1. Cainand Abel : The toppassword recovery toolfor Windows UNIX users often smuglyassert that the best freesecurity tools supporttheir platform first, andWindows ports are often
an afterthought. They are usually right, but Cain &Abel is a glaringexception. This Windows-only password recoverytool handles an enormousvariety of tasks. It can recover passwords bysniffing the network,cracking encryptedpasswords usingDictionary, Brute-Forceand Cryptanalysis attacks, recording VoIPconversations, decodingscrambled passwords,revealing passwordboxes, uncovering cachedpasswords and analyzing routing protocols
2. John theRipper : Apowerful, flexible, andfast multi-platformpassword hash cracker Johnthe Ripper is a fast password cracker,currently available formany flavors of Unix (11are officially supported,not counting differentarchitectures), DOS, Win32, BeOS, and OpenVMS. Itsprimary purpose is todetect weak Unixpasswords. It supportsseveral crypt(3) passwordhash types which are most commonly found onvarious Unix flavors, aswell as Kerberos AFS andWindows NT/2000/XP LMhashes
3. THC Hydra : A Fastnetwork authentication cracker which supportmany different services Whenyou need to bruteforce crack a remoteauthentication service,Hydra is often the tool of choice. It can performrapid dictionary attacksagainst more then 30protocols, including telnet,ftp, http, https, smb,several databases, and much more
4. Aircrack : Thefastestavailable WEP/WPAcracking tool Aircrack is a suiteof toolsfor 802.11a/b/g WEP and WPA cracking. It canrecover a 40 through 512-bit WEP key once enoughencrypted packets have beengathered. It can alsoattack WPA 1 or 2 networks using advancedcryptographic methods orby brute force. The suiteincludes airodump (an 802.11packet captureprogram), aireplay (an 802.11 packet injectionprogram), aircrack (staticWEP and WPA-PSKcracking), and airdecap(decrypts WEP/WPAcapture files)
5. L0phtcrack : Windowspassword auditing andrecovery applicationL0phtCrack, also knownas LC5, attempts to crackWindows passwords from hashes which it canobtain (given properaccess) from stand-aloneWindows NT/2000workstations, networkedservers, primary domain controllers, or ActiveDirectory. In some cases itcan sniff the hashes off thewire. It also hasnumerous methods ofgenerating password guesses (dictionary, bruteforce, etc). LC5 wasdiscontinued by Symantec in2006, but you can stillfind the LC5 installerfloating around. The free trial only lasts 15 days,and Symantec won't sellyou a key, so you'll eitherhave to cease using it orfind a key generator.Since it is no longer maintained, you areprobably better offtrying Cain and Abel, John theRipper, or Ophcrackinstead.
6. Airsnort : 802.11WEP Encryption Cracking ToolAirSnort is a wireless LAN(WLAN) tool thatrecovers encryption keys.It was developed by theShmoo Group and operates by passivelymonitoring transmissions,computing the encryptionkey when enoughpackets have beengathered. You may also be interested in the similarAircrack.
7. SolarWinds : Aplethoraof network discovery/monitoring/attack toolsSolarWinds has created and sells dozens of special-purpose tools targeted atsystems administrators.Security-related toolsinclude many networkdiscovery scanners, an SNMP brute-force cracker,router passworddecryption, a TCPconnection reset program,one of the fastest and easiestrouter config download/uploadapplications available andmore.
8. Pwdump : A windowpassword recovery toolPwdump is able to extractNTLM and LanMan hashes from a Windows target,regardless of whetherSyskey is enabled. It isalso capable of displayingpassword histories if theyare available. It outputs the data in L0phtcrack-compatible form, and canwrite to an output file.
9.RainbowCrack : AnInnovative PasswordHash Cracker The RainbowCrack tool isa hash cracker that makesuse of a large-scale time-memory trade-off. Atraditional brute forcecracker tries all possible plaintexts one by one,which can be timeconsuming for complexpasswords.RainbowCrack uses atime-memory trade-off to do all the cracking-timecomputation in advanceand store the results in so-called "rainbow tables". Itdoes take a long time toprecompute the tables but RainbowCrack can behundreds of times fasterthan a brute force crackeronce the precomputationis finished.