90
Password Attack Tools
| Tools | Description |
|---|---|
| BruteSpray | It takes nmap GNMAP/XML output and automatically brute-force services with default credentials using Medusa. |
| Burp Suite | It is a platform to perform security testing of web applications. |
| CeWL | It is a custom wordlist generator that spread a given url to a specified depth, optionally following external links. It also returns a list of words which can be used for password crackers. |
| chntpw | It is a tool that allows you to view information and change user passwords in a Windows NT/2000 user database file. |
| Cisco-auditing-tool | It scans cisco routers for common vulnerability and errors. |
| CmosPwd | It is a tool to decrypt the password stored in CMOS used to access a computer BIOS setup. |
| creddump | It is used to extract various credentials and secrets from Windows registry hives. |
| crowbar | It is a brute-forcing tool that can be used during penetration tests. |
| crunch | It creates a wordlist based on the criteria we specify. |
| findmyhash | It cracks hashes using online services. |
| gpp-decrypt | It will decrypt a given GPP (Group Policy Preference) encrypted string. |
| hash-identifier | It is a tool to identify the different types of hashes used to encrypt data. |
| Hashcat | It is the world’s fastest and most advanced password recovery tool. |
| HexorBase | It is a database application designed for administrating and auditing multiple database servers simultaneously from a centralized location. |
| THC-Hydra | It is a fast network login cracker which supports a huge number of protocols to attack. |
| John | the RipperIt is a password cracking tool. |
| Johnny | It provides a GUI for the “John the Ripper” password cracking tool. |
| keimpx | It checks for valid credentials across a network over SMB. |
| Maskprocessor | It is a high-performance word generator with a per-position configurable charset packed into a single binary package. |
| multiforcer | It is a multi-GPU password cracker with support for many hash types such as MD5, SHA1, LM, NTLM, etc… |
| Ncrack | It is a High-speed network authentication cracking tool that gives a user full access over the network operations that allows the very sophisticated bruteforcing attacks. |
| oclgausscrack | It cracks the verification hash of the encrypted payload of the Gauss Virus. |
| ophcrack | It is a Microsoft Windows password cracker based on rainbow tables. |
| PACK | It is a password cracking tool that generates dictionary file statistics. |
| patator | It is a multi-purpose brute-forcer that supports a huge number of modules. |
| Phrasendrescher | It is a passphrase cracking tool that runs on FreeBSD, netBSD, OpenBSD, MacOS, and Linux. |
| Polenum | It is a tool to extract the password policy from a Windows system. |
| RainbowCrack | A rainbow table password cracker that uses the time-memory trade-off algorithm to crack hashes. |
| rcracki-mt | It is a modified version of rcrack which supports hybrid and indexed tables. |
| RSMangler | It is a wordlist mangling tool that performs various manipulations similarly to John the Ripper. |
| SecLists | It is a security tester. It consists of multiple types of lists used during security assessments, collected in one place. |
| SQLdict | It is a dictionary attack tool used for the SQL server. |
| Statsprocessor | It is a High-performance word generator based on hashcat markov stats. |
| THC-pptp-bruter | It is a brute force program against pptp vpn endpoints. |
| TrueCrack | It is a brute-force password cracker for TrueCrypt volumes. |
| WebScarab | It is a web application review tool for those who need to expose the working of a HTTPs based application. |
| Wordlists | It contains the rockyou wordlist and contains symlinks to a number of other password files present in the Kali Linux distribution. |
| zaproxy | It is a penetration testing tool for finding vulnerabilities in web applications. |
Next TopicMaintaining Access Tools