Password crackers

Tools

acccheck (SMB password guessing and dictionary attack tool)

password discovery, password strength testing

The acccheck tool performs a password guessing and dictionary attack on SMB services used to share files and printers.

eapmd5pass (offline EAP-MD5 dictionary attack tool)

network analysis, password discovery, penetration testing

A tool like this would be most likely used to show the weakness of old authentication protocols, including penetration testing.

hashcat (password recovery tool)

password discovery

Hashcat can be used to discover lost passwords, or as part of a security assignment. For example, it could be trying to crack a password from a password file that was obtained during a penetration test.

Patator (multi-purpose brute-force tool)

password discovery, penetration testing, reconnaissance, vulnerability scanning

Patator is based on similar tools like Hydra, yet with the goal to avoid the common flaws these tools have like performance limitations. The tool is modular and supports different types of brute-force attacks or enumeration of information.

THC Hydra (password discovery)

penetration testing, security assessment

THC Hydra is a brute-force cracking tool for remote authentication services. It supports many protocols, including telnet, FTP, LDAP, SSH, SNMP, and others.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.