{"id":13540226,"url":"https://github.com/ryancdotorg/brainflayer","last_synced_at":"2026-02-11T16:44:15.325Z","repository":{"id":33916074,"uuid":"37635037","full_name":"ryancdotorg/brainflayer","owner":"ryancdotorg","description":"A proof-of-concept cracker for cryptocurrency brainwallets and other low entropy key algorithms.","archived":false,"fork":false,"pushed_at":"2024-05-16T20:31:23.000Z","size":851,"stargazers_count":937,"open_issues_count":16,"forks_count":470,"subscribers_count":91,"default_branch":"master","last_synced_at":"2025-04-02T07:35:16.801Z","etag":null,"topics":["bitcoin","brainwallet","cryptography","ethereum","password-cracker","secp256k1"],"latest_commit_sha":null,"homepage":"https://rya.nc/brainflayer","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ryancdotorg.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-06-18T03:26:08.000Z","updated_at":"2025-03-30T17:17:32.000Z","dependencies_parsed_at":"2024-05-16T21:27:59.634Z","dependency_job_id":"5207c39c-bfee-417c-8300-250ffec4b5ef","html_url":"https://github.com/ryancdotorg/brainflayer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ryancdotorg/brainflayer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancdotorg%2Fbrainflayer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancdotorg%2Fbrainflayer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancdotorg%2Fbrainflayer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancdotorg%2Fbrainflayer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ryancdotorg","download_url":"https://codeload.github.com/ryancdotorg/brainflayer/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancdotorg%2Fbrainflayer/sbom","scorecard":{"id":791849,"data":{"date":"2025-08-11","repo":{"name":"github.com/ryancdotorg/brainflayer","commit":"2e0e659ad1fce91ad5831738d14a2641cfe2dff8"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 1/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 2 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: non-200 OK status code: 504 Gateway Timeout body: \"{\\\"message\\\": \\\"We couldn't respond to your request in time. Sorry about that. Please try resubmitting your request and contact us if the problem persists.\\\"}\\r\\n\"","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-23T07:46:45.584Z","repository_id":33916074,"created_at":"2025-08-23T07:46:45.585Z","updated_at":"2025-08-23T07:46:45.585Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29338519,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-11T16:14:43.024Z","status":"ssl_error","status_checked_at":"2026-02-11T16:14:15.258Z","response_time":97,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bitcoin","brainwallet","cryptography","ethereum","password-cracker","secp256k1"],"created_at":"2024-08-01T09:01:43.114Z","updated_at":"2026-02-11T16:44:15.298Z","avatar_url":"https://github.com/ryancdotorg.png","language":"C","funding_links":[],"categories":["C","\u003ca id=\"de81f9dd79c219c876c1313cd97852ce\"\u003e\u003c/a\u003e破解\u0026\u0026Crack\u0026\u0026爆破\u0026\u0026BruteForce","\u003ca id=\"73c3c9225523cbb05333246f23342846\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"f2c76d99a0b1fda124d210bd1bbc8f3f\"\u003e\u003c/a\u003eWordlist生成","\u003ca id=\"53084c21ff85ffad3dd9ce445684978b\"\u003e\u003c/a\u003e未分类的"],"readme":"Brainflayer\n===========\n\n⚠️ *I am not currently maintaining Brainflayer. It has acomplished [what I set out to do with it](https://rya.nc/defcon-brainwallets.html), and the work that went into it brought about a major inflection point in my career, but I have moved on to other things. Someday, I may come back to it, but don't count on that.* ⚠️\n\nI am currently [suing the British Government](https://www.leighday.co.uk/news/news/2023-news/legal-challenge-urges-government-to-give-legal-recognition-to-nonbinary-people/). If you've found my work useful...\n\n**...please donate to my [crowdfunding effort](https://www.crowdjustice.com/case/non-binary-recognition/)**.\n\nDescription\n-----------\n\nBrainflayer is a Proof-of-Concept brainwallet cracking tool that uses\n[libsecp256k1](https://github.com/bitcoin/secp256k1) for pubkey generation.\nIt was originally released as part of my DEFCON talk about cracking brainwallets\n([slides](https://rya.nc/dc23), [video](https://rya.nc/b6), [why](https://rya.nc/defcon-brainwallets.html)).\n\nThe name is a reference to [Mind Flayers](https://en.wikipedia.org/wiki/Illithid),\na race of monsters from the Dungeons \u0026 Dragons role-playing game. They eat\nbrains, psionically enslave people and look like lovecraftian horrors.\n\nThe current release is more than four times faster than the DEFCON release, and\nmany features have been added.\n\nIf brainflayer is useful to you, please get in touch to let me know. I'm very\ninterested in any research it's being used for, and I'm generally happy to\ncollaborate with academic groups.\n\nDisclaimer\n----------\nJust because you *can* steal someone's money doesn't mean you *should*.\nStealing would make you a jerk. Don't be a jerk.\n\nNo support will be provided at this time, and I may ignore or close issues\nrequesting support without responding.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\"\nAND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\nIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE\nARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE\nLIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR\nCONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\nSUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\nINTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\nCONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\nARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\nPOSSIBILITY OF SUCH DAMAGE.\n\nUsage\n-----\n\n### Basic\n\nPrecompute the bloom filter:\n\n`hex2blf example.hex example.blf`\n\nRun Brainflayer against it:\n\n`brainflayer -v -b example.blf -i phraselist.txt`\n\nor\n\n`your_generator | brainflayer -v -b example.blf`\n\n### Advanced\n\nBrainflayer's design is heavily influenced by [Unix philosophy](https://en.wikipedia.org/wiki/Unix_philosophy).\nIt (mostly) does one thing: hunt for tasty brainwallets. A major feature it\ndoes *not* have is generating candidate passwords/passphrases. There are plenty\nof other great tools that do that, and brainflayer is happy to have you pipe\ntheir output to it.\n\nUnfortunately, brainflayer is not currently multithreaded. If you want to have\nit keep multiple cores busy, you'll have to come up with a way to distribute\nthe work yourself (brainflayer's -n and -k options may help). In my testing,\nbrainflayer benefits significantly from hyperthreading, so you may want to\nrun two copies per physical core. Also worth noting is that brainflayer mmaps\nits data files in shared memory, so additional brainflayer processes do not\nuse up that much additional RAM.\n\nWhile not strictly required, it is *highly* recommended to use the following\noptions:\n\n* `-m FILE` Load the ecmult table from `FILE` (generated with `ecmtabgen`)\n            rather than computing it on startup. This will allow multiple\n            brainflayer processes to share the same table in memory, and\n            signifigantly reduce startup time when using a large table.\n\n* `-f FILE` Verify check bloom filter matches against `FILE`, a list of all\n            hash160s generated with\n            `sort -u example.hex | xxd -r -p \u003e example.bin`\n            Enough addresses exist on the Bitcoin network to cause false\n            positives in the bloom filter, this option will suppress them.\n\nBrainflayer supports a few other types of input via the `-t` option:\n\n* `-t keccak` passphrases to be hashed with keccak256 (some ethereum tools)\n\n* `-t priv` raw private keys - this can be used to support arbitrary\n            deterministic wallet schemes via an external program. Any trailing\n            data after the hex encoded private key will be included in\n            brainflayer's output as well, for reference. See also the `-I`\n            option if you want to crack a bunch of sequential keys, which has\n            special speed optimizations.\n\n* `-t warp` salts or passwords/passphrases for WarpWallet\n\n* `-t bwio` salts or passwords/passphrases for brainwallet.io\n\n* `-t bv2`  salts or passwords/passphrases for brainv2 - this one is *very* slow\n            on CPU, however the parameter choices make it a great target for GPUs\n            and FPGAs.\n\n* `-t rush` passwords for password-protected rushwallets - pass the fragment (the\n            part of the url after the #) using `-r`. Almost all wrong passwords\n            will be rejected even without a bloom filter.\n\nAddress types can be specified with the `-c` option:\n\n* `-c u` uncompressed addresses\n\n* `-c c` compressed addresses\n\n* `-c e` ethereum addresses\n\n* `-c x` most signifigant bits of public point's x coordinate\n\nIt's possible to combine two or more of these, e.g. the default is `-c uc`.\n\nAn incremental private key brute force mode is available for fans of\n[directory.io](http://www.directory.io/), try\n\n`brainflayer -v -I 0000000000000000000000000000000000000000000000000000000000000001 -b example.blf`\n\nSee the output of `brainflayer -h` for more detailed usage info.\n\nAlso included is `blfchk` - you can pipe it hex encoded hash160 to check a\nbloom filter file for. It's very fast - it can easily check millions of\nhash160s per second. Not entirely sure what this is good for but I'm sure\nyou'll come up with something.\n\nBuilding\n--------\n\nShould compile on Linux with `make` provided you have the required devel libs\ninstalled (at least openssl and gmp are required along with libsecp256k1's\nbuild dependencies). I really need to learn autotools. If you file an issue\nabout a build failure in libsecp256k1 I will close it.\n\nDependencies should install with\n\n```\napt install build-essential libgmp-dev libssl-dev\n```\n\nSupported build target is currently Ubuntu 20.04 on amd64/x86_64. Issues with\nbuilding for other platforms probably won’t be fixed. In particular, Kali Linux\nis *not* supported. Support for operating systems other than Linux would require\nextensive refactoring of Brainflayer's memory optimizations and is not happening.\n\nRedistribution of compiled `brainflayer` binaries is prohibited, and\nunauthorized binaries probably contain malware.\n\nAuthors\n-------\n\nThe bulk of Brainflayer was written by Ryan Castellucci. Nicolas Courtois and\nGuangyan Song contributed the code in `ec_pubkey_fast.c` which more than\ndoubles the speed of public key computations compared with the stock secp256k1\nlibrary from Bitcoin. This code uses a much larger table for ec multiplication\nand optimized routines for ec addition and doubling.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fryancdotorg%2Fbrainflayer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fryancdotorg%2Fbrainflayer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fryancdotorg%2Fbrainflayer/lists"}