Open-source projects categorized as Password | Edit details

Top 23 Password Open-Source Projects

  • GitHub repo KeeWeb

    Free cross-platform password manager compatible with KeePass

    Project mention: Store all passwords in the same Excel... what could go wrong!? | reddit.com/r/sysadmin | 2021-04-13

    It's open source and built with security in mind https://keeweb.info/

  • GitHub repo hashcat

    World's fastest and most advanced password recovery utility

    Project mention: Need help claiming NEO from 2017 | reddit.com/r/CryptoCurrency | 2021-05-07

    You might be able to brute your password with https://hashcat.net/hashcat/ using AES Crypt (SHA256) and Mask Attack / Hybrid attack with all your known passwords that you could have possibly used or use a commonly used password .txt file

  • GitHub repo Probable-Wordlists

    Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

    Project mention: Password List | reddit.com/r/HashCracking | 2021-03-18

    Another fantastic option is here just download the torrent file and choose the top 2 billion probable one.

  • GitHub repo john

    John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

    Project mention: Decrypting an encrypted PDF without password? | reddit.com/r/Hacking_Tutorials | 2021-05-01

    Download and install gnupg for windows if on Windows or if your in Linux it's probably installed if not install it with your package manager Download John the ripper from here. Download Perl from here (depending in your os you might have it pre-installed but if your in Windows download strawberry Perl.) Open cmd or terminal and write: gpg --receive-keys 05C027FD4BDC136E gpg --verify your-downloaded-john-signature.sign If it says that the signature is correct it should be ok. If not download John again. Ignore any error like public key not signed. Now do: 7z X your-compressed-john-binary.tar.gz 7z X your-compressed-john-binary.tar cd where-the-binaries-extracted cd the-only-folder-you-see cd run cpan install Exif::Tools perl pdf2john.pl name-of-your-encrypted-pdf.pdf > hashes_to_crack john hashes_to_crack It should start to crack. Keep in mind it will probably take a lot of time to crack the hash.

  • GitHub repo lesspass

    :key: stateless open source password manager

    Project mention: Question: Fetching the output of a CLI tool, based on parameters from a form | reddit.com/r/espanso | 2021-04-29

    LessPass is a deterministic, stateless password manager. Basically for given set of arguments, it returns a string, that will be the same each time, omitting the need to store any passwords or data (as they can just be recalculated).

  • GitHub repo SuperTokens Community

    Open source alternative to Auth0 / Firebase Auth / AWS Cognito

    Project mention: Authentication best practices and state of the art for a junior dev? | reddit.com/r/node | 2021-05-04

    Supertokens: they are pretty cool; modern, written in Java

  • GitHub repo cupp

    Common User Passwords Profiler (CUPP)

    Project mention: My dad passed away a couple of weeks ago and he left behind a letter to me in a locked .dmg file… | reddit.com/r/hacking | 2021-05-09

    You should definitely be using John the Ripper, its a great tool, but you'll also need a password list. I recommend this for generating a good list. I suggest running it with the -i option, and really taking your time filling in the data.

  • GitHub repo h8mail

    Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

    Project mention: Email Breach Lookup API | reddit.com/r/OSINT | 2021-05-02

    No there is no free API with all features the only APIs that are free have limits you can find a list here https://github.com/khast3x/h8mail#APIs

  • GitHub repo node-argon2

    Node.js bindings for Argon2 hashing algorithm

    Project mention: "They [Google] don't [hash passwords on client side, and nobody does" "This is why it's so easy to hack into their servers. All of the IT people working for those companies have no clue what security truly is" | reddit.com/r/programmingcirclejerk | 2021-04-18
  • GitHub repo mentalist

    Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.

    Project mention: Finally, a simple wordlist generator. | reddit.com/r/HowToHack | 2021-03-05

    Similar to metalist or rsmangler. https://github.com/sc0tfree/mentalist https://github.com/digininja/RSMangler

  • GitHub repo bruteforce-database

    Bruteforce database

  • GitHub repo passcore

    A self-service password management tool for Active Directory

    Project mention: User's domain password expires, but cannot connect to domain controller because NAC uses domain controller to authenticate wifi access. | reddit.com/r/macsysadmin | 2021-01-25

    You need to provide them both early warnings and some mechanism for SSPR or premature reset. This can be a notification script + a intranet page such as Passcore, or a standalone tool such as NoMAD.

  • GitHub repo pwm


    Project mention: Ways to update AD Windows cached credentials remotely? | reddit.com/r/sysadmin | 2021-04-22

    -Another thread mentioned using PWM-Project which only seems to be for the account itself rather than update the computer credentials as well.

  • GitHub repo Strongbox

    A KeePass/Password Safe Client for iOS and OS X

    Project mention: Trackers on Android / iOS KeePass Apps? | reddit.com/r/KeePass | 2021-02-26

    As for Strongbox, their privacy policy conveniently skips over the privacy implications of the included libraries (such as Google SDK). When I raised this concern to the developer, he got upset, replied with "we believe it's fine", continued with a personal attack and even deleted my comment for a good measure :)

  • GitHub repo PassWall

    PassWall Server is the core backend infrastructure for PassWall platform

  • GitHub repo PasswordPusher

    🔐 PasswordPusher is an application to securely communicate passwords over the web. Passwords automatically expire after a certain number of views and/or time has passed.

    Project mention: Bonnes pratiques en terme de communication de mots de passe | reddit.com/r/Sysadmin_Fr | 2021-04-29
  • GitHub repo pass-import

    A pass extension for importing data from most of the existing password manager.

    Project mention: Is PGP still secure/relevant for secure communication? | reddit.com/r/privacy | 2021-05-07

    Use it to store your passwords and secure notes. https://www.passwordstore.org

  • GitHub repo TOPasscodeViewController

    A modal passcode input and validation view controller for iOS (by TimOliver)

  • GitHub repo buttercup-core

    :tophat: The mighty NodeJS password vault

    Project mention: CRA to lock out 800k more accounts | reddit.com/r/PersonalFinanceCanada | 2021-03-12

    http://buttercup.pw is free, runs on all major platforms, and is really nice to use.

  • GitHub repo PasswordTextField

    A custom TextField with a switchable icon which shows or hides the password and enforce good password policies

  • GitHub repo argon2-jvm

    Argon2 Binding for the JVM

    Project mention: Do you have a github account ? What are you working on as a Java side-project ? | reddit.com/r/java | 2021-01-11

    JVM binding for argon2 (password hashing): https://github.com/phxql/argon2-jvm

  • GitHub repo ad-password-protection

    Active Directory password filter featuring breached password checking and custom complexity rules

    Project mention: Anyone integrate Active Directory with services/sites like 'Have I Been Pwned?'? | reddit.com/r/sysadmin | 2021-04-26
  • GitHub repo Zydra

    Project mention: PDF encrypted | reddit.com/r/HowToHack | 2021-03-15

    Use zydra

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-05-09.


What are some of the best open-source Password projects? This list will help you:

Project Stars
1 KeeWeb 9,996
2 hashcat 9,781
3 Probable-Wordlists 6,978
4 john 4,866
5 lesspass 4,647
6 SuperTokens Community 2,203
7 cupp 2,138
8 h8mail 1,715
9 node-argon2 1,058
10 mentalist 988
11 bruteforce-database 828
12 passcore 802
13 pwm 673
14 Strongbox 610
15 PassWall 535
16 PasswordPusher 510
17 pass-import 437
18 TOPasscodeViewController 375
19 buttercup-core 346
20 PasswordTextField 291
21 argon2-jvm 249
22 ad-password-protection 227
23 Zydra 187