OsbornePro LogoAuthentication


These commands should NEVER BE USED against any service that you do not own or have express written consent. Below is a collection of commands that can be used to either bypass authentication in some way or discover credentials and passphrases. A brute-force attack is when an attacker attempts to discover account credentials with the use of a list of possible passwords or passphrases. The attacker systematically checks all possible passwords and passphrases until the correct one is found. This method can also be used to crack the password of an SSH key or to discover a token submitted in a POST request to a website.


Create Wordlists

Identify Hash Value

Acccheck Brute Forcing

Pass The Hash (PTH) Techniques

Discover Password Policy

John The Ripper Cracking

Crack SSH Key Password

Mimikatz Commands

Medusa Brute Forcing

Ncrack Brute Forcing

Patator Brute Forcing

WordPress Brute Forcing

Crowbar Brute Forcing

Hydra Brute Forcing

Kerberoast and TGT

Nmap Brute Forcing