A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.
RomBuster is a router exploitation tool that allows to disclosure network router admin password.
LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering ...
Passwords Recovery Tool
Go library for credentials recovery
XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual accoun...
Programmatically extract saved passwords from Chromium based browsers.
翻译 - 以编程方式从 Google Chrome 中提取保存的密码
sshd-poison is a tool that modifies a sshd binary to capture password-based authentications and allows you to login in some accounts using a magic-pass.
翻译 - 一种获得基于pam ssh身份验证的积分的工具
Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with a mounted windows drive.
A C# implementation of dumping credentials from Windows Credential Manager
Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets
convert secret patterns to gf compatible.
Leaky simplifies the management and visualization of database leak files containing credentials, enhancing efficiency in data analysis and redteam operations.
Invoke-KleptoKitty - Deploys Payloads and collects credentials
Captive Portal. A Hotspot or Evil twin which redirects the clients to login page to enter credentials. Simple and easy to use with less bugs.
Man in the browser attack is all about stealing credentials from sites running in internet-explorer by forcing user to logout and then again logIn.
Hard-to-detect facebook clone webpage that stores victim credentials in either a file or a database