{"id":20135984,"url":"https://github.com/openwall/john-packages","last_synced_at":"2025-04-09T17:34:13.338Z","repository":{"id":40346342,"uuid":"285690524","full_name":"openwall/john-packages","owner":"openwall","description":"Community packages of John the Ripper, the auditing tool and advanced offline password cracker (Docker images, Windows PortableApp, Mac OS, Flatpak, and Ubuntu SNAP packages)","archived":false,"fork":false,"pushed_at":"2024-04-13T13:47:05.000Z","size":4592,"stargazers_count":78,"open_issues_count":5,"forks_count":12,"subscribers_count":6,"default_branch":"main","last_synced_at":"2024-04-14T07:03:20.409Z","etag":null,"topics":["cracker","gpgpu","john","john-the-ripper","jtr","linux-packages","opencl","password","windows-package"],"latest_commit_sha":null,"homepage":"https://www.openwall.com/john/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/openwall.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2020-08-06T23:19:18.000Z","updated_at":"2024-04-15T12:33:02.374Z","dependencies_parsed_at":"2024-02-01T13:45:04.919Z","dependency_job_id":"993b3ca2-f3f4-48cd-b185-ab213bfc978f","html_url":"https://github.com/openwall/john-packages","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openwall%2Fjohn-packages","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openwall%2Fjohn-packages/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openwall%2Fjohn-packages/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openwall%2Fjohn-packages/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/openwall","download_url":"https://codeload.github.com/openwall/john-packages/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248077768,"owners_count":21044022,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cracker","gpgpu","john","john-the-ripper","jtr","linux-packages","opencl","password","windows-package"],"created_at":"2024-11-13T21:17:13.269Z","updated_at":"2025-04-09T17:34:13.138Z","avatar_url":"https://github.com/openwall.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# John the Ripper Packages\n\n\u003c!-- markdownlint-disable MD033 --\u003e\n\n\u003cdiv id=\"header\" align=\"center\"\u003e\n\n[![john-the-ripper][shieldSnap]][linkSnapcraftJohn]\n[![License][shieldLicense]](https://github.com/openwall/john-packages/blob/main/LICENSE.txt)\n\n[![OpenSSF Scorecard][shieldScore]](https://api.securityscorecards.dev/projects/github.com/openwall/john-packages)\n[![Best Practices][shieldPractices]](https://bestpractices.coreinfrastructure.org/projects/7525)\n\n\u003c/div\u003e\n\n[Openwall's](https://openwall.com/) John the Ripper (JtR) is a fast password cracker, currently available for many\nflavors of Unix and for Windows. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password\nhash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, various macOS\npassword hashes, as well as many non-hashes such as SSH private keys, encrypted filesystems such as macOS .dmg files and\n\"sparse bundles\", encrypted archives such as ZIP, RAR, and 7z, encrypted document files such as PDF and Microsoft\nOffice's, plus lots of other hashes and ciphers.\n\n## Table of Contents\n\n\u003cimg align=\"right\" src=\"https://www.openwall.com/logo.png\" width=\"182\" height=\"80\" alt=\"Openwall logo\"\u003e\n\n1. [Introduction](#introduction)\n   1. [Continuous Delivery Status](#continuous-delivery-status)\n   2. [Package Build Environments](#package-building-environments)\n   3. [Testing, Continuous Integration, and Continuous Delivery](#testing-and-continuous-integration)\n   4. [Packaging and Application Distribution](#packaging-and-application-distribution)\n   5. [The commits feed of this repository ![New Commits Feed][linkFeedIcon]](https://github.com/openwall/john-packages/commits/main.atom)\n   6. [The feed of John the Ripper releases ![New Releases Feed][linkFeedIcon]](https://github.com/openwall/john-packages/releases.atom)\n2. [Windows