Password Cracker

Takes passwords to plaintext, via various means (usually bruteforce)

X-scan

X-Scan is a general scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable. Which X-Scan feature include in the following: service type, remote OS type and version detection, weak user/password pair, and all of the nessus attack scripts combination.

Ophcrack

Ophcrack is a free Windows password cracker that uses rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It uses a GUI and runs on multiple platforms, Although there is an option to allow for Vista, or XP only.

CmosPwd

CmosPwd decrypts password stored in cmos used to access BIOS SETUP. With CmosPwd, you can also backup, restore and erase/kill cmos.

Works with the following BIOSes:
* ACER/IBM BIOS
* AMI BIOS
* AMI WinBIOS 2.5
* Award 4.5x/4.6x/6.0
* Compaq (1992)
* Compaq (New version)
* IBM (PS/2, Activa, Thinkpad)
* Packard Bell
* Phoenix 1.00.09.AC0 (1994), a486 1.03, 1.04, 1.10 A03, 4.05 rev 1.02.943, 4.06 rev 1.13.1107
* Phoenix 4 release 6 (User)
* Gateway Solo - Phoenix 4.0 release 6
* Toshiba
* Zenith AMI

Gerix Wifi Cracker NG

Gerix Wifi Cracker NG is a pretty nice GUI for the Aircrack Suite.

#-- There is litterally a Grandma holding a pistol grip cantenna cracking wifi on thier main page!.

Site Exceprt:

0×01 - Introduction

Here we are to present the new version of Gerix Wifi Cracker NG (New Generation), a really complete GUI for Aircrack-NG which includes useful extras.
Completely re-written in Python + QT, automates all the different techniques to attack Access Points and Wireless Routers (but not only ..)
[...]
Who has never wanted to say something like: “This software is so simple to use, that even my grandmother can use it for cracking wireless networks!”… So, we have really tried this test.

Pwdump

Pwdump or "password dump" is basically what it says it is.
It dumps passwords from a windows host, both lm and ntlm, by use of (or used to use) a dll injection technique in windows.
The data can be written to file and once done, is in l0pht crack compatible format.
See http://www.soldierx.com/tools/L0pht-Crack for further information about l0pht crack and cracking the passwords you just dumped.

L0pht Crack

L0pht Crack was the premier windows password cracking application (back in the day).
Written by a group of hackers called "The L0pht" which was a reference to their apartment/loft they previously rented that was a sort of "safe haven" for hackers and friends a like to come hang out.
L0pht Crack has a multitude of methods for breaking lm and ntlm password hashes to include bruteforce, dictionary attacks, and now rainbow table attacks. Also with the new "L0pht Crack 6" they have now added the ability to break unix/linux password hashes.

Some good/selling points:

THC Hydra

THC is an acronym for "The Hackers Choice"; a group of security experts based out of Germany.
Hydra is their application written for launching brute force password cracking attempts on different protocols.
Commonly used against web and ssh logins, but available for use with other types.
If you run servers and check your /var/log/auth.log text file and see a bunch of wrong connection attempts from the same location to your ssh server, they're probably using this to try and get in.

Currently this tool supports:
TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC,

BarsWF

BarsWF is the worlds fastest md5 bruteforcing password cracker, just in case you didn't already know.
It combines using your computers processor with you graphics cards GPU for computing the largest amount of hashes as quickly as possible. It is not unheard of to get 100's of millions of hashes per second when using this application.

TSGrinder

TSGrinder is the first production Terminal Server brute force tool, and is now in release 2. The main idea here is that the Administrator account, since it cannot be locked out for local logons, can be brute forced. And having an encrypted channel to the TS logon process sure helps to keep IDS from catching the attempts.

TSGringer is a "dictionary" based attack tool, but it does have some interesting features like "l337" conversion, and supports multiple attack windows from a single dictionary file. TSGrinder also supports multiple password attempts in the same connection, and allows you to specify how many times to try a username/password combination within a particular connection (the default is 5) . This is used by hackers to help avoiding detection, because by default after 5 unsuccessful logon attempts, the Terminal Server ends the connection and an event is logged to the Terminal Server event log.

Note that the tool requires the Microsoft Simulated Terminal Server Client tool, "roboclient," which may be found here:
ftp://ftp.microsoft.com/ResKit/win2000/roboclient.zip

KON-BOOT

This tool changes the contents of the Windows/Linux kernel while booting, everything is done virtually - without any interferences with physical system changes. So far following Windows/Linux systems were tested to work correctly with Kon-Boot (however its quite possible
other versions of listed Windows systems may be suitable as well):

Currently supported Microsoft windows systems:
+ Windows Server 2008 Standard SP2 (v.275)
+ Windows Vista Business SP0
+ Windows Vista Ultimate SP1
+ Windows Vista Ultimate SP0
+ Windows Server 2003 Enterprise
+ Windows XP
+ Windows XP SP1
+ Windows XP SP2
+ Windows XP SP3
+ Windows 7

Currently tested Linux systems:
+Gentoo 2.6.24-gentoo-r5
+Ubuntu 2.6.24.3-debug
+Debian 2.6.18-6-6861
+Fedora 2.6.25.9-76.fc9.i6862

Syndicate content