10 Most Recommended Tools For Password Recovery

Whenever confidentiality and access levels are defined, password is used to give certain access to users. User protects their personal details with strong passwords. However, many password cracking tools have been created to crack the passwords.

There are many password cracking tools available for free and paid as well. Today we are going to discuss about some most recommended password cracking tools that security professionals uses.


It is used to recover wireless keys. It implements the best known cracking algorithms once enough encrypted packets are gathered. Aircrack is a suite of tools for 802.11 a/b/g WEP and WPA cracking. The suite comprises of many tools like airodump, aireplay, aircrack, airdecap for capturing wireless communications packets.

Cain and Abel

Cain and Abel is Windows-only password cracking tools that many cyber security professional uses to recover passwords. It sniffs the network, cracks encrypted password using dictionary. This tool is able to attack by brute force and cryptanalysis techniques and can also record VoIP communications, uncover cache passwords, revealing password boxes and analyzing routing protocols.

THC Hydra

Most cyber security professional choose THC hydra when they need to crack remote authentication service using brute force attack. It can perform rapid dictionary attack against more than 50 protocols, which includes http, ftp, https, smb and several databases.


It’s a Windows password cracking tool, although it can be run on Linux, Windows and Mac also. It includes many features like LM and NTLM hash cracking, GUI, can load hashes from encrypted SAM recovered from Windows partition and a live CD version.


Medusa is a tool that fast, modular, and massively parallel brute force logger. It supports many protocols like AFP, cvs, ftp, http, imap, SSH and other.


Fgdump is the tool for extracting NTLM and LanMan password hashesfrom Windows. Fpdump attempts to disable antivirus software before initiating. It then runs pwdump, cachedump (cached credentials dump), and pstgdump (protected storage dump). It is also capable of displaying password histories if available.


L0phtCrack is a Windows based password cracking tool, which attempts cracking using hashes. Hashes can be obtained from stand-alone Windows workstation, network servers or active directories.  It also has various methods of generating passwords (dictionary, brute force, etc).


The RainbowCrack tool is a hash cracking tool that makes use of a large-scale time-memory trade-off. An ordinary brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. While, RainbowCrack uses a time-memory trade-off to do all the pre cracking-time computation and store the results in tables called “rainbow tables”. It does take a long time to pre compute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the pre-computation is finished.


Brutus is a free and Windows-only password cracker that uses dictionary against network services of remote system to recover password. It supports http, pop3, ftp, smb, telnet, imap and other protocols.


Wfuzz is a brute forcing tool for Web Applications, cyber security professionals uses this tool for finding resources like directories, servlets, scripts, bruteforcing GET and POST parameters for different kinds of injections (SQL, XSS, LDAP, etc.) and brute forcing form parameters (user/password), fuzzing and more.

Password cracking tools are not limited to these only there are many other tools as well. Many cyber security professional recommends these tools to recover passwords.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...

Digital Forensics Investigation using Autopsy In Kali Linux

Autopsy is one of the digital forensics tools use to investigate what happened on a computer. It offers a GUI access to variety of...