10 Most Recommended Tools For Password Recovery

Whenever confidentiality and access levels are defined, password is used to give certain access to users. User protects their personal details with strong passwords. However, many password cracking tools have been created to crack the passwords.

There are many password cracking tools available for free and paid as well. Today we are going to discuss about some most recommended password cracking tools that security professionals uses.


It is used to recover wireless keys. It implements the best known cracking algorithms once enough encrypted packets are gathered. Aircrack is a suite of tools for 802.11 a/b/g WEP and WPA cracking. The suite comprises of many tools like airodump, aireplay, aircrack, airdecap for capturing wireless communications packets.

Cain and Abel

Cain and Abel is Windows-only password cracking tools that many cyber security professional uses to recover passwords. It sniffs the network, cracks encrypted password using dictionary. This tool is able to attack by brute force and cryptanalysis techniques and can also record VoIP communications, uncover cache passwords, revealing password boxes and analyzing routing protocols.

THC Hydra

Most cyber security professional choose THC hydra when they need to crack remote authentication service using brute force attack. It can perform rapid dictionary attack against more than 50 protocols, which includes http, ftp, https, smb and several databases.


It’s a Windows password cracking tool, although it can be run on Linux, Windows and Mac also. It includes many features like LM and NTLM hash cracking, GUI, can load hashes from encrypted SAM recovered from Windows partition and a live CD version.


Medusa is a tool that fast, modular, and massively parallel brute force logger. It supports many protocols like AFP, cvs, ftp, http, imap, SSH and other.


Fgdump is the tool for extracting NTLM and LanMan password hashesfrom Windows. Fpdump attempts to disable antivirus software before initiating. It then runs pwdump, cachedump (cached credentials dump), and pstgdump (protected storage dump). It is also capable of displaying password histories if available.


L0phtCrack is a Windows based password cracking tool, which attempts cracking using hashes. Hashes can be obtained from stand-alone Windows workstation, network servers or active directories.  It also has various methods of generating passwords (dictionary, brute force, etc).


The RainbowCrack tool is a hash cracking tool that makes use of a large-scale time-memory trade-off. An ordinary brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. While, RainbowCrack uses a time-memory trade-off to do all the pre cracking-time computation and store the results in tables called “rainbow tables”. It does take a long time to pre compute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the pre-computation is finished.


Brutus is a free and Windows-only password cracker that uses dictionary against network services of remote system to recover password. It supports http, pop3, ftp, smb, telnet, imap and other protocols.


Wfuzz is a brute forcing tool for Web Applications, cyber security professionals uses this tool for finding resources like directories, servlets, scripts, bruteforcing GET and POST parameters for different kinds of injections (SQL, XSS, LDAP, etc.) and brute forcing form parameters (user/password), fuzzing and more.

Password cracking tools are not limited to these only there are many other tools as well. Many cyber security professional recommends these tools to recover passwords.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...