Package](#-windows)\n3. [Snap Package](#-snap)\n4. [macOS Package](#-macos)\n5. [Flatpak Package](#-flatpak)\n6. [Docker Image](#-docker-image)\n7. [Checksums](#packages-checksums)\n8. [Package Security](#-security)\n9. [About This Project](#about-this-project)\n10. [Contribute](#contribute)\n11. [Acknowledgments and Contact](#acknowledgments-and-contact)\n12. [License](#license)\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## Introduction\n\n\u003e [!IMPORTANT]\n\u003e\n\u003e Some relevant fixes have been committed to the main john repository: office, zip, PDF, ...\n\u003e\n\u003e IF YOU USE OUTDATED SOFTWARE, FALSE NEGATIVES ARE POSSIBLE AND YOU WILL BE WASTING YOUR TIME AND CPU CYCLES.\\\n\u003e IT IS MANDATORY TO STOP USING PREVIOUS VERSIONS, AS THEY ARE KNOWN TO HAVE ERRORS.\n\n### Continuous Delivery Status\n\nWe produce software in short cycles, ensuring that the software can be reliably released at any time, following a\npipeline through a \"production-like environment\".\n\n\u003cdiv id=\"CD\" align=\"center\"\u003e\n\n[![Docker](https://github.com/openwall/john-packages/actions/workflows/docker.yml/badge.svg)][linkRegistry]\n[![Flatpak](https://gitlab.com/claudioandre-br/JtR-CI/badges/master/pipeline.svg?key_text=Flatpak)][linkReleases]\n[![macOS](https://img.shields.io/cirrus/github/claudioandre-br/JohnTheRipper/bleeding-jumbo?label=macOS)][linkReleases]\n[![Windows](https://dev.azure.com/claudioandre-br/JohnTheRipper/_apis/build/status/JohnTheRipper?label=Windows)][linkReleases]\n[![Virus Scan](https://github.com/openwall/john-packages/actions/workflows/release.yml/badge.svg)][linkReleases]\n\n[![Launchpad](https://media.launchpad.net/lp-badge-kit/launchpad-badge-w120px.png)][linkSnapcraftJohn]\n\u003ca href='https://flathub.org/apps/com.openwall.John'\u003e\u003cimg height='27' alt='Download on Flathub' src='https://dl.flathub.org/assets/badges/flathub-badge-i-en.svg'/\u003e\u003c/a\u003e\n\n### Proper Releases\n\n|                                               | **Latest**\u003cbr\u003e ![Release Version][linkLatestReleaseVersion] | **Prerelease**\u003cbr\u003e ![Prerelease Version][linkLatestPrereleaseVersion] |\n| :-------------------------------------------: | :---------------------------------------------------------: | :-------------------------------------------------------------------: |\n| ![GitHub Total Downloads][linkTotalDownloads] |           ![Release Date][linkLatestReleaseDate]            |             ![Prerelease Date][linkLatestPrereleaseDate]              |\n\n### Testing Packages\n\n| Available Technology                 | Rollout Status                                       |\n| ------------------------------------ | ---------------------------------------------------- |\n| Docker image with the tag `bleeding` | [![Endpoint Badge][bleedingDocker]][linkRegistry]    |\n| Snap package from the `edge` channel | [![Endpoint Badge][bleedingSnap]][linkSnapcraftJohn] |\n| Windows 64bits package               | [![Endpoint Badge][bleedingWindows]][linkWindowsPkg] |\n\n\u003c/div\u003e\n\n### Package Building Environments\n\nClick on the link to learn more about our packages [Building Environments](deploy/readme.md#deployments).\n\n### Testing and Continuous Integration\n\nAll continuous integration (CI) and continuous delivery (CD) procedures are fully automated, builds and tests are\nperformed whenever requested by the packager. Manual procedures are required just to start the process.\n\nClick on the link to learn more about our\n[Continuous Integration and Continuous Delivery](CI/readme.md#continuous-integration-and-continuous-delivery)\nprocedures.\n\n[![Graph][linkProcedureCI]](CI/readme.md#continuous-integration-and-continuous-delivery)\n\n### Packaging and Application Distribution\n\n[Snap][linkSnapcraftSite] and [Flatpak][linkFlatpakSite] are cool new ways of distributing Linux applications among a\nwide range of different distros. They are technologies to deploy applications in a secure, sandboxed and containerized\nway.