Password Attacks

John the Ripper

C

Fast password cracker. Supports hundreds of hash types and ciphers. CPU and GPU modes.

Hashcat

C

Featured

World's fastest password recovery tool. GPU-accelerated with support for 300+ hash types.

THC Hydra

C

Featured

Fast online password brute-forcer. Supports 50+ protocols including SSH, FTP, HTTP, SMB, MySQL.

Medusa

C

Speedy, parallel, modular brute-forcer. Supports HTTP, MySQL, SMB, SSH, Telnet, and more.

CeWL

Ruby

Custom wordlist generator. Spiders a target site and builds password lists from scraped words.

SecLists

Shell

Featured

The security tester's companion. Huge collection of wordlists - usernames, passwords, URLs, fuzzing payloads, shells.

Mimikatz

C

Featured

Extract plaintext passwords, hashes, PIN codes, and Kerberos tickets from Windows memory.

LaZagne

Python

Password recovery tool. Retrieves stored passwords from browsers, WiFi, databases, sysadmin tools, and more.

Kerbrute

Go

Tool to quickly bruteforce and enumerate valid Active Directory accounts through