The
best password crackers. The list made from all password breakers from all over
the globe including versions from UNIX and windows as well.
1. Cain and Abel :
The
top password recovery tool for Windows
UNIX users often smugly assert that the best free security tools support their
platform first, and Windows ports are often an afterthought. They are usually
right, but Cain & Abel is a glaring exception. This Windows-only password
recovery tool handles an enormous variety of tasks. It can recover passwords by
sniffing the network, cracking encrypted passwords using Dictionary,
Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding
scrambled passwords, revealing password boxes, uncovering cached passwords and
analysing routing protocols.
2. John the Ripper :
A
powerful, flexible, and fast multi-platform password hash cracker
John the Ripper is a fast password cracker, currently available for many
flavors of Unix (11 are officially supported, not counting different
architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect
weak Unix passwords. It supports several crypt(3) password hash types which are
most commonly found on various Unix flavors, as well as Kerberos AFS and
Windows NT/2000/XP LM hashes
3. THC Hydra :
A
Fast network authentication cracker which support many different services
When you need to brute force crack a remote authentication service, Hydra is
often the tool of choice. It can perform rapid dictionary attacks against more
then 30 protocols, including telnet, ftp, HTTP, HTTP, SMTP, several databases,
and much more
4. Air crack :
The
fastest available WEP/WPA cracking tool
Air crack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can
recover a 40 through 512-bit WEP key once enough encrypted packets have been
gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic
methods or by brute force. The suite includes airodump (an 802.11 packet
capture program), airplay (an 802.11 packet injection program), air crack
(static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture
files)
Windows
password auditing and recovery application
L0phtCrack, also known as LC5, attempts to crack Windows passwords from hashes
which it can obtain (given proper access) from stand-alone Windows NT/2000
workstations, networked servers, primary domain controllers, or Active
Directory. In some cases it can sniff the hashes off the wire. It also has
numerous methods of generating password guesses (dictionary, brute force, etc).
LC5 was discontinued by Symantec in 2006, but you can still find the LC5
installer floating around. The free trial only lasts 15 days, and Symantec
won't sell you a key, so you'll either have to cease using it or find a key
generator. Since it is no longer maintained, you are probably better off trying
Cain and Abel, John the Ripper, or Ophcrack instead.
6. Airsnort :
802.11
WEP Encryption Cracking Tool
AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It was
developed by the Shmoo Group and operates by passively monitoring transmissions,
computing the encryption key when enough packets have been gathered. You may
also be interested in the similar Aircrack.
7. SolarWinds :
A
plethora of network discovery/monitoring/attack tools
Solar Windshas created and sells dozens of special-purpose tools targeted at
systems administrators. Security-related tools include many network discovery
scanners, an SNMP brute-force cracker, router password decryption, a TCP
connection reset program, one of the fastest and easiest router config
download/upload applications available and more.
8. Pwdump :
A
window password recovery tool
Pwdump is able to extract NTLM and LanMan hashes from a Windows target,
regardless of whether Syskey is enabled. It is also capable of displaying
password histories if they are available. It outputs the data in
L0phtcrack-compatible form, and can write to an output file.
9. RainbowCrack :
An
Innovative Password Hash Cracker
The RainbowCrack tool is a hash cracker that makes use of a large-scale
time-memory trade-off. A traditional brute force cracker tries all possible
plain texts one by one, which can be time consuming for complex passwords.
Rainbow Crack uses a time-memory trade-off to do all the cracking-time
computation in advance and store the results in so-called "rainbow
tables". It does take a long time to precomputed the tables but
Rainbow Crack can be hundreds of times faster than a brute force cracker once
the precomputation is finished.
10. Brutus :
A
network brute-force authentication cracker
This Windows-only cracker bangs against network services of remote systems
trying to guess passwords by using a dictionary and permutations thereof. It
supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is
available. UNIX users should take a look at THC Hydra.
