surabathinichethan-star/pdf-malware-analysis

GitHub: surabathinichethan-star/pdf-malware-analysis

一套基于Python的密码破解与凭证攻击模拟工具，用于安全审计和教育场景下的密码强度评估。

Stars: 0 | Forks: 0

# 🛡️ 密码破解与凭证攻击套件 ## 📌 项目概述密码破解与凭证攻击套件是一个基于 Python 的安全审计框架，旨在受控和道德的环境中模拟真实的密码攻击。该项目有助于了解弱密码是如何被利用的，以及组织如何加强身份验证安全性。本项目兼顾了红队（攻击模拟）和蓝队（防御分析）的视角。 ## 🎯 项目目标 - 生成自定义密码字典 - 模拟密码哈希机制 - 执行受控的暴力破解模拟 - 利用熵和复杂性分析密码强度 - 生成专业的安全审计报告 - 推荐安全的密码策略 ## 🧰 工具与技术 - 编程语言：Python - 使用库：hashlib, itertools, math, re, datetime - 平台：Windows - 版本控制：Git & GitHub ## 🗂️ 项目结构 ``` Password-Cracking-Credential-Attack-Suite/ │ ├── dictionary_generator/ │ └── generator.py │ ├── hashing/ │ └── hash_generator.py │ ├── brute_force/ │ └── brute_force.py │ ├── strength_analyzer/ │ └── analyzer.py │ ├── reports/ │ ├── report_generator.py │ └── audit_report.txt │ ├── data/ │ └── wordlist.txt │ └── README.md ⚙️ Modules Description 1️⃣ Dictionary Generator Generates custom wordlists based on user input Applies mutation rules (uppercase, numbers, symbols, leetspeak) Simulates real-world password profiling 2️⃣ Hash Generator Converts plaintext passwords into cryptographic hashes Supports MD5, SHA1, SHA256, SHA512 Demonstrates secure password storage 3️⃣ Brute-Force Attack Simulator Performs controlled brute-force simulations Uses hashes instead of plaintext passwords Calculates time-to-crack 4️⃣ Password Strength Analyzer Evaluates password complexity and entropy Assigns risk levels (CRITICAL, WEAK, MEDIUM, STRONG) Identifies weaknesses 5️⃣ Audit Report Generator Generates a professional security audit report Includes findings and remediation steps Mimics real SOC documentation ▶️ How to Run the Project Step 1: Generate Dictionary cd dictionary_generator python generator.py Step 2: Generate Hashes cd hashing python hash_generator.py Step 3: Brute-Force Simulation cd brute_force python brute_force.py Step 4: Analyze Password Strength cd strength_analyzer python analyzer.py Step 5: Generate Audit Report cd reports python report_generator.py 📊 Sample Outputs Generated wordlist (wordlist.txt) Password cracking results Password entropy analysis Security audit report (audit_report.txt) ## 📸 截图 ### Brute Force Attack ![Brute Force](https://raw.githubusercontent.com/surabathinichethan-star/pdf-malware-analysis/main/screenshots/brute_force.png) ### Dictionary Generator ![Dictionary Generator](https://raw.githubusercontent.com/surabathinichethan-star/pdf-malware-analysis/main/screenshots/dictionary_generator.png) ### Hash Generator ![Hash Generator](https://raw.githubusercontent.com/surabathinichethan-star/pdf-malware-analysis/main/screenshots/hash_generator.png) ### Strength Analyzer ![Strength Analyzer](https://raw.githubusercontent.com/surabathinichethan-star/pdf-malware-analysis/main/screenshots/strength_analyzer.png) ### Audit Report ![Audit Report](https://raw.githubusercontent.com/surabathinichethan-star/pdf-malware-analysis/main/screenshots/audit_report.png) ### Project Structure ![Project Structure](https://raw.githubusercontent.com/surabathinichethan-star/pdf-malware-analysis/main/screenshots/project_structure.png) 🔐 Ethical Disclaimer This project is strictly for educational and ethical security testing purposes only. Unauthorized use on real systems is illegal. 📈 Learning Outcomes Understanding password hashing Practical exposure to credential attacks Security auditing skills Red Team & Blue Team concepts Python & GitHub workflow 👤 Author Chethan Surabathini Cybersecurity Intern | SOC Analyst Aspirant ```

标签：DOS头擦除, ESC8, MD5, PoC, Python, SHA256, 凭据攻击, 哈希计算, 密码安全, 密码强度分析, 密码破解, 数据展示, 无后门, 暴力破解, 熵值计算, 社会工程学, 红队, 网络安全, 网络安全研究, 逆向工具, 防御分析, 隐私保护