A single weak password exposes your entire network to an external threat. Password hacking is one of the most critical and commonly exploited network security threats. In many ways, passwords should be viewed as your first line of defense where protecting your company’s data is concerned. The huge number of data breaches occurs because someone was careless with their password and it fell into the wrong hands.

Weak passwords are easy to break, while complex passwords are difficult to memorize. Having an elaborate security policy is a great way to ensure the security of your network. Moreover, Password auditing tools are also used to examine the security of your network by attempting to break into the network. It tries common attacks on the account passwords in an attempt to recover a password of a user account.

The Password Auditor allows, carrying out a password audit within a limited period. If it is possible for a Password Auditor to recover a password within a reasonable time, the entire network cannot be considered secure.

There are several methods used by password auditors for testing and recovering passwords, including Bruteforce attack, mask attack, dictionary search and rainbow table attack. Moreover, there are many password auditing tools available to perform password auditing.

Here is a list of some best password auditing tools that are being used and preferred as a best password auditing tool in the field.

RainbowCrack

The RainbowCrack uses Philippe Oechslin’s faster time-memory trade-off technique. This brute force hash cracker generates all possible plaintexts and compute the corresponding hashes on the fly, then compare the hashes with the hash to be cracked. Once a match is found, the plaintext is found. If all possible plaintexts are tested, and no match is found, the plaintext is not found. With this type of hash cracking, all intermediate computation results are discarded.

The RainbowCracker requires a pre-computation stage, at the time all plaintext/hash pairs within the selected hash algorithm, charset, plaintext length is computed, and the results are stored in files called rainbow table. It is time-consuming to do this kind of computation. However, once the one-time pre-computation is finished, hashes stored in the table can be cracked with much better performance than a brute force cracker.

Features:

  • Full time-memory tradeoff tool suites, including rainbow table generation, sort, conversion and lookup
  • Support rainbow table of any hash algorithm
  • Support rainbow table of any charset
  • Support rainbow table in raw file format (.rt) and compact file format (.rtc)
  • Computation on multi-core processor support
  • GPU acceleration with NVIDIA GPUs (CUDA technology)
  • GPU acceleration with AMD GPUs (OpenCL technology)
  • GPU acceleration with multiple GPUs
  • Runs on Windows operating systems
  • Windows XP 32-bit / 64-bit
  • Windows Vista 32-bit / 64-bit
  • Windows 7 32-bit / 64-bit
  • Windows 8 32-bit / 64-bit
  • Runs on Linux operating systems (x86 and x86_64)
  • Unified rainbow table file format on all supported operating systems
  • Command line user interface
  • Graphics user interface

http://sectools.org/tool/rainbowcrack/

RainbowCrack can be downloaded from here.

Wfuzz

Wfuzz is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc.), brute force GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP, etc.), brute force Forms parameters (User/Password), Fuzzing, etc.

It was created to facilitate the task in web application assessments. It can also be used to find hidden resources like directories, servlets, and scripts.

Features:

  • Multiple Injection points capability with multiple dictionaries
  • Recursion (When doing directory brute force)
  • Post, headers and authentication data brute forcing
  • Output to HTML
  • Colored output
  • Hide results by return code, word numbers, line numbers, regex.
  • Cookies fuzzing
  • Multi-threading
  • Proxy support
  • SOCK support
  • Time delays between requests
  • Authentication support (NTLM, Basic)
  • All parameters brute forcing (POST and GET)
  • Multiple encoders per payload
  • Payload combinations with iterators
  • Baseline request (to filter results against)
  • Brute force HTTP methods
  • Multiple proxy support (each request through a different proxy)
  • HEAD scan (faster for resource discovery)
  • Dictionaries tailored for known applications (Weblogic, iPlanet, Tomcat, Domino, Oracle 9i, Vignette, Coldfusion and much more).

Payloads:

  • File
  • List
  • hexrand
  • range
  • names
  • hexrange

Encodings:

  • random_uppercase
  • urlencode
  • binary_ascii
  • base64
  • double_nibble_hex
  • uri_hex
  • sha1
  • md5
  • double_urlencode
  • utf8
  • utf8_binary
  • HTML
  • HTML decimal
  • custom

http://www.mogozobo.com/?p=2123

Wfuzz can be downloaded from here.

Cain and Abel

Cain and Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kinds of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force, and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

Cain and Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons.

Features:

  • WEP cracking
  • Speeding up packet capture speed by wireless packet injection
  • Ability to record VoIP conversations
  • Decoding scrambled passwords
  • Calculating hashes
  • Traceroute
  • Revealing password boxes
  • Uncovering cached passwords
  • Dumping protected storage passwords
  • ARP spoofing
  • IP to MAC Address Resolver
  • Network Password Sniffer
  • LSA secret dumper

http://www.dobreprogramy.pl/Cain-and-Abel,Program,Windows,12813.html

Cain and Abel can be downloaded from here.

Ethical Hacking Training – Resources (InfoSec)

THC Hydra

When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including Telnet, FTP, HTTP, https, smb, several databases, and much more.

THC Hydra is a fast network logon password cracking tool. When it is compared with other similar tools, it shows why it is faster. New modules are easy to install in the tool. You can easily add modules and enhance the features. It is available for Windows, Linux, Free BSD, Solaris and OS X.

https://n0where.net/very-fast-network-logon-cracker-thc-hydra/

THC-Hydra can be downloaded from here.

Ncrack

Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. It allows for rapid, yet reliable, large-scale auditing of multiple hosts.

Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated brute forcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and much more. Protocols supported include RDP, SSH, HTTP(S), SMB, POP3(S), VNC, FTP, SIP, Redis, PostgreSQL, MySQL, and Telnet.

https://nmap.org/ncrack/

Ncrack can be downloaded from here.

The list is not limited to above-defined tools; there are some password auditing tools available, and most of them are pretty good and secure. You will want to evaluate them to find the one that best suits your needs, but at the root, they all work along the same principles.