1. Cainand Abel : The toppassword recovery toolfor Windows UNIX users
often smuglyassert that the best freesecurity tools supporttheir
platform first, andWindows ports are often
an afterthought. They are usually right, but Cain &Abel is a
glaringexception. This Windows-only password recoverytool handles an
enormousvariety of tasks. It can recover passwords bysniffing the
network,cracking encryptedpasswords usingDictionary, Brute-Forceand
Cryptanalysis attacks, recording VoIPconversations, decodingscrambled
passwords,revealing passwordboxes, uncovering cachedpasswords and
analyzing routing protocols
2. John theRipper : Apowerful, flexible, andfast multi-platformpassword
hash cracker Johnthe Ripper is a fast password cracker,currently
available formany flavors of Unix (11are officially supported,not
counting differentarchitectures), DOS, Win32, BeOS, and OpenVMS.
Itsprimary purpose is todetect weak Unixpasswords. It supportsseveral
crypt(3) passwordhash types which are most commonly found onvarious Unix
flavors, aswell as Kerberos AFS andWindows NT/2000/XP LMhashes
3. THC Hydra : A Fastnetwork authentication cracker which supportmany
different services Whenyou need to bruteforce crack a
remoteauthentication service,Hydra is often the tool of choice. It can
performrapid dictionary attacksagainst more then 30protocols, including
telnet,ftp, http, https, smb,several databases, and much more
4. Aircrack : Thefastestavailable WEP/WPAcracking tool Aircrack is a
suiteof toolsfor 802.11a/b/g WEP and WPA cracking. It canrecover a 40
through 512-bit WEP key once enoughencrypted packets have beengathered.
It can alsoattack WPA 1 or 2 networks using advancedcryptographic
methods orby brute force. The suiteincludes airodump (an 802.11packet
captureprogram), aireplay (an 802.11 packet injectionprogram), aircrack
(staticWEP and WPA-PSKcracking), and airdecap(decrypts WEP/WPAcapture
files)
5. L0phtcrack : Windowspassword auditing andrecovery
applicationL0phtCrack, also knownas LC5, attempts to crackWindows
passwords from hashes which it canobtain (given properaccess) from
stand-aloneWindows NT/2000workstations, networkedservers, primary domain
controllers, or ActiveDirectory. In some cases itcan sniff the hashes
off thewire. It also hasnumerous methods ofgenerating password guesses
(dictionary, bruteforce, etc). LC5 wasdiscontinued by Symantec in2006,
but you can stillfind the LC5 installerfloating around. The free trial
only lasts 15 days,and Symantec won't sellyou a key, so you'll
eitherhave to cease using it orfind a key generator.Since it is no
longer maintained, you areprobably better offtrying Cain and Abel, John
theRipper, or Ophcrackinstead.
6. Airsnort : 802.11WEP Encryption Cracking ToolAirSnort is a wireless
LAN(WLAN) tool thatrecovers encryption keys.It was developed by theShmoo
Group and operates by passivelymonitoring transmissions,computing the
encryptionkey when enoughpackets have beengathered. You may also be
interested in the similarAircrack.
7. SolarWinds : Aplethoraof network discovery/monitoring/attack
toolsSolarWinds has created and sells dozens of special-purpose tools
targeted atsystems administrators.Security-related toolsinclude many
networkdiscovery scanners, an SNMP brute-force cracker,router
passworddecryption, a TCPconnection reset program,one of the fastest and
easiestrouter config download/uploadapplications available andmore.
8. Pwdump : A windowpassword recovery toolPwdump is able to extractNTLM
and LanMan hashes from a Windows target,regardless of whetherSyskey is
enabled. It isalso capable of displayingpassword histories if theyare
available. It outputs the data in L0phtcrack-compatible form, and
canwrite to an output file.
9.RainbowCrack : AnInnovative PasswordHash Cracker The RainbowCrack tool
isa hash cracker that makesuse of a large-scale time-memory trade-off.
Atraditional brute forcecracker tries all possible plaintexts one by
one,which can be timeconsuming for complexpasswords.RainbowCrack uses
atime-memory trade-off to do all the cracking-timecomputation in
advanceand store the results in so-called "rainbow tables". Itdoes take a
long time toprecompute the tables but RainbowCrack can behundreds of
times fasterthan a brute force crackeronce the precomputationis
finished.
Post a Comment