 256 byte XOR key by using frequency analysis |
| omen | Ordered Markov ENumerator - Password Guesser. |
| omnihash | Hash files, strings, input streams and network resources in various common algorithms simultaneously. |
| openstego | A tool implemented in Java for generic steganography, with support for password-based encryption of the data. |
| outguess | A universal steganographic tool. |
| pacumen | Packet Acumen - Analyse encrypted network traffic and more (side-channel attacks). |
| pip3line | The Swiss army knife of byte manipulation. |
| poracle | A tool for demonstrating padding oracle attacks. |
| posttester | A jar file that will send POST requests to servers in order to test for the hash collision vulnerability discussed at the Chaos Communication Congress in Berlin. |
| pwd-hash | A password hashing tool that use the crypt function to generate the hash of a string given on standard input. |
| pwdlyser | Python-based CLI Password Analyser (Reporting Tool). |
| pybozocrack | A silly & effective MD5 cracker in Python. |
| pyssltest | A python multithreaded script to make use of Qualys ssllabs api to test SSL flaws. |
| rdp-cipher-checker | Enumerate the encryption protocols supported by the server and the cipher strengths supported using native RDP encryption. |
| rsactftool | RSA tool for ctf - retreive private key from weak public key and/or uncipher data. |
| rsatool | Tool that can be used to calculate RSA and RSA-CRT parameters. |
| rshack | Python tool which allows to carry out some attacks on RSA, and offer a few tools to manipulate RSA keys. |
| rupture | A framework for BREACH and other compression-based crypto attacks. |
| sandy | An open-source Samsung phone encryption assessment framework |
| sbd | Netcat-clone, portable, offers strong encryption - features AES-128-CBC + HMAC-SHA1 encryption, program execution (-e), choosing source port, continuous reconnection with delay + more |
| sha1collisiondetection | Library and command line tool to detect SHA-1 collision in a file |
| sherlocked | Universal script packer-- transforms any type of script into a protected ELF executable, encrypted with anti-debugging. |
| skul | A PoC to bruteforce the Cryptsetup implementation of Linux Unified Key Setup (LUKS). |
| snapception | Intercept and decrypt all snapchats received over your network. |
| snow | Steganography program for concealing messages in text files. |
| spiped | A utility for creating symmetrically encrypted and authenticated pipes between socket addresses. |
| ssdeep | A program for computing context triggered piecewise hashes |
| sslcaudit | Utility to perform security audits of SSL/TLS clients. |
| ssllabs-scan | Command-line client for the SSL Labs APIs |
| sslmap | A lightweight TLS/SSL cipher suite scanner. |
| sslscan | A fast tools to scan SSL services, such as HTTPS to determine the ciphers that are supported |
| tchunt-ng | Reveal encrypted files stored on a filesystem. |
| testssl | Testing TLS/SSL encryption. |
| testssl.sh | Testing TLS/SSL encryption |
| tls-attacker | A Java-based framework for analyzing TLS libraries. |
| tls-map | CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL, GnUTLS, NSS. |
| tls-prober | A tool to fingerprint SSL/TLS servers. |
| tlsenum | A command line tool to enumerate TLS cipher-suites supported by a server. |
| tlsfuzzer | SSL and TLS protocol test suite and fuzzer. |
| tlspretense | SSL/TLS client testing framework |
| untwister | Seed recovery tool for PRNGs. |
| veracrypt | Disk encryption with strong security based on TrueCrypt |
| webfixy | On-the-fly decryption proxy for MikroTik RouterOS WebFig sessions. |
| x-rsa | Contains a many of attack types in RSA such as Hasted, Common Modulus, Chinese Remainder Theorem. |
| xorbruteforcer | Script that implements a XOR bruteforcing of a given file, although a specific key can be used too. |
| xorsearch | Program to search for a given string in an XOR, ROL or ROT encoded binary file. |
| xortool | A tool to analyze multi-byte xor cipher. |
| zulucrypt | Front end to cryptsetup and tcplay and it allows easy management of encrypted block devices. |