\n\nA [Docker](https://www.docker.com/) image is a read-only template used to execute code in a Docker container. An image\nis an immutable file that contains the binaries, configuration files, libraries, dependencies, tools, and other files\nneeded for John the Ripper application to run.\n\nWhen the Docker user runs an image, it becomes one instance (it becomes a container, in other words, a running instance\nof the application).\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## 📂 Windows\n\n\u003c!-- markdownlint-disable MD042 --\u003e\n\n\u003e Delivered using Microsoft-hosted Windows 2022 Server in Azure \\\n\u003e Supported architecture: [amd64](# \"[ backed by AVX, AVX2, and AVX512BW ]\")\n\n\u003c!-- markdownlint-enable MD042 --\u003e\n\nTo install John the Ripper by downloading the .7z file and installing it manually, follow these steps:\n\n- Download the compressed file to your machine.\n- Navigate to where you downloaded the file and double-click the compressed file.\n- Extract it to a directory such as `C:\\john-the-ripper`.\n- Start a command prompt.\n- Navigate to the directory you extracted the compressed file, e.g., `cd C:\\john-the-ripper\\run`.\n- Run JtR:\n\n```powershell\n C:\\john-the-ripper\\run\u003ejohn --list=build-info\n [...]\n Build: cygwin 64-bit x86_64 AVX2 AC OMP OPENCL\n SIMD: AVX2, interleaving: MD4:3 MD5:3 SHA1:1 SHA256:1 SHA512:1\n [...]\n```\n\n```powershell\n C:\\john-the-ripper\\run\u003ejohn --test --format=SHA512crypt\n```\n\n| 📑 **More examples of**\n[running John The Ripper on Windows](docs/examples-windows.md#more-examples-of-running-john-the-ripper-on-windows).\n\nThe highlights (👀):\n\n- has fallback for CPU[*] and OMP;\n- has OpenCL available (GPU driver installation is needed);\n- generic crypt(3) format available;\n- security feature Address Space Layout Randomisation (ASLR) enabled;\n- security feature Data Execution Prevention (DEP) enabled.\n\n[*] John the Ripper runs using the best SIMD instructions available on the host it's running on.\n\n### Windows Deployments\n\n[![Windows Downloads][linkBadgeDownloadWindows]][linkReleases]\n\nUsing the instructions above, you can install the released version of `john`, or the bleeding development version, or an\nearlier stable version on your system.\n\nThe package contains all the executables and libraries needed to run a fresh John the Ripper installation.\n\n\u003c!--\n// jscpd:ignore-start\n--\u003e\n\u003cdetails\u003e\n  \u003csummary\u003eOpenSSF SLSA\u003c/summary\u003e\n\nSLSA is a framework intended to codify and promote secure software supply-chain practices, it helps trace software\nartifacts back to the build and source control systems that produced them.\n\n\u003e :warning: **NOTE:** the release assets from our GitHub Releases are level 1 compliant.\n\n  \u003cdiv align=\"center\"\u003e\n    \u003ca href=\"https://github.com/openwall/john-packages/releases?q=Windows\u0026expanded=true\"\u003e\n      \u003cimg src=\"https://slsa.dev/images/levelBadge1.svg\" alt=\"Logo\" width=\"80\" height=\"80\"\u003e\n    \u003c/a\u003e\n    \u003ch3\u003eSLSA Provenance Traceability\u003c/h3\u003e\n  \u003c/div\u003e\n\u003c/details\u003e\n\u003c!--\n// jscpd:ignore-end\n--\u003e\n\n### Running a non-OpenMP build on Windows\n\nIn some situations a non-OpenMP build may be faster. You can ask to fallback to a non-OpenMP build specifying the value\nof OMP_NUM_THREADS in the command-line. You avail the best SIMD instructions at one's disposal without any OpenMP stuff.\nE.g.:\n\n```powershell\n PS C:\\john-the-ripper\\run\u003e set OMP_NUM_THREADS=1\n PS C:\\john-the-ripper\\run\u003e .