Welcome to the THC release section. Below you will find the collection
of THC software applications. It includes sophisticated network
analysis and penetration test tools, cryptographic utilities
and a lot of other interesting stuff for the security
|Version: 7.6||Date: 2099-01-01||OS: Unix||Size: 544kb|
Project website: /thc-hydra|
THC-Hydra - the best parallized login hacker: for
Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL,
VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support
and is part of Nessus. Visit the project web site to download
Win32, Palm and ARM binaries. Changes in 5.4: Several speed
improvements, bug fixes and a few enhancements! NOTE: We need
people to rewrite modules - please contact vh(at)thc(dot)org
THC-IPv6 Attack Toolkit|
|Version: 2.5||Date: 2099-01-01||OS: Unix||Size: 256kb|
Project website: /thc-ipv6|
THC is proud to be the first who are releasing an comprehensive
attack toolkit for the IPv6 protocol suite. It comprises of
state-of-the-art tools for alive scanning, man-in-the-middle
attacks, denial-of-service etc. which exploits inherent
vulnerabilities in IPv6. Included is a fast and easy to use
packet crafting library to create your own attack tools.
|Version: 5.4||Date: 2011-06-01||OS: Unix||Size: 257kb|
Project website: /thc-amap|
*THC 10th anniversary special release*
Amap is a next-generation scanning tool, which identifies
applications and services even if they are not listening on the
default port by creating a bogus-communication and analyzing
the responses. Changes: many more fingerprints, fix for SSL.
Voted into the top-50 security tool list!
THC-Orakel Crackert 11g [New]|
|Version: 1.0||Date: 2007-09-25||OS: Windows/Wine||Size: 4354kb|
Project website: /thc-orakelcrackert11g|
publicly available full blown cracker for Oracle 11g. This tool can
crack passwords which are stored using the latest SHA1 based
hashing algorithm. To speed up cracking, the tool exploits a
in the Oracle password storage strategy. Therfore, cracking - for
passwords - is still just as fast as it was before the introduction
|Version: 1.0||Date: 2007-06-02||OS: Windows/Wine||Size: 6776kb|
Project website: /thc-orakel|
THC-Orakel is a tool suite for analysis of the database
authentication mechanism used in Oracle products. Provided are
utilities for sniffing and breaking authentication password
on the wire within seconds.
THC Nokia Phone Unlock|
|Version: 1.0||Date: 2006-09-13||OS: Symbian||Size: 70kb|
Project website: /thc-nokia-unlock|
Removes the PHONE LOCK from Nokia mobile phones (6630, 6680,
...). A design flaw and an undocumented feature is exploited to
trigger a hard reset even if the phone is locked.
|Version: 2.01||Date: 2005-10-01||OS: DOS/DOSemu||Size: 528kb|
For the 10th anniversary of THC
here is a special update for
THC-Scan: Recompiled to run on
modern computers without problems.
A new version of world´s
best free wardialer/scanner.
THC-Scan v2.01 is working
under DOS, Win95/98/NT/2K/XP and
all DOS emulators (UNiX) on
all 80x86 processors. ODBC
databank support, completely
automated tone, carrier, vmb
scanning, large palette of
analysing tools included.
Comes with full source code.
|Version: 0.0.7||Date: 2005-05-28||OS: Unix||Size: 93kb|
Project website: /thc-snooze|
Snooze is the next-generation sniffing tool, supporting
modularized protocol dissectors and remote log file retrieval.
Modules are written in the high-level language LUA and are easy
to develop and extend, even during runtime. Supported protocols:
POP3, IMAP, FTP, RLOGIN, TELNET and others.
|Version: 1.0||Date: 2005-02-13||OS: Unix||Size: 10kb|
Keyfinder analyses files for public/private keys, encrypted or
compressed data. It identified such areas by measuring the
entropy, arithemtical mean and counter checking, and dumps
appropriate file sections.
|Version: 0.1.4||Date: 2005-01-05||OS: Unix||Size: 63kb|
Brute force program against pptp vpn endpoints (tcp port 1723).
Fully standalone. Supports latest MSChapV2 authentication.
Tested against Windows and Cisco gateways. Exploits a weakness
in Microsoft's anti-brute force implementation which makes it
possible to try 300 passwords the second.
|Version: 0.1||Date: 2004-08-12||OS: Linux||Size: 69kb|
Project website: /thc-yaotp|
Yaotp (Yet Another One-Time Pad) is a small tool that implements
the one-time pad cipher for en- and decryption of messages. It
features real random number generation by audio sampling and
hashing, key management that enforces one-time usage and
irreproducible key destruction. It is the right choice for the
totally paranoid geek and high-security issues beyond any
|Version: 1.3||Date: 2004-07-21||OS: Unix||Size: 6kb|
Search data on a harddisk/partition/file, extract the part you
are interested in, and write it back after you modified it.
Useful to find and modify really all unencrypted Logfiles on a
system. Does everything in RAW mode, and hence does not tamper
|Version: 0.1||Date: 2004-02-10||OS: Unix||Size: 170kb|
The THC LEAP Cracker Tool suite contains tools to break the
NTChallengeResponse encryption technique e.g. used by Cisco Wireless
Also tools for spoofing challenge-packets from Access Points are
included, so you are able to perform dictionary attacks against all
|Version: 2.1.1||Date: 2003-12-19||OS: Linux||Size: 27kb|
THC-vlogger, an advanced linux kernel based keylogger, enables the
capability to log keystrokes of all administrator/user's sessions via
console, serial and remote sessions (telnet, ssh), switching logging
mode by using magic password, stealthily sending logged data to
centralized remote server. Its smart mode can automatically detect
password prompts to log only sensitive user and password information.
|Version: 3.1||Date: 2003-11-15||OS: Unix||Size: 61kb|
This is the best secure data deletion toolkit!
If you overwrite a file for 10+ times, it can still be
recovered. Read why and use the programs included (w/src!).
These tools can wipe files, free disk space, swap and memory!
Changes: Linux LKM for secure file deletion included, small bufixes.
|Version: 0.0.8||Date: 2003-10-25||OS: Unix||Size: 197kb|
Project website: /thc-ffp|
This little tool generates fuzzy fingerprints as described in
the corresponding paper. It is an ideal extension to
man-in-the-middle attacks against the SSH service. The current
version supports RSA and DSA key generation and MD5 and SHA1