I have a python tool I'd like to propose be integrated into future versions of backtrack. It's called the Simple Word Manipulation Tool. The tool is built to help penetration testers and system administrators alike.
Offensively, the tool can be used to generate solid, new word lists for password cracking with JTR, or brute force logins with Burp Suite. Defensively, a user can enter a password and see more secure variants of the password that he or she could use. The tool is simple and fully functional -- no crazy menus. It has two modes: Single Word Mode and Word File Mode.
Single Word Mode usage:
./SWMT.py -s <word> <output file>
EX: ./SWMT.py -s password Possibilities.txt
This will take the word "password" and manipulate many variants of the word and place it into the output file named "Possibilities.txt"
Examples of variants: P@$$w0rd, p4$$w0rD, etc...
Word File Mode usage:
./SWMT.py -f <input file> <output file>
EX: ./SWMT.py -f wordlist.lst newwordlist.lst
This will take every word in the input file, and add all the variants to the new file newwordlist.lst
The goal here is not to go completely 1337, but just use common substitutions that don't look so abstract. The tool is easy to edit so the user can add different substitution values such as "ph" in place of the letter "f". Even better, the user can remove default substitutions. Perhaps the penetration tester has found that certain characters are not allowed to be used. They can exclude those from the CharSet Dictionary, a list of all possible results given a value.
Just looking to see what maybe the community thinks about this.
You can find the original post of my tool here, including screen shots:
Anonymous posting is allowed so feel free to grill me I guess. :P
Broke(in) Terminal: SWMT.py - A Tool For Everybody (Broke(in) Terminal: SWMT.py - A Tool For Everybody)
You can find the source code to the tool here:
Broke(in) Terminal: SWMT.py Source Code (Broke(in) Terminal: SWMT.py Source Code)
Nothing for now, I just want to keep it simple.