\\john --list=build-info\n```\n\n### Accessing OpenCL on Windows\n\nIf John the Ripper is not recognizing your GPU card:\n\n- make sure all required GPU drivers are installed;\n- restart your PC, if you have just installed the drivers.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## 📂 Snap\n\n\u003c!-- markdownlint-disable MD042 --\u003e\n\n\u003e Delivered using Launchpad \\\n\u003e Supported architectures: [amd64](# \"[ backed by AVX, AVX2, and AVX512BW ]\"), [arm64v8](# \"[ backed by ASIMD ]\"),\n\u003e [ppc64le](# \"[ backed by Altivec ]\"), riscv64, and s390x\n\n\u003c!-- markdownlint-enable MD042 --\u003e\n\n[**A Snap**][linkSnapcraftSite] is a gpg signed squashfs file containing an application together with its dependencies,\nand a description of how it should safely be run on your system.\n\nYou can install `john` by following the instructions at \u003chttps://snapcraft.io/john-the-ripper\u003e. For distributions\nwithout snap pre-installed, users should [enable snap support](https://docs.snapcraft.io/core/install), then install:\n\n```bash\n sudo snap install john-the-ripper\n```\n\nJust dance now:\n\n```bash\n $ john-the-ripper -list=build-info\n [...]\n Build: linux-gnu 64-bit x86_64 AVX2 AC OMP OPENCL\n SIMD: AVX2, interleaving: MD4:3 MD5:3 SHA1:1 SHA256:1 SHA512:1\n Deploy: sandboxed as a Snap app\n [...]\n```\n\nYou can also run the software using the official `john` alias:\n\n```bash\n john -list=build-info\n```\n\nJohn runs confined under a restrictive security sandbox by default. Nevertheless, you can access and audit any file\nlocated in your home. Below, an usage example:\n\n```bash\n john -list=format-tests | cut -f3 \u003e ~/allTests.in\n john --format=SHA512crypt ~/allTests.in\n```\n\nFor your convenience, the snap installed on your system contains the file\n`/snap/john-the-ripper/current/snap/manifest.yaml` which field `build_url` points to its build log.\n\nThe highlights (👀):\n\n- has fallback for CPU[*] and OMP;\n- has OpenCL available (GPU driver installation is needed);\n- John the Ripper is a \"featured software\" in the security category on Canonical Snap Store;\n- John the Ripper is a software with 4-star (⭐⭐⭐⭐) user reviews on Canonical Snap Store;\n- John the Ripper is tagged as safe, confined and auditable software on Canonical Snap Store;\n- John the Ripper supports and has a package for all architectures supported by Ubuntu itself.\n- also available via the alias **john**, e.g. `john -list=build-info`;\n- the latest released version:\n  - install from the Snapcraft `stable` channel.\n- a development version is also available:\n  - install from the Snapcraft `edge` channel.\n\n[*] John the Ripper runs using the best SIMD instructions available on the host it's running on.\n\n```Text\nJohn the Ripper snap package has approximately eight thousand active users [*].\n```\n\n[*] 7 Day Active Users: the number of unique users who had at least one session within a 7 day period.\n\n### Enabling Aliases\n\nYou are free to pick and set up aliases. To enable the usage of aliases with John the Ripper snap, run\n`sudo snap alias john-the-ripper \u003calias\u003e`. For example:\n\n```bash\n sudo snap alias john-the-ripper john-snap\n sudo snap alias john-the-ripper.dmg2john dmg2john\n```\n\nOnce enabled, John itself plus the \\*2john tools can be invoked using the aliases. In the example, to run John type\n`john-snap`.\n\n| 📑 **More examples of**\n[enabling alias for John The Ripper snap](docs/examples-snap-alias.md#more-examples-of-enabling-alias-for-john-the-ripper-snap).\n\n### Running a non-OpenMP build\n\nIn some situations a non-OpenMP build may be faster. You can ask to fallback to a non-OpenMP build specifying\n`OMP_NUM_THREADS=1 john \u003coptions\u003e` in the command-line. You avail the best SIMD instructions at one's disposal without\nany OpenMP stuff. E.g.:\n\n```bash\n OMP_NUM_THREADS=1 john --list=build-info\n```\n\n### Accessing OpenCL on Snap\n\nAs noted at \u003chttps://forum.snapcraft.io/t/snaps-and-opencl/8509/17\u003e, the use of OpenCL by snaps is a problem. Support\nfor NVIDIA cards is under development.