{"id":13530270,"url":"https://github.com/stormfleet/cloudcat","last_synced_at":"2026-03-10T18:36:40.356Z","repository":{"id":215196357,"uuid":"196461181","full_name":"stormfleet/cloudcat","owner":"stormfleet","description":"A script to automate the creation of cloud infrastructure for hash cracking.","archived":false,"fork":false,"pushed_at":"2019-09-04T19:52:43.000Z","size":123,"stargazers_count":16,"open_issues_count":1,"forks_count":7,"subscribers_count":0,"default_branch":"master","last_synced_at":"2024-11-02T17:35:53.494Z","etag":null,"topics":["ansible-playbook","automated-testing","aws-ec2","cloud","crack-passwords","cracking-hashes","hashcat","infrastructure","password-cracker","pentest-tool","redteam-infrastructure","redteaming","wordlists"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stormfleet.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-07-11T20:30:08.000Z","updated_at":"2024-07-06T21:57:12.000Z","dependencies_parsed_at":"2024-01-07T13:05:34.293Z","dependency_job_id":null,"html_url":"https://github.com/stormfleet/cloudcat","commit_stats":null,"previous_names":["stormfleet/cloudcat"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stormfleet%2Fcloudcat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stormfleet%2Fcloudcat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stormfleet%2Fcloudcat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stormfleet%2Fcloudcat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stormfleet","download_url":"https://codeload.github.com/stormfleet/cloudcat/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246691554,"owners_count":20818533,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible-playbook","automated-testing","aws-ec2","cloud","crack-passwords","cracking-hashes","hashcat","infrastructure","password-cracker","pentest-tool","redteam-infrastructure","redteaming","wordlists"],"created_at":"2024-08-01T07:00:47.055Z","updated_at":"2026-03-10T18:36:40.286Z","avatar_url":"https://github.com/stormfleet.png","language":"Python","funding_links":[],"categories":["Cloud"],"sub_categories":[],"readme":"# CloudCat\n## Contents\n\n- [Introduction](#introduction)\n- [Installation](#installation)\n- [Usage](#usage)\n- [Coming](#coming)\n- [Thanks](#thanks)\n- [License](#license)\n\n## Introduction\nA Python script to create infrastructure to crack passwords for you in the cloud. CloudCat is just a python wrapper over an Ansible substrate to automate the creation and deletion of AWS's GPU EC2 instances, which make for great crackstations.\n\nAWS's GPU instances have really high specification GPU's capable of outputting a lot of hashing power. They're quite costly, but if you need results quickly they're an excellent resource. The idea is to fire off CloudCat and continue working on penetration tests, and gather the results when it's done.\n\nIf you can afford your own beefy crackstation then that's no problem - but if you can't justify purchasing a proper one then AWS is a great alternative. Enhanced computing EC2 instances have really fast GPUs, which are unsurprisingly ideal for cracking hashes. Here are some stats for the 3 EC2 instances supported by CloudCat:\n\n| Hashtype     | NVIDIA V100 MH/s x1 |\n| ------------ | ---------------- |\n| NTLM         |  77704.4 MH/s |\n| NetNTLMv1    |  44172.1 MH/s |\n| NetNTLMv2    |  3809.1 MH/s |\n| Kerberos 5 AS-REQ |  996.7 MH/s |\n| Kerberos 5 TGS-REP | 996.0 MH/S |\n\n[Here](benchmark.md) is a full benchmark for all Hashcat hashtypes on a p3.2xlarge instance. p3.8x and p3.16xlarge instances use 4 and 8 of the NVIDIA V100 GPUs respectively, so the increase in cracking power is linear.\n\n| Instance | # of NVIDIA V100s |\n| -------- | ----------------- |\n| p3.2xlarge | x1 |\n| p3.8xlarge | x4 |\n| p3.16xlarge | x8 |\n\ntl;dr: Don't have the money or can't maintain your own crackstation? Have some cash to spare? Want creds quickly? Automate cracking in the cloud and free up time to continue pentesting.\n\nThere isn't full support for simultaneous cracking instances at the moment - it's coming though. Also need support for creating your own wordlist snapshots - I've been using my own but I'll buld it into the script.\n\nA word of warning too for the time being - the destroy script doesn't take notice of multiple instances, so you might want to check your AWS Console to be doubly sure the instance has terminated correctly!\n\n## Installation\nCloudcat requires the following Python dependencies:\n```\nboto\nbotocore\nboto3\nansible\n```\nIn addition to the following linux packages:\n```\nawscli\nansible\n```\n## Usage\n\n```\n./cloudcat.py --help\n\nusage: cloudcat.py [-h] [-t {p3.2xlarge,p3.8xlarge,p3.16xlarge}] [-f FILE]\n                   [-m MODE] [-i IDENTITY] [-k SSHKEY]\n                   [-l {short,medium,long}] [--guest-ip DOUBLE] [--setup] [-d]\n                   [-v]\n\nExample usage: ./cloudcat.py -t p3.2xlarge -f /path/to/hashes.txt -m 1000 -i\naws-id -k ssh-keyname -l short\n\noptional arguments:\n  -h, --help            show this help message and exit\n  -t {p3.2xlarge,p3.8xlarge,p3.16xlarge}, --type {p3.2xlarge,p3.8xlarge,p3.16xlarge}\n                        Size of the instance to use. From cheapest to most\n                        expensive: p3.2xlarge, p3.8xlarge and p3.16xlarge.\n  -f FILE, --file FILE  File containing hashes to crack.\n  -m MODE, --mode MODE  Hashtype cracking mode you want to use. This should\n                        correspond to the modes listed on Hashcat's website.\n  -i IDENTITY, --identity IDENTITY\n                        AWS identity to use (only select this if you're sure\n                        you have the correct key!).\n  -k SSHKEY, --ssh-key SSHKEY\n                        SSH key-file name. Used to connect to created CloudCat\n                        instances to conduct tasks and launch Hashcat.\n  -l {short,medium,long}, --length {short,medium,long}\n                        Length of the hash cracking run. Short is just\n                        rockyou.txt, medium is rockyou and fav_wordlist, and\n                        long is those two and crackstation.txt.\n  --guest-ip DOUBLE     Create an Amazon Security Group where your current\n                        pulic IP address and one other public IP address is\n                        allowed through the firewall. This second location\n                        should be somewhere you always have access to (e.g.\n                        home, office).\n  --setup               Perform CloudCat setup to configure AWS API keys and\n                        region.\n  -d, --destroy         Destroy CloudCat AWS P3.X instances.\n  -v, --verbose         Add verbosity to CloudCat execution.\n```\nExample usage: ./cloudcat.py -t p3.2xlarge -f /tmp/foo.txt -m 1000 -i awscat -k awscat -l short -s\n\nA full list of Hashcat hashtypes is available [here](https://hashcat.net/wiki/doku.php?id=example_hashes).\n\nCurrently CloudCat creates an instance, creates a volume from a public snapshot containing the following wordlists. This needs to be improved, as the more wordlists included the better.\n```\nrockyou.txt\nfav_wordlist.lst\ncrackstation.txt\n```\n\n## Coming\nThings that will be coming to CloudCat eventually:\n- Support for multiple simultaneous CloudCat instances\n- Terraform support\n- Robust hash detection to confirm whether hashes are correctly formatted before the instances are brought up (to save money).\n- Better management of active hosts to facilitate destruction\n- Dockerfile support\n- ec2_instance module from ansible is not supported by ansible core - need to migrate to a core supported one so that spot requests are supported.\n- Support for other cloud providers: Azure, Oracle, etc. Depends on if they have ansible modules!\n\n## Thanks\nObviously massive thanks to the [Hashcat team](https://github.com/hashcat/hashcat) for the work they do.\nInspired to create this by the following blog posts on AWS-based password cracking: [1](https://hackernoon.com/20-hours-18-and-11-million-passwords-cracked-c4513f61fdb1),[2](https://medium.com/@lordsaibat/cracking-passwords-with-terraform-and-aws-3685cc918721),[3](https://medium.com/@iraklis/running-hashcat-v4-0-0-in-amazons-aws-new-p3-16xlarge-instance-e8fab4541e9b).\n\n## License\nThis is free and unencumbered software released into the public domain.\n\nAnyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means.\n\nIn jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit of the public at large and to the detriment of our heirs and successors. We intend this dedication to be an overt act of relinquishment in perpetuity of all present and future rights to this software under copyright law.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n\nFor more information, please refer to \u003chttp://unlicense.org/\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstormfleet%2Fcloudcat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstormfleet%2Fcloudcat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstormfleet%2Fcloudcat/lists"}