Sunday, December 20, 2015

TOP 5 PASSWORD CRACKING TOOLS

Password cracking tools are often refereed to as password recovery tools used to guess or restore a password from a data transmission system. Security researchers and penetration testers also use these tools to check the security of an application.
It is an undeniable fact that in cyber security passwords are the most vulnerable security links. But if the password is too complicated the user might not remember it. These tools are useful when user forgets their passwords but hackers also use them to crack passwords of systems and stole data.




There are many type of password cracking tools. Some uses dictionaries of their own to crack a password, those tools have a combination of words but it will take hours or even days if the users password is complicated one. Plus the success rate of these tools are also not very high.

Programmers in past few years has introduced different password cracking tools in the market, some of them are highly successful in terms of results. Here we shortlisted the top 5 most successful password cracking tools available in the market.


1. Medusa
Medusa is a highly rated password cracking tool which runs on Linux OS. It is highly rated among network administrators who keep checking their firms passwords time by time to ensure they cannot be cracked easily. This tools can provide you a result about how strong your organizations passwords are. It supports NNTP, FTP, CVS, HTTP, IMAP, MYSQL, NCP,AFP, POP3, MS SQL, PostgreSQL, pcAnywhere, rlogin, SMB, rsh, SMTP, SNMP, SSH, SVN, VNC, VmAuthd and Telnet. While cracking the password, host, username and password can be flexible input while performing the attack.
2. Wfuzz
Wfuzz cracks passwords with brute forcing another famous password cracking tool. Wfuzz can be used to find unlinked resources like servelts,scripts and directories.Wfuzz is based on dictionaries and ranges, user just had to choose where he want to bruteforce just by changing the part of URL or the post by keyword Fuzz. Some top features of Wfuzz are; Recursion, Multiple Injection points capability with multiple dictionaries, Output to HTML and many more.

3. Brutus
Brutus is a popular password cracking tool which can be used remotely. Brutus is available in the market since 2000, but it only works in Windows OS. It supports HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet and other types such as IMAP, NNTP, NetBus, etc. The latest version of Brutus contains features like; HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, Telnet, SMB. Another feature in this tool is that user can create their own authentication types. The tool is old but still it is providing desired results.

4. John the Ripper
John the Ripper is another widely used open source password cracking tool, works on Linux, Windows, Unix, and Mac OS X. Its basic purpose is to detect weak passwords in Unix. A pro version of this tool is also available in the market right now with additional features, and its pretty cheap.


5. Cain and Abel
This tool operates on Microsoft OS only but the sucess rate is very high. The tool operates as a sniffer in the network, it cracks the encrypted passwords through the dictionary attacks, recording VoIP conversations, brute force attacks, cryptanalysis attacks, revealing password boxes, uncovering cached passwords, decoding scrambled passwords, and analyzing routing protocols.

0 yorum:

Post a Comment