acccheck alternatives
Looking for an alternative tool to replace acccheck? During the review of acccheck we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.
Top 3
- eapmd5pass (offline EAP-MD5 dictionary attack tool)
- Patator (multi-purpose brute-force tool)
- THC Hydra (password discovery)
These tools are ranked as the best alternatives to acccheck.
Alternatives (by score)
eapmd5pass
Introduction
A tool like this would be most likely used to show the weakness of old authentication protocols, including penetration testing.
Project details
eapmd5pass is written in C.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Network analysis
- Password discovery
- Penetration testing
Patator
Introduction
Patator is based on similar tools like Hydra, yet with the goal to avoid the common flaws these tools have like performance limitations. The tool is modular and supports different types of brute-force attacks or enumeration of information.
Project details
Patator is written in Python.
Strengths and weaknesses
- + More than 500 GitHub stars
- + The source code of this software is available
Typical usage
- Password discovery
- Penetration testing
- Reconnaissance
- Vulnerability scanning
THC Hydra (thc-hydra)
Introduction
THC Hydra is a brute-force cracking tool for remote authentication services. It supports many protocols, including telnet, FTP, LDAP, SSH, SNMP, and others.Project details
THC Hydra is written in C.
Strengths and weaknesses
- + More than 25 contributors
- + More than 1000 GitHub stars
- + Project is mature (10+ years)
- + The source code of this software is available
Typical usage
- Penetration testing
- Security assessment
hashcat
Introduction
Hashcat can be used to discover lost passwords, or as part of a security assignment. For example, it could be trying to crack a password from a password file that was obtained during a penetration test.
Project details
hashcat is written in C.
Strengths and weaknesses
- + More than 25 contributors
- + More than 4000 GitHub stars
- + The source code of this software is available
- + Well-known tool
Typical usage
- Password discovery
PassGen
Introduction
PassGen is a tool to help with password dictionary attacks to guess a password. It does not perform the attack but creates the related database.Project details
PassGen is written in Python.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Password discovery
- Password strength testing
- Security assessment
Crowbar
Introduction
While most brute forcing tools take a similar approach, Crowbar can use different methods that are not always available in other utilities. For example, Crowbar can use SSH keys, instead of the typical username and password combination. This might be useful during penetration testing when these type of details are discovered.
Project details
Crowbar is written in Python.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Penetration testing
mimipenguin
Introduction
The tool requires root permissions to work.
Project details
mimipenguin is written in Python, shell script.
Strengths and weaknesses
- + The source code of this software is available
- - No releases on GitHub available
- - Full name of author is unknown
Typical usage
- Information gathering
- Security assessment
not24get
Introduction
API: pwdCheckModule object in ppolicy.
Executable: "check password script" in Samba suite (not24get_check)
This module is a wrapper around libpasswdqc, the library that powers the pam_passwdqc module.
Project details
not24get is written in C.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Password strength testing
Infection Monkey
Introduction
This tool is useful for security assessments to test for weaknesses within the network. By automating the exploitation phase as much as possible, it will help finding any weak targets within the boundaries of the data center.
Project details
Infection Monkey is written in Python.
Strengths and weaknesses
- + More than 25 contributors
- + More than 5000 GitHub stars
- + The source code of this software is available
Typical usage
- Password discovery
- Service exploitation
- System exploitation
RouterSploit
Introduction
RouterSploit is a framework to exploit embedded devices such as cameras and routers. It can be used during penetration testing to test the security of a wide variety of devices. RouterSploit comes with several modules to scan and exploit the devices. The tool helps in all steps, like from credential testing to deploying a payload to perform an exploitation attempt.
Project details
RouterSploit is written in Python.
Strengths and weaknesses
- + More than 50 contributors
- + More than 6000 GitHub stars
- + The source code of this software is available
Typical usage
- Penetration testing
- Self-assessment
- Software testing
- Vulnerability scanning
John the Ripper
Introduction
John the Ripper is a mature password cracker to find weak or known passwords. It works on Linux and other flavors of Unix and Microsoft Windows.
Project details
Some relevant tool missing as an alternative to acccheck? Please contact us with your suggestion.