There are many password cracking tools available for free and paid as well. Today we are going to discuss about some most recommended password cracking tools that security professionals uses.
It is used to recover wireless keys. It implements the best known cracking algorithms once enough encrypted packets are gathered. Aircrack is a suite of tools for 802.11 a/b/g WEP and WPA cracking. The suite comprises of many tools like airodump, aireplay, aircrack, airdecap for capturing wireless communications packets.
Cain and Abel
Cain and Abel is Windows-only password cracking tools that many cyber security professional uses to recover passwords. It sniffs the network, cracks encrypted password using dictionary. This tool is able to attack by brute force and cryptanalysis techniques and can also record VoIP communications, uncover cache passwords, revealing password boxes and analyzing routing protocols.
Most cyber security professional choose THC hydra when they need to crack remote authentication service using brute force attack. It can perform rapid dictionary attack against more than 50 protocols, which includes http, ftp, https, smb and several databases.
It’s a Windows password cracking tool, although it can be run on Linux, Windows and Mac also. It includes many features like LM and NTLM hash cracking, GUI, can load hashes from encrypted SAM recovered from Windows partition and a live CD version.
Medusa is a tool that fast, modular, and massively parallel brute force logger. It supports many protocols like AFP, cvs, ftp, http, imap, SSH and other.
Fgdump is the tool for extracting NTLM and LanMan password hashesfrom Windows. Fpdump attempts to disable antivirus software before initiating. It then runs pwdump, cachedump (cached credentials dump), and pstgdump (protected storage dump). It is also capable of displaying password histories if available.
L0phtCrack is a Windows based password cracking tool, which attempts cracking using hashes. Hashes can be obtained from stand-alone Windows workstation, network servers or active directories. It also has various methods of generating passwords (dictionary, brute force, etc).
The RainbowCrack tool is a hash cracking tool that makes use of a large-scale time-memory trade-off. An ordinary brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. While, RainbowCrack uses a time-memory trade-off to do all the pre cracking-time computation and store the results in tables called “rainbow tables”. It does take a long time to pre compute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the pre-computation is finished.
Brutus is a free and Windows-only password cracker that uses dictionary against network services of remote system to recover password. It supports http, pop3, ftp, smb, telnet, imap and other protocols.
Wfuzz is a brute forcing tool for Web Applications, cyber security professionals uses this tool for finding resources like directories, servlets, scripts, bruteforcing GET and POST parameters for different kinds of injections (SQL, XSS, LDAP, etc.) and brute forcing form parameters (user/password), fuzzing and more.
Password cracking tools are not limited to these only there are many other tools as well. Many cyber security professional recommends these tools to recover passwords.