Whenever confidentiality and access levels are defined, password is used to give certain access to users. User protects their personal details with strong passwords. However, many password cracking tools have been created to crack the passwords.

There are many password cracking tools available for free and paid as well. Today we are going to discuss about some most recommended password cracking tools that security professionals uses.

Aircrack

It is used to recover wireless keys. It implements the best known cracking algorithms once enough encrypted packets are gathered. Aircrack is a suite of tools for 802.11 a/b/g WEP and WPA cracking. The suite comprises of many tools like airodump, aireplay, aircrack, airdecap for capturing wireless communications packets.

Cain and Abel

Cain and Abel is Windows-only password cracking tools that many cyber security professional uses to recover passwords. It sniffs the network, cracks encrypted password using dictionary. This tool is able to attack by brute force and cryptanalysis techniques and can also record VoIP communications, uncover cache passwords, revealing password boxes and analyzing routing protocols.

THC Hydra

Most cyber security professional choose THC hydra when they need to crack remote authentication service using brute force attack. It can perform rapid dictionary attack against more than 50 protocols, which includes http, ftp, https, smb and several databases.

Ophcrack

It’s a Windows password cracking tool, although it can be run on Linux, Windows and Mac also. It includes many features like LM and NTLM hash cracking, GUI, can load hashes from encrypted SAM recovered from Windows partition and a live CD version.

Medusa

Medusa is a tool that fast, modular, and massively parallel brute force logger. It supports many protocols like AFP, cvs, ftp, http, imap, SSH and other.

Fgdump 

Fgdump is the tool for extracting NTLM and LanMan password hashesfrom Windows. Fpdump attempts to disable antivirus software before initiating. It then runs pwdump, cachedump (cached credentials dump), and pstgdump (protected storage dump). It is also capable of displaying password histories if available.

L0phtCrack

L0phtCrack is a Windows based password cracking tool, which attempts cracking using hashes. Hashes can be obtained from stand-alone Windows workstation, network servers or active directories.  It also has various methods of generating passwords (dictionary, brute force, etc).

RainbowCrack

The RainbowCrack tool is a hash cracking tool that makes use of a large-scale time-memory trade-off. An ordinary brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. While, RainbowCrack uses a time-memory trade-off to do all the pre cracking-time computation and store the results in tables called “rainbow tables”. It does take a long time to pre compute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the pre-computation is finished.

Brutus

Brutus is a free and Windows-only password cracker that uses dictionary against network services of remote system to recover password. It supports http, pop3, ftp, smb, telnet, imap and other protocols.

Wfuzz

Wfuzz is a brute forcing tool for Web Applications, cyber security professionals uses this tool for finding resources like directories, servlets, scripts, bruteforcing GET and POST parameters for different kinds of injections (SQL, XSS, LDAP, etc.) and brute forcing form parameters (user/password), fuzzing and more.

Password cracking tools are not limited to these only there are many other tools as well. Many cyber security professional recommends these tools to recover passwords.