| Name
| Compat
| Description
|
| Aircrack-ng
| 
| 02.11 WEP and WPA-PSK keys cracking program based on captured data packets
|
| Airsnort
|
| Not maintained anymore. Has been replaced by aircrack-ng
|
| BruteSSH
| 
| Python based SSH brute force cracker
|
| Brutus
|
| Brutus is a fast and flexible remote password cracker available for Windows
|
| Burp Intruder
|
| Burp Intruder is a module of BurpSuite. It enables to automatize pentesting on web applications.
|
| Cain-Abel
|
| Password recovery tool for Windows. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
|
| Crowbar (SensePost)
|
| Crowbar is a generic password cracker for web applications, also enabling to crack cookies by fuzzing methods
|
| Hydra (THC)
|
| Very complete password cracker which understands a lot of protocols
|
| JHijack (YGN Ethical Hacker Group)
|
| Fuzzer in Java, mainly used for session stealing and paramaters enumeration
|
| John The Ripper
|
| One of the most famous password cracker, based on brute force and words lists
|
| L0phtcrack
|
| Password cracker for Windows and *nix systems. Package includes nice functionalities, such as scheduling, hash extraction from 64 bit Windows versions, multiprocessor algorithms, and networks monitoring and decoding.
|
| Lcrack (Lepton's Crack)
|
| Generic password cracker based on both dictionary-based (wordlist) and brute force (incremental) password scan, including the use of regular expressions. Supports MD4, MD5, NT MD4/Unicode, Lotus Domino HTTP password (R4), and SHA-1 hash formats.
|
| Medusa
|
| Medusa is a fast parallel login brute-forcer. Many services implemented.
|
| mysqlbrute
|
| Brute force tool against MySQL databases
|
| ncrack
|
| High-speed network authentication cracking tool based on Nmap syntax
|
| Ophcrack
|
| Free Windows password cracker based on rainbow tables
|
| Pwdump
|
| Not really a brute forcer. Pwdump extracts NTLM and LanMan hashes from a Windows target, and displays password history. It outputs the data in a L0phtcrack-compatible form, and can write to an output file.
|
| RainbowCrack
|
| Tool for Windows, enabling to crack hashes with rainbow tables.
|
| sqlninja
|
| Test various SQL injections, escalate privileges, bruteforce passwords on SQLServer databases
|
| SSHatter
|
| Perl based SSH brute force cracker
|
| W3AF (basicAuthBrute module)
|
| This W3AF module enables to brute force basic HTTP authentications
|
| Wikto (SensePost)
|
| Enables to display hidden parts of a Web application by brute forcing directories
|
