It is a very efficient implementation of rainbow tables done by the inventors of the method.
Ophcrack is a Windows password cracker based on rainbow tables. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords.
Ncrack is a high-speed network authentication cracking tool. The goal is to support as many services which allow remote authentication as possible. Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. It can be used to quickly check for the usefulness of credentials across a network over SMB. Keimpx is an open source tool, released under a modified version of Apache License 1.1. FSCrack is a front end for John the Ripper (JtR) that provides a graphical user interface (GUI) for access to most of JtR’s functions.Ī very fast network logon cracker which support many different services.Number one of the biggest security holes are passwords, as every password security study shows. John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS.
It allows easy recovery of various kind of passwords by sniffing the network.ĬacheDump, licensed under the GPL, demonstrates how to recover cache entry information: username and MSCASH. »Passwords »Scanning »Sniffer ✾numeration »Networking Tools »Wireless ✻luetooth »Web Scanners ✽atabase »Vuln Scanners »Vuln Apps »Live CD PasswordsĬain & Abel is a password recovery tool for Microsoft Operating Systems. If you have suggestions or links to tools/scripts to submit, please do, you can fork, edit, send a pull request or you can leave a comment on the wiki page here, your name or github page will be credited. Although some of the tools could be listed in more than one category, they only appear in the list only once, under its primary category.
Most of the tools are open source/free with a couple of exceptions,īefore using any tools, i recommend that you read the instructions/documentation available on each of the individual tool's websites. These tools are created for the sole purpose of security awareness and education, they should not be used against systems that you do not have permission to test/attack.
These tools are specifically aimed toward security professionals and enthusiasts/hobbyists for testing and demonstrating security weaknesses. Here is a list of security tools that have been collected from the internet.