eapmd5pass alternatives

Looking for an alternative tool to replace eapmd5pass? During the review of eapmd5pass we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. acccheck (SMB password guessing and dictionary attack tool)
  2. hashcat (password recovery tool)
  3. Patator (multi-purpose brute-force tool)

These tools are ranked as the best alternatives to eapmd5pass.

Alternatives (by score)

56

acccheck

Introduction

The acccheck tool performs a password guessing and dictionary attack on SMB services used to share files and printers.

Project details

acccheck is written in Perl.

Strengths and weaknesses

  • + The source code of this software is available
  • - No updates for a while

Typical usage

  • Password discovery
  • Password strength testing

acccheck review

93

hashcat

Introduction

Hashcat can be used to discover lost passwords, or as part of a security assignment. For example, it could be trying to crack a password from a password file that was obtained during a penetration test.

Project details

hashcat is written in C.

Strengths and weaknesses

  • + More than 25 contributors
  • + More than 4000 GitHub stars
  • + The source code of this software is available
  • + Well-known tool

    Typical usage

    • Password discovery

    hashcat review

    60

    Patator

    Introduction

    Patator is based on similar tools like Hydra, yet with the goal to avoid the common flaws these tools have like performance limitations. The tool is modular and supports different types of brute-force attacks or enumeration of information.

    Project details

    Patator is written in Python.

    Strengths and weaknesses

    • + More than 500 GitHub stars
    • + The source code of this software is available

      Typical usage

      • Password discovery
      • Penetration testing
      • Reconnaissance
      • Vulnerability scanning

      Patator review

      100

      THC Hydra (thc-hydra)

      Introduction

      THC Hydra is a brute-force cracking tool for remote authentication services. It supports many protocols, including telnet, FTP, LDAP, SSH, SNMP, and others.

      Project details

      THC Hydra is written in C.

      Strengths and weaknesses

      • + More than 25 contributors
      • + More than 1000 GitHub stars
      • + Project is mature (10+ years)
      • + The source code of this software is available

        Typical usage

        • Penetration testing
        • Security assessment

        THC Hydra review

        60

        Crowbar

        Introduction

        While most brute forcing tools take a similar approach, Crowbar can use different methods that are not always available in other utilities. For example, Crowbar can use SSH keys, instead of the typical username and password combination. This might be useful during penetration testing when these type of details are discovered.

        Project details

        Crowbar is written in Python.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Penetration testing

          Crowbar review

          56

          mimipenguin

          Introduction

          The tool requires root permissions to work.

          Project details

          mimipenguin is written in Python, shell script.

          Strengths and weaknesses

          • + The source code of this software is available
          • - No releases on GitHub available
          • - Full name of author is unknown

          Typical usage

          • Information gathering
          • Security assessment

          mimipenguin review

          60

          not24get

          Introduction

          API: pwdCheckModule object in ppolicy.
          Executable: "check password script" in Samba suite (not24get_check)

          This module is a wrapper around libpasswdqc, the library that powers the pam_passwdqc module.

          Project details

          not24get is written in C.

          Strengths and weaknesses

          • + The source code of this software is available

            Typical usage

            • Password strength testing

            not24get review

            60

            PassGen

            Introduction

            PassGen is a tool to help with password dictionary attacks to guess a password. It does not perform the attack but creates the related database.

            Project details

            PassGen is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available

              Typical usage

              • Password discovery
              • Password strength testing
              • Security assessment

              PassGen review

              78

              django-two-factor-auth (Django Two-Factor Authentication)

              Introduction

              A complete Two-Factor Authentication for Django. It leverages the django-otp tooling together with Django's authentication framework.

              Project details

              81

              Fail2ban

              Introduction

              Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks

              Project details

              Fail2ban is written in Python.

              Strengths and weaknesses

              • + More than 2000 GitHub stars
              • + The source code of this software is available

                Typical usage

                • Network traffic filtering
                • Security monitoring

                Fail2ban review

                85

                LogonTracer

                Introduction

                LogonTracer is a tool to investigate malicious logins from Windows event logs with visualization capabilities.

                Project details

                LogonTracer is written in Python.

                Strengths and weaknesses

                • + More than 500 contributors
                • + The source code of this software is available

                  Typical usage

                  • Criminal investigations
                  • Digital forensics
                  • Learning

                  LogonTracer review

                  74

                  Yosai

                  Introduction

                  Yosai is a security framework for Python applications and adds authentication, authorization, and session management capabilities. Features include Role-Based Access Control (RBAC), two-factor authentication, and Time-based One-Time Passwords (TOTP). Besides a focus on the authentication and authorization, Yosai enables an audit trail of all relevant events.

                  As each framework comes with some overhead, Yosai aims to leverage caching and serialization where possible.

                  Project details

                  Yosai is written in Python.

                  Strengths and weaknesses

                  • + The source code of this software is available

                    Typical usage

                    • Application security
                    • Audit logging
                    • Identity and access management

                    Yosai review

                    56

                    John the Ripper

                    Introduction

                    John the Ripper is a mature password cracker to find weak or known passwords. It works on Linux and other flavors of Unix and Microsoft Windows.

                    Project details

                    Some relevant tool missing as an alternative to eapmd5pass? Please contact us with your suggestion.