\n\nAs a \"general\" solution (or in the case of AMD hardware), the user can run john out of the sandbox, unconfined (e.g.,\nrun `/snap/john-the-ripper/current/bin/john`).\n\n### Snap Deployments\n\n[![Get it from the Snap Store](https://snapcraft.io/static/images/badges/en/snap-store-white.svg)][linkSnapcraftJohn]\n\nIf you followed the instructions above, you have installed the released version of `john` on your system. If you want to\naccess the hot and bleeding development version of JtR, you must follow the edge channel. For a clean install:\n\n```bash\n sudo snap install --channel=edge john-the-ripper\n```\n\nIf you already have JtR installed:\n\n```bash\n sudo snap refresh --channel=edge john-the-ripper\n```\n\nIf you do so, you will be running the development version available on GitHub.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## 📂 macOS\n\n\u003c!-- markdownlint-disable MD042 --\u003e\n\n\u003e Delivered using Cirrus CI \\\n\u003e Supported architecture: [arm64](# \"[ backed by ASIMD ]\")\n\n\u003c!-- markdownlint-enable MD042 --\u003e\n\nTo install John the Ripper by downloading the .7z file and installing it manually, follow these steps:\n\nInstall required packages from Homebrew (if not already installed):\n\n```bash\n brew update\n brew install libomp openssl gmp\n```\n\nThen:\n\n- Download the compressed file to your machine.\n- Extract it to a directory such as `/Users/Me/bleeding`.\n- Start a command prompt.\n- Navigate to the directory you extracted the compressed file, e.g., `cd /Users/Me/bleeding`.\n\nExecute John the Ripper:\n\n```bash\n $ run/john -list=build-info\n [...]\n Build: darwin22.6.0 64-bit arm ASIMD AC OMP OPENCL\n SIMD: ASIMD, interleaving: MD4:2 MD5:2 SHA1:1 SHA256:1 SHA512:1\n OMP fallback binary: john-arm64\n [...]\n```\n\nThe highlights (👀):\n\n- has fallback for CPU[*] (if that makes sense) and OMP;\n- has OpenCL available;\n- built using clang from the official Xcode toolchain plus non-system libraries from Homebrew.\n\n[*] John the Ripper runs using the best SIMD instructions available on the host it's running on.\n\n### macOS Deployments\n\n[![macOS Downloads][linkBadgeDownloadMac]][linkReleases]\n\nUsing the instructions above, you can install the released version of `john`, or the bleeding development version, or an\nearlier stable version on your system.\n\nThe package contains the necessary executables to run a fresh install of John the Ripper. You must install required\nHomebrew libraries.\n\n\u003c!--\n// jscpd:ignore-start\n--\u003e\n\u003cdetails\u003e\n  \u003csummary\u003eOpenSSF SLSA\u003c/summary\u003e\n\nSLSA is a framework intended to codify and promote secure software supply-chain practices, it helps trace software\nartifacts back to the build and source control systems that produced them.\n\n\u003e :warning: **NOTE:** the release assets from our GitHub Releases are level 1 compliant.\n\n  \u003cdiv align=\"center\"\u003e\n    \u003ca href=\"https://github.com/openwall/john-packages/releases?q=macOS\u0026expanded=true\"\u003e\n      \u003cimg src=\"https://slsa.dev/images/levelBadge1.svg\" alt=\"Logo\" width=\"80\" height=\"80\"\u003e\n    \u003c/a\u003e\n    \u003ch3\u003eSLSA Provenance Traceability\u003c/h3\u003e\n  \u003c/div\u003e\n\u003c/details\u003e\n\u003c!--\n// jscpd:ignore-end\n--\u003e\n\n### Running a non-OpenMP build on macOS\n\nIn some situations a non-OpenMP build may be faster. You can ask to fallback to a non-OpenMP build specifying the value\nof OMP_NUM_THREADS in the command-line. You avail the best SIMD instructions at one's disposal without any OpenMP stuff.\nE.g.:\n\n```bash\nOMP_NUM_THREADS=1 run/john --list=build-info\n```\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## 📂 Flatpak\n\n\u003c!