30 open-source projects similar to openwall/john, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best John alternative.
Hydra is a network login password cracker and authentication tester designed to identify valid usernames and passwords through automated brute-force and dictionary attacks. It serves as a multi-protocol authentication tester capable of verifying credentials across a wide range of remote network services, including SSH, SMB, FTP, and various database listeners. The project is distinguished by its ability to execute parallelized password attacks against multiple servers and protocols simultaneously. It features a modular system for implementing diverse network authentication schemes, allowing f
This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating ext
sjcl is a JavaScript cryptography library providing a collection of primitives for encryption, hashing, and encoding within a web browser. It functions as an AES symmetric encryption tool, a cryptographic hashing library, and a Base32 data encoder. The project provides implementations for the Advanced Encryption Standard to secure data through symmetric key encryption and decryption. It also enables the generation of fixed-length data fingerprints to verify information integrity and authenticity. The library covers a broader range of security capabilities, including client-side data hashing,
crypto-js is a JavaScript cryptography library providing a collection of standard cryptographic algorithms and data transformation tools. It functions as a symmetric encryption toolset, a cryptographic hash implementation, and a password derivation tool for the JavaScript environment. The library enables the protection of sensitive data through symmetric encryption and the production of fixed-size data digests to verify integrity. It includes utilities for converting user passwords into secure cryptographic keys and a data format converter for translating information between Base64, Hex, and
Hashcat is a high-performance hash cracking software and OpenCL compute application used to recover plain-text passwords from hashed data. It functions as a GPU-accelerated recovery tool and distributed password cracker, leveraging CPUs and GPUs to perform intensive cryptographic computations. The system differentiates itself through a distributed cracking workflow that coordinates tasks across multiple machines via an overlay network to share computational load. It further optimizes recovery speed using Markov chain keyspace optimization to prioritize the most likely password candidates. Th
JohnTheRipper is a multi-platform offline password recovery tool designed to detect and crack hundreds of different hash and cipher formats across various operating systems. It functions as a security utility for retrieving lost credentials and performing security audit testing to identify weak passwords within a database of hashes. The project features a custom rule password cracker and a mangling engine that uses a domain-specific language to transform wordlist entries into common password mutation patterns. It provides hardware-accelerated recovery by distributing parallel processing tasks
Okio is a Java I/O library providing a set of tools for efficient byte-stream processing and file system operations. It functions as a buffered byte stream handler and streaming data transformer, utilizing a cross-platform file system API to manage data movement. The project is distinguished by its use of pooled mutable byte buffers that treat sequences as queues to reduce memory copying and garbage collection churn. It further decouples file operations from the host operating system through an abstraction-based file system, allowing for consistent path manipulation and atomic operations acro
MMKV is a high-performance, cross-platform key-value storage framework designed for mobile platforms and POSIX environments, including Android, iOS, macOS, and Windows. It provides a persistence layer that utilizes memory-mapped files and binary serialization to achieve low-latency data access. The project distinguishes itself through native support for multi-process synchronization, allowing concurrent read and write operations across different application processes. It also implements security via AES encryption for data at rest, featuring symmetric encryption and key rotation to protect st
This project provides a high-performance key-value storage solution for mobile applications, utilizing memory-mapped files to enable rapid read and write operations. It functions as a persistent data layer that integrates directly with the JavaScript runtime to minimize overhead, while supporting reactive state synchronization to ensure interface components update automatically when stored data changes. The storage system distinguishes itself through its ability to manage multiple independent database instances, which organizes data by module and prevents collisions between application compon
Lockdoor-Framework is a modular penetration testing suite designed to facilitate comprehensive security assessments through a centralized command-line interface. It functions as an integrated platform for reconnaissance, vulnerability scanning, and the exploitation of target systems, providing a unified environment for managing complex security workflows. The framework distinguishes itself through a modular plugin architecture that allows for the extension of core capabilities without modifying the underlying codebase. It incorporates an automated reconnaissance pipeline to map attack surface
Presto is a distributed SQL query engine designed for high-performance analytical processing across heterogeneous data sources. It functions as a data federation platform and massively parallel processing engine, allowing users to execute interactive queries against diverse storage systems without requiring data migration. By mapping remote metadata and structures to a unified relational namespace, it enables seamless cross-platform analysis through a standard SQL interface. The engine distinguishes itself through a pluggable connector architecture and a shared-nothing distributed processing
Deepagents is an LLM agent orchestration platform and stateful application server designed for deploying and managing AI agents built with computational graphs. It provides a containerized runtime environment that handles agent execution, state persistence, and the versioning of AI assistants. The platform distinguishes itself through deep integration with the Model Context Protocol, allowing agents to function as servers that expose tools and capabilities to external clients. It features a sophisticated observability suite for capturing execution traces, performing LLM-based evaluations agai
This project provides a framework for managing multi-agent systems, designed to automate complex software development, infrastructure, and business workflows. It functions as a multi-agent workflow orchestrator that routes tasks to domain-specific workers while maintaining state persistence and infrastructure automation. By leveraging large language models, the system decomposes high-level objectives into actionable plans, ensuring that complex operations are executed with consistency and reliability. The framework distinguishes itself through its hierarchical agent registry and policy-driven
This repository is a collection of technical knowledge and solutions focused on mobile application development, particularly for Android and iOS platforms. It covers a wide range of practical engineering challenges, including hotfix and patching techniques, database management and repair, network communication, logging, and video processing. The content is presented as shared knowledge, documenting real-world problems and their implementations. The project provides detailed guidance on applying hotfixes to running Android applications through multiple methods, such as class replacement, full
LangChain.js is a framework for building, executing, and monitoring stateful agentic applications. It provides an orchestration engine that models workflows as directed graphs, allowing developers to connect language models, data sources, and external tools into modular, multi-step processes. The platform distinguishes itself through its focus on stateful execution and human-in-the-loop control. It manages agent lifecycles by persisting execution state across threads, enabling fault tolerance and the ability to pause workflows at designated breakpoints for manual review or modification. This
web3.js is a comprehensive TypeScript library designed to facilitate interaction with Ethereum-compatible blockchain networks. It serves as a foundational toolkit for decentralized applications, providing the necessary interfaces to query network state, manage cryptographic identities, and execute smart contract transactions. By abstracting the complexities of blockchain communication, the library enables developers to integrate decentralized logic directly into their applications. The library distinguishes itself through a modular architecture that prioritizes extensibility and flexible conn
c3c is the compiler for the C3 programming language, transforming source code into executable binaries, static libraries, or dynamic libraries using an LLVM backend. It implements a system based on result-based error handling, scoped memory pooling, and a semantic macro system. The compiler provides first-class support for hardware-backed SIMD vectors that map directly to processor instructions and enables runtime polymorphism through interface-based dynamic dispatch. The project covers a broad set of low-level capabilities, including manual and pooled memory management, inline assembly inte
FFmpeg is a cross-platform multimedia framework designed for the recording, conversion, and streaming of audio and video content. It functions as a comprehensive toolkit that provides both a command-line utility for direct media manipulation and a collection of low-level libraries for integration into custom applications. At its core, the project utilizes a packet-based stream engine and a format-agnostic abstraction layer to handle diverse media standards, containers, and network protocols. The framework distinguishes itself through a modular, graph-based filter execution model that allows f
Ciphey is an automated decryption tool and cryptographic analysis framework designed to identify and reverse encryptions, encodings, and hashes without requiring a known key or cipher. It functions as a hash cracking engine and a heuristic cipher identifier to recover original plaintext from unknown data patterns. The project features a nested encoding resolver that iteratively unwraps multiple layers of encryption and encoding until readable text is reached. It employs a heuristic cryptanalysis workflow to analyze data characteristics and guess the likely encoding scheme or encryption method
This project is a WPA Wi-Fi cracking toolkit designed for capturing authentication handshakes and recovering WPA/WPA2 passwords. It provides specialized utilities for scanning wireless networks, obfuscating hardware addresses, and generating password lists to facilitate security audits. The toolkit differentiates itself through a focused workflow that combines handshake capture tools with a password wordlist generator. It enables the interception of the four-way authentication process between wireless clients and access points and utilizes these captured credentials for recovery via dictionar
Wifite2 is an automated wireless network security auditor and password recovery suite. It coordinates multiple external auditing tools to scan for wireless networks and execute attacks to recover WEP, WPA, and WPS passwords. The project specializes in a variety of encryption attack vectors, including the interception of four-way handshakes and PMKID hash extraction for offline cracking. It provides dedicated capabilities for breaking legacy WEP encryption via fragmentation and packet replay, as well as recovering wireless keys through WPS PIN brute-force and Pixie-Dust attacks. The tool auto
Tink is a multi-language cryptography library and security toolkit providing secure APIs for data encryption and digital signatures. It functions as a data encryption library and digital signature framework designed to prevent common implementation errors across different platforms and operating systems. The project serves as a cryptographic keyset manager, utilizing JSON for the storage, rotation, and serialization of keys to maintain consistency across various programming languages. It ensures identical cryptographic behavior globally by mapping language-specific libraries to a unified set
zxcvbn is a password strength estimator and entropy analyzer designed to evaluate the complexity of passwords. It calculates the time and effort required to crack a password by identifying common sequences and analyzing predictable vocabulary. The tool functions as a pattern-based security validator that reduces strength scores for inputs containing personal information or strings from custom vocabulary lists. It employs a probabilistic guessing model to simulate cracking strategies, prioritizing common patterns and words over random character combinations. The system covers security workflo
Libsodium is a portable, C-based cryptographic library that provides a collection of modern primitives for encryption, decryption, digital signatures, password hashing, and secure key exchange. It is designed to facilitate secure communication and data integrity across diverse hardware architectures and operating systems. The library distinguishes itself by utilizing constant-time primitive execution to prevent side-channel attacks and employing memory-hard algorithms to increase the difficulty of brute-force password attacks. It abstracts complex mathematical operations into simplified inter
This project is a comprehensive API security audit checklist and vulnerability audit framework. It provides a structured guide of security countermeasures for designing, testing, and deploying secure APIs across various protocols. The framework includes specialized guides for securing OAuth 2.0 authorization flows, implementing zero trust networking for service-to-service communication, and protecting GraphQL endpoints from resource exhaustion and information leakage. It also provides standards for integrating static analysis, dynamic scanning, and secret detection into CI/CD delivery pipelin
s2n is a C-based security library and TLS protocol implementation that serves as a secure network transport layer. It provides a modular cryptographic backend interface to encrypt data streams, manage handshakes, and handle mutual authentication between peers. The project focuses on post-quantum cryptography, integrating quantum-resistant key exchange and digital signatures to protect connections against future computing threats. It distinguishes itself through security hardening measures, such as memory-locked secret storage to prevent keys from being swapped to disk and timing-attack mitiga
This project is a security hardening guide and privacy configuration manual for macOS. It provides a comprehensive set of instructions for configuring system settings to improve privacy, reduce the attack surface, and implement a malware defense framework. The guide covers technical methods for validating software notarization, verifying application sandboxing, and auditing system activity. It distinguishes itself by providing detailed workflows for restricting high-risk features and applying advanced security configurations to protect the operating system. The documentation covers several k
sqlean is a collection of SQLite extension libraries implemented as C-based shared libraries. It provides a suite of additional scalar and table-valued functions that expand the native capabilities of the SQLite database engine. The project provides specialized toolsets for cryptography, advanced mathematics, networking, and filesystem access. These include binary hashing and encoding, statistical analysis, IP address validation, and the ability to map CSV files or filesystem paths as virtual tables. The library also includes comprehensive text processing tools such as regular expressions, f
Chartbrew is a self-hosted business intelligence platform and data visualization engine designed to transform raw data from SQL databases and external API endpoints into interactive charts and dashboards. It serves as a tool for building analytics dashboards that monitor business metrics and KPIs through a privately hosted environment. The platform distinguishes itself with an embedded analytics workflow, allowing users to generate secure, time-limited shared links and iframes to display private charts on external websites. It also provides programmatic chart generation via API and integrates
GlusterFS is a software-defined distributed file system and scale-out storage cluster that aggregates disk resources from multiple servers into a single global namespace. It functions as a unified storage platform, allowing the same underlying data to be exposed through file, block, and object storage interfaces. The system distinguishes itself through a decentralized architecture that uses consistent hashing to distribute files across network nodes without a central metadata server. It ensures data integrity and availability using self-healing replication, quorum-based consistency to prevent