- Introduction
- Installation
- Getting Started
- GUI Overview
- Attack Configuration
- Attack Types
- Monitoring Progress
- Results and Logging
- Advanced Features
- Troubleshooting
- Best Practices
Keyspace is a comprehensive password cracking application with a modern graphical interface. It supports multiple attack methodologies and provides real-time monitoring of cracking progress.
- Multiple attack types (Dictionary, Brute Force, Rule-based, etc.)
- Real-time progress monitoring
- Pause/Resume functionality
- Comprehensive logging
- Modern PyQt6 GUI
- Performance statistics
- Export capabilities
- Python 3.8 or higher
- Windows, Linux, or macOS
-
Download or clone the Keyspace repository
-
Navigate to the project directory
-
Run the installation script:
Windows:
start.batManual Installation:
pip install -r requirements.txtWindows:
Double-click start.bat or run:
python main.pyCommand Line:
python main.py --target "demo_target" --attack-type "Brute Force Attack"- Launch the application
- The main window will open with default settings
- Configure your attack parameters (see Attack Configuration)
- Click "▶ Start Attack" to begin
The main window is divided into several key areas:
- File: New/Open/Save sessions, Export results
- Attack: Start/Stop/Pause/Resume attacks
- Tools: Wordlist generator, Charset analyzer
- Help: About dialog
- Quick Start/Stop buttons
- Current target display
- Progress indicator
Main control center for setting up attacks.
- Dashboard: Live statistics and progress
- Attack Log: Detailed operation logs
- Statistics: Performance metrics
- Results: Found passwords and outcomes
Displays attack results and findings.
Shows current status, attempt count, and speed.
- Enter the target to attack (WiFi SSID, username, service name)
- Example:
MyWiFiNetwork,admin,demo_target
Select from available attack methods:
- Dictionary Attack (WPA2)
- Brute Force Attack
- Rule-based Attack
- Hybrid Attack
- Mask Attack
- Combinator Attack
- PIN Code Attack
- Rainbow Table Attack
- Markov Chain Attack
- Neural Network Attack
- Distributed Attack
- Click "Browse..." to select a wordlist file
- Supports .txt files with one password per line
- Recommended: RockYou.txt or custom wordlists
- Min Length: Minimum password length to try
- Max Length: Maximum password length to try
- Brute force will generate combinations between these lengths
- Default:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&* - Customize for specific requirements
- Common sets:
- Lowercase only:
abcdefghijklmnopqrstuvwxyz - Alphanumeric:
abcdefghijklmnopqrstuvwxyz0123456789 - All printable: Include spaces and special characters
- Lowercase only:
- ▶ Start Attack: Begin the configured attack
- ⏹ Stop Attack: Immediately halt the current attack
- ⏸ Pause: Temporarily suspend the attack (can be resumed)
- ▶ Resume: Continue a paused attack
Best for: Known password lists, common passwords
Requirements: Wordlist file
How it works:
- Loads passwords from the specified wordlist
- Tests each password against the target
- Stops when password is found or list is exhausted
Configuration:
- Select "Dictionary Attack (WPA2)" from Attack Type
- Choose wordlist file
- Click Start
Best for: Short passwords, known character sets
Requirements: Character set, length range
How it works:
- Generates all possible combinations within length range
- Tests each combination systematically
- Continues until password found or manually stopped
Configuration:
- Select "Brute Force Attack"
- Set Min/Max Length (keep small for testing)
- Customize charset if needed
- Click Start
Best for: Passwords with predictable patterns
Requirements: Wordlist file
How it works:
- Takes base passwords from wordlist
- Applies various mutation rules:
- Case variations (Password → password, PASSWORD)
- Leet speak (password → p4ssw0rd)
- Number appending (password → password123)
- Special character insertion
- Keyboard patterns
- And many more
Configuration:
- Select "Rule-based Attack"
- Choose wordlist file
- Click Start
Best for: Common password + addition patterns
Requirements: Wordlist file
How it works:
- Takes each word from wordlist
- Tests original word
- Tests word + common additions (123, !, 2023, etc.)
- Tests common additions + word
Configuration:
- Select "Hybrid Attack"
- Choose wordlist file
- Click Start
Best for: Known password patterns
Requirements: None (uses predefined masks)
How it works:
- Uses common password masks like:
?u?l?l?l?l?l?l?l(8 chars: Upper + 7 lower)?u?l?l?l?l?d?d?d(8 chars: Upper + 4 lower + 3 digits)?a?a?a?a?a?a?a?a(8 any characters)
Configuration:
- Select "Mask Attack"
- Click Start
Best for: Two-word combinations
Requirements: Wordlist file
How it works:
- Combines words from wordlist: word1 + word2
- Tests all combinations
Configuration:
- Select "Combinator Attack"
- Choose wordlist file
- Click Start
Best for: Numeric PINs
Requirements: None
How it works:
- Tests all possible PIN combinations
- Supports 4, 5, 6, and 8-digit PINs
Configuration:
- Select "PIN Code Attack"
- Click Start
Best for: Precomputed hash attacks
Requirements: None (uses simulated rainbow tables)
How it works:
- Uses precomputed hash chains (rainbow tables)
- Performs fast lookups for known hashes
- Reduces computation time for repeated attacks
Configuration:
- Select "Rainbow Table Attack"
- Click Start
Note: Real implementation would require actual rainbow table files
Best for: Statistical password prediction
Requirements: None
How it works:
- Analyzes common password patterns statistically
- Builds transition probability matrices
- Generates passwords based on learned patterns
- Tests statistically likely combinations first
Configuration:
- Select "Markov Chain Attack"
- Set Min/Max Length
- Click Start
Best for: AI-powered password prediction
Requirements: None (uses simulated neural network)
How it works:
- Uses machine learning to predict common passwords
- Analyzes patterns in password datasets
- Generates passwords based on learned patterns
- Prioritizes high-probability candidates
Configuration:
- Select "Neural Network Attack"
- Click Start
Note: Real implementation would require trained neural network models
Best for: Large-scale cracking operations
Requirements: None (simulates distributed computing)
How it works:
- Simulates multiple worker nodes
- Distributes workload across simulated machines
- Coordinates attack across multiple processes
- Aggregates results from all workers
Configuration:
- Select "Distributed Attack"
- Click Start
Note: Real implementation would require network coordination
- Attack Status: Current state (Running, Paused, Stopped)
- Progress Bar: Visual progress indicator
- Speed: Current attempts per second
- ETA: Estimated time to completion
- Attempts: Total passwords tested
- Elapsed Time: Time since attack started
- Progress updates every few seconds
- Speed calculations use moving averages for stability
- ETA recalculates based on current performance
- Current Speed: Attempts per second right now
- Average Speed: Overall average speed
- Peak Speed: Highest speed achieved
- Total Attempts: Cumulative count
- Shows successful password discoveries
- Displays attempt numbers and timing
- Includes hash information (if available)
- Detailed chronological log of operations
- Shows attack initialization
- Records progress milestones
- Logs errors and warnings
- Timestamps all entries
- Go to File → Export → Export to CSV/HTML
- Choose save location
- Results saved in selected format
- Pause attacks for later continuation
- Resume from exact stopping point
- Useful for long-running attacks
- New Session: Clear all data, start fresh
- Save Session: Save current configuration
- Open Session: Load previous configuration
python main.py [options]
Options:
--target TARGET Target for attack
--attack-type TYPE Attack type
--wordlist FILE Wordlist file path
--min-length N Minimum password length
--max-length N Maximum password length
--charset CHARS Character set- Automatic log file creation in
logs/bruteforce.log - Console output for debugging
- Log rotation for long-term use
- Check file path is correct
- Ensure file exists and is readable
- Use absolute paths if relative paths fail
- Reduce Max Length for brute force attacks
- Use smaller character sets
- Consider alternative attack types
- Attacks run in separate threads
- GUI should remain responsive
- If frozen, force close and restart
- Reduce batch size in code
- Use smaller wordlists
- Close other applications
- Some attack types are computationally intensive
- Consider hardware limitations
- Use optimized wordlists
- Use SSD storage for wordlists
- Close unnecessary applications
- Monitor system resources
- Use appropriate attack types for your hardware
⚠️ LEGAL WARNING: Only use on systems you own or have explicit permission to test- Obtain written authorization before security testing
- Respect applicable laws and regulations
- Start Simple: Begin with dictionary attacks
- Profile Target: Use known information about the target
- Combine Methods: Use hybrid approaches for better results
- Monitor Progress: Don't let attacks run unsupervised for too long
- RockYou.txt: Classic wordlist with common passwords
- Custom Lists: Create based on target knowledge
- Industry Specific: Use lists relevant to the target domain
- Size vs Speed: Balance coverage with performance
- CPU: More cores = better performance
- RAM: 4GB minimum, 8GB+ recommended
- Storage: Fast SSD for wordlist access
- Cooling: Long attacks generate heat
- Save configurations for reuse
- Export results regularly
- Keep logs for analysis
- Document successful methodologies
- Keep dependencies updated
- Monitor log files for errors
- Clean temporary files periodically
- Backup important configurations
For issues or questions:
- Check this user guide
- Review the README.md
- Check log files for error details
- Ensure all prerequisites are met
- v1.0: Initial release with core attack types and GUI