-- markdownlint-disable MD042 --\u003e\n\n\u003e Delivered using GitLab CI \\\n\u003e Supported architectures: [amd64](# \"[ backed by AVX, AVX2, and AVX512BW ]\") and [arm64v8](# \"[ backed by ASIMD ]\")\n\n\u003c!-- markdownlint-enable MD042 --\u003e\n\n[**Flatpak**][linkFlatpakSite] is a new framework for desktop applications on Linux, built to be distribution agnostic\nand allow deployment on any Linux operating system out there.\n\nFlatpak is available for the [most common Linux distributions](http://flatpak.org/getting.html).\n\nTo install JtR download the john.flatpak file and run:\n\n```bash\n # Note that root privileges are required for some operations.\n sudo dnf install -y flatpak # or 'yum install', 'apt-get install', etc.\n sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo # flatpak repository\n sudo flatpak install -y flathub org.freedesktop.Platform//24.08 # install the runtime (base \"container\")\n flatpak --user install --bundle john.flatpak # per-user installation (not system wide)\n```\n\nJohn runs confined under a restrictive security sandbox by default. Nevertheless, you can access and audit any file\nlocated in your home. Below, an usage example:\n\n```bash\n flatpak run com.openwall.John -list=build-info\n flatpak run com.openwall.John -list=format-tests | cut -f3 \u003e ~/allTests.in\n flatpak run com.openwall.John --format=SHA512crypt ~/allTests.in\n```\n\nThe highlights (👀):\n\n- has fallback for CPU[*] and OMP;\n- also available via FlatHub at \u003chttps://flathub.org/apps/com.openwall.John\u003e.\n\n[*] John the Ripper runs using the best SIMD instructions available on the host it's running on.\n\n### Flatpak Deployments\n\n[![Flatpak Download][linkBadgeDownloadFlatpak]][linkReleases]\n\n\u003c!--\n// jscpd:ignore-start\n--\u003e\n\nUsing the instructions above, you can install the released version of `john`, or the bleeding development version, or an\nearlier stable version on your system.\n\n\u003cdetails\u003e\n  \u003csummary\u003eOpenSSF SLSA\u003c/summary\u003e\n\nSLSA is a framework intended to codify and promote secure software supply-chain practices, it helps trace software\nartifacts back to the build and source control systems that produced them.\n\n\u003e :warning: **NOTE:** the release assets from our GitHub Releases are level 1 compliant.\n\n  \u003cdiv align=\"center\"\u003e\n    \u003ca href=\"https://github.com/openwall/john-packages/releases?q=Flatpak\u0026expanded=true\"\u003e\n      \u003cimg src=\"https://slsa.dev/images/levelBadge1.svg\" alt=\"Logo\" width=\"80\" height=\"80\"\u003e\n    \u003c/a\u003e\n    \u003ch3\u003eSLSA Provenance Traceability\u003c/h3\u003e\n  \u003c/div\u003e\n\u003c/details\u003e\n\u003c!--\n// jscpd:ignore-end\n--\u003e\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## 📂 Docker Image\n\n\u003c!-- markdownlint-disable MD042 --\u003e\n\n\u003e Delivered using GitHub Actions \\\n\u003e Supported architectures: [amd64](# \"[ backed by AVX, AVX2, and AVX512BW ]\") and [arm64v8](# \"[ backed by ASIMD ]\")\n\n\u003c!-- markdownlint-enable MD042 --\u003e\n\n[**Docker**](https://www.docker.com/) provides the ability to package and run an application in a loosely isolated\nenvironment called a container.\n\nTo use it:\n\n```bash\n # CPU and GPU formats\n docker run -it ghcr.io/openwall/john:latest \u003cbinary id\u003e \u003cjohn options\u003e\n\n # To run ztex formats\n docker run --device=/dev/ttyUSB0 ghcr.io/openwall/john:v1.9.0J1 ztex \u003cjohn options\u003e\n```\n\nRun John the Ripper and check if it is working:\n\n```bash\n docker run ghcr.io/openwall/john # =\u003e uses the best SIMD available, tag 'latest' can be omitted\n docker run ghcr.io/openwall/john:bleeding # =\u003e uses the latest bleeding release\n docker run ghcr.io/openwall/john:latest best # =\u003e uses the best SIMD available\n```\n\n| 📑 **More examples of**\n[running John The Ripper on Docker](docs/examples-docker.md#more-examples-of-running-john-the-ripper-on-docker).\n\nThe highlights (👀):\n\n- OpenSSF SLSA 3 compliant;\n- has NVIDIA OpenCL available (GPU driver is required on the host);\n- has auto-selection of the best SIMD if user specifies `best` as the `\u003cbinary id\u003e`:\n  - example: `docker run ghcr.io/openwall/john:latest best -list=build-info`.\n- the latest released version:\n  - install from the command-line: `docker pull ghcr.io/openwall/john:latest`.\n- a development version is also available:\n  - install from the command-line: `docker pull ghcr.io/openwall/john:bleeding`.\n\n### Docker Image Deployments\n\n[![Docker Image Downloads][linkBadgeDownloadDocker]][linkRegistry]\n\n\u003c!--\n// jscpd:ignore-start\n--\u003e\n\nUsing the instructions above, you can install the released version of `john`, or the bleeding development version, or an\nearlier stable version on your system.\n\n\u003cdetails\u003e\n  \u003csummary\u003eOpenSSF SLSA\u003c/summary\u003e\n\nSLSA is a framework intended to codify and promote secure software supply-chain practices, it helps trace software\nartifacts back to the build and source control systems that produced them.\n\n\u003e :warning: **NOTE:** the Docker images from our GitHub Packages are level 3 compliant.\n\n  \u003cdiv align=\"center\"\u003e\n    \u003ca href=\"https://github.com/openwall/john-packages/pkgs/container/john\"\u003e\n      \u003cimg src=\"https://slsa.dev/images/levelBadge3.svg\" alt=\"Logo\" width=\"80\" height=\"80\"\u003e\n    \u003c/a\u003e\n    \u003ch3\u003eSLSA Provenance Traceability\u003c/h3\u003e\n  \u003c/div\u003e\n\u003c/details\u003e\n\u003c!--\n// jscpd:ignore-end\n--\u003e\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## Packages Checksums\n\n\u003e Released packages checksums computed by Build Servers\n\nFile verification is the process of using an algorithm for verifying the integrity of a computer file. A popular\napproach is to store checksums (hashes) of files, also known as message digests, for later comparison. All john packages\nchecksums (hashes) are computed by the CI servers.\n\nBy accessing the build logs for each release on GitHub releases you can view the hashes of all relevant files.\n\nYou can also go to \u003chttps://github.com/openwall/john-packages/attestations\u003e for a list of our named artifacts along with\ntheir digest.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## ⚠ Security\n\nPlease inspect all packages prior to running any of them to ensure safety. We already know they're safe, but you should\nverify the security and contents of any binary from the internet you are not familiar with.\n\nWe take security very seriously.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n\u003c!-- ABOUT THE PROJECT --\u003e\n\n## About This Project\n\nThis project aims to create tools and procedures to automate the creation and enable traceability of packages for John\nthe Ripper software, developing a CI and CD pipeline.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## Contribute\n\nWe love contributions in the form of issues and pull requests. Read the [Contributor Guide](CONTRIBUTING.md) before\ncontributing.\n\n[![GitHub issues by-label](https://img.shields.io/github/issues/openwall/john-packages/good%20first%20issue)](https://github.com/openwall/john-packages/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22)\n\nPlease first consult our [Security Policy](SECURITY.md) if you intend to report or contribute a fix related to security\nvulnerabilities.\n\nUpstream `john` project has a big backlog! If you're new to the project, maybe you'd like to open a pull request to\naddress one of them.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## Acknowledgments and Contact\n\nJohn the Ripper is proudly _Powered by Open Source Community_:\n\n- [Openwall](https://www.openwall.com/john/) and others.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## License\n\nGNU General Public License v2.0.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#header\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n\u003c!-- markdownlint-enable MD033 --\u003e\n\n[bleedingDocker]:\n  https://img.shields.io/endpoint?url=https%3A%2F%2Fraw.githubusercontent.com%2Fwiki%2Fopenwall%2Fjohn-packages%2Fdeploy%2Fdocker.json\n[bleedingSnap]:\n  https://img.shields.io/endpoint?url=https%3A%2F%2Fraw.githubusercontent.com%2Fwiki%2Fopenwall%2Fjohn-packages%2Fdeploy%2Fsnap.json\n[bleedingWindows]:\n  https://img.shields.io/endpoint?url=https%3A%2F%2Fraw.githubusercontent.com%2Fwiki%2Fopenwall%2Fjohn-packages%2Fdeploy%2Fwindows.json\n[linkBadgeDownloadDocker]: https://img.shields.io/badge/Download-Docker%20Image-blue.svg?style=for-the-badge\n[linkBadgeDownloadFlatpak]: https://img.shields.io/badge/Download-Flatpak%20Package-blue?style=for-the-badge\n[linkBadgeDownloadMac]: https://img.shields.io/badge/Download-macOS%20Package-blue.svg?style=for-the-badge\n[linkBadgeDownloadWindows]: https://img.shields.io/badge/Download-Windows%20Package-blue.svg?style=for-the-badge\n[linkFeedIcon]: https://upload.wikimedia.org/wikipedia/en/thumb/4/43/Feed-icon.svg/16px-Feed-icon.svg.png\n[linkFlatpakSite]: https://flatpak.org/\n[linkLatestPrereleaseDate]:\n  https://img.shields.io/github/release-date-pre/openwall/john-packages?label=when\u0026color=green\n  \"Latest Prerelease Date\"\n[linkLatestPrereleaseVersion]:\n  https://img.shields.io/github/release/openwall/john-packages?include_prereleases\u0026sort=date\u0026label=\u0026style=flat-square\u0026color=blue\n  \"Latest Prerelease Version\"\n[linkLatestReleaseDate]:\n  https://img.shields.io/github/release-date/openwall/john-packages?label=when\u0026color=green\n  \"Latest Release Date\"\n[linkLatestReleaseVersion]:\n  https://img.shields.io/github/release/openwall/john-packages?sort=date\u0026label=\u0026style=flat-square\u0026color=blue\n  \"Latest Release Version\"\n[linkRegistry]: https://github.com/openwall/john-packages/pkgs/container/john \"Our Docker image registry\"\n[linkReleases]: https://github.com/openwall/john-packages/releases \"The Release List\"\n[linkSnapcraftJohn]: https://snapcraft.io/john-the-ripper \"John Snap Package\"\n[linkSnapcraftSite]: https://snapcraft.io/ \"Snapcraft Main Site\"\n[linkTotalDownloads]:\n  https://img.shields.io/github/downloads/openwall/john-packages/total?label=downloads\u0026color=white\n  \"Total Downloads\"\n[linkProcedureCI]:\n  https://mermaid.ink/img/pako:eNqVk92O2jAQhV9l5CtWXfYBULVSIN0f0S0IqKgKezE4Q7BwbMt2aIHw7rWTpbDd3DQXUezMd2Z8xnNkXGfEeiy3aDYwS5cKwpMsvhvnLWEBA10Uwr9Ct3tf8Q3xLbhSeFwJKfy-gn5nUipAyPQv9UZYWqEj8Bpy8uA3BBI9OQ98gyond9Pk6EdJGBwjL9Tnlb2HMVqUkuSpiRjUSRNjdrTXFgbPFaSLNfbW2M3Ibb02ELG5UCG7C_9fr7mBsFxSTX1poVLNt2RbIFu6GnpogR4sUX-a_kslh9ISpLQbjacVPLWB5eEgVA6z4ENcf4qvZ-UMcR9AI_U-7oyRbzGni_jdXfCoEmoXOJGjF1pVMFzQb0NWFKQ8yrfgYRNcZcRjx5wLoZRVMO_0hbfCUdR_0aFvTaXm3Id53YevLUUnKrNaZJfTDuvQa5O-tWAF8tEUksnLe-pR-KdyBQmPh3AVjFrQqZYYar1k_F8vgzTodX2ZGlejR9fO1v0qUJUoAY2xeoeygh-dcwsj4yIQ7-2EJIWrfPOuHR8cHrfUOLO4a87BbllBtkCRhSk7RqUlC9oFLVkvfGZot0u2VKcQh6XX073irOdtSbfM6jLfsCAtXViVJgtjlAoMo1r83TWofmp9Xp_-AIwXRoc?type=png\n  \"CI and CD Procedures\"\n[linkWindowsPkg]: https://ci.appveyor.com/project/claudioandre-br/johntheripper/build/artifacts \"John Windows Package\"\n[shieldSnap]: https://snapcraft.io/john-the-ripper/badge.svg\n[shieldLicense]: https://img.shields.io/badge/License-GPL%20v2-blue.svg\n[shieldScore]: https://api.securityscorecards.dev/projects/github.com/openwall/john-packages/badge\n[shieldPractices]: https://bestpractices.coreinfrastructure.org/projects/7525/badge\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenwall%2Fjohn-packages","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenwall%2Fjohn-packages","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenwall%2Fjohn-packages/lists"}