Top 23 Password Open-Source Projects
Free cross-platform password manager compatible with KeePassProject mention: Store all passwords in the same Excel... what could go wrong!? | reddit.com/r/sysadmin | 2021-04-13
It's open source and built with security in mind https://keeweb.info/
World's fastest and most advanced password recovery utilityProject mention: Need help claiming NEO from 2017 | reddit.com/r/CryptoCurrency | 2021-05-07
You might be able to brute your password with https://hashcat.net/hashcat/ using AES Crypt (SHA256) and Mask Attack / Hybrid attack with all your known passwords that you could have possibly used or use a commonly used password .txt file
Scout APM - Leading-edge performance monitoring starting at $39/month. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!Project mention: Password List | reddit.com/r/HashCracking | 2021-03-18
Another fantastic option is here just download the torrent file and choose the top 2 billion probable one.
John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAsProject mention: Decrypting an encrypted PDF without password? | reddit.com/r/Hacking_Tutorials | 2021-05-01
Download and install gnupg for windows if on Windows or if your in Linux it's probably installed if not install it with your package manager Download John the ripper from here. Download Perl from here (depending in your os you might have it pre-installed but if your in Windows download strawberry Perl.) Open cmd or terminal and write: gpg --receive-keys 05C027FD4BDC136E gpg --verify your-downloaded-john-signature.sign If it says that the signature is correct it should be ok. If not download John again. Ignore any error like public key not signed. Now do: 7z X your-compressed-john-binary.tar.gz 7z X your-compressed-john-binary.tar cd where-the-binaries-extracted cd the-only-folder-you-see cd run cpan install Exif::Tools perl pdf2john.pl name-of-your-encrypted-pdf.pdf > hashes_to_crack john hashes_to_crack It should start to crack. Keep in mind it will probably take a lot of time to crack the hash.
:key: stateless open source password managerProject mention: Question: Fetching the output of a CLI tool, based on parameters from a form | reddit.com/r/espanso | 2021-04-29
LessPass is a deterministic, stateless password manager. Basically for given set of arguments, it returns a string, that will be the same each time, omitting the need to store any passwords or data (as they can just be recalculated).
Open source alternative to Auth0 / Firebase Auth / AWS CognitoProject mention: Authentication best practices and state of the art for a junior dev? | reddit.com/r/node | 2021-05-04
Supertokens: they are pretty cool; modern, written in Java
Common User Passwords Profiler (CUPP)Project mention: My dad passed away a couple of weeks ago and he left behind a letter to me in a locked .dmg file… | reddit.com/r/hacking | 2021-05-09
You should definitely be using John the Ripper, its a great tool, but you'll also need a password list. I recommend this for generating a good list. I suggest running it with the -i option, and really taking your time filling in the data.
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related emailProject mention: Email Breach Lookup API | reddit.com/r/OSINT | 2021-05-02
No there is no free API with all features the only APIs that are free have limits you can find a list here https://github.com/khast3x/h8mail#APIs
Node.js bindings for Argon2 hashing algorithmProject mention: "They [Google] don't [hash passwords on client side, and nobody does" "This is why it's so easy to hack into their servers. All of the IT people working for those companies have no clue what security truly is" | reddit.com/r/programmingcirclejerk | 2021-04-18
Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.Project mention: Finally, a simple wordlist generator. | reddit.com/r/HowToHack | 2021-03-05
Similar to metalist or rsmangler. https://github.com/sc0tfree/mentalist https://github.com/digininja/RSMangler
A self-service password management tool for Active DirectoryProject mention: User's domain password expires, but cannot connect to domain controller because NAC uses domain controller to authenticate wifi access. | reddit.com/r/macsysadmin | 2021-01-25
You need to provide them both early warnings and some mechanism for SSPR or premature reset. This can be a notification script + a intranet page such as Passcore, or a standalone tool such as NoMAD.
pwmProject mention: Ways to update AD Windows cached credentials remotely? | reddit.com/r/sysadmin | 2021-04-22
-Another thread mentioned using PWM-Project which only seems to be for the account itself rather than update the computer credentials as well.
A KeePass/Password Safe Client for iOS and OS XProject mention: Trackers on Android / iOS KeePass Apps? | reddit.com/r/KeePass | 2021-02-26
PassWall Server is the core backend infrastructure for PassWall platform
🔐 PasswordPusher is an application to securely communicate passwords over the web. Passwords automatically expire after a certain number of views and/or time has passed.Project mention: Bonnes pratiques en terme de communication de mots de passe | reddit.com/r/Sysadmin_Fr | 2021-04-29
A pass extension for importing data from most of the existing password manager.Project mention: Is PGP still secure/relevant for secure communication? | reddit.com/r/privacy | 2021-05-07
Use it to store your passwords and secure notes. https://www.passwordstore.org
A modal passcode input and validation view controller for iOS (by TimOliver)
:tophat: The mighty NodeJS password vaultProject mention: CRA to lock out 800k more accounts | reddit.com/r/PersonalFinanceCanada | 2021-03-12
http://buttercup.pw is free, runs on all major platforms, and is really nice to use.
A custom TextField with a switchable icon which shows or hides the password and enforce good password policies
Argon2 Binding for the JVMProject mention: Do you have a github account ? What are you working on as a Java side-project ? | reddit.com/r/java | 2021-01-11
JVM binding for argon2 (password hashing): https://github.com/phxql/argon2-jvm
Active Directory password filter featuring breached password checking and custom complexity rulesProject mention: Anyone integrate Active Directory with services/sites like 'Have I Been Pwned?'? | reddit.com/r/sysadmin | 2021-04-26
Project mention: PDF encrypted | reddit.com/r/HowToHack | 2021-03-15
What are some of the best open-source Password projects? This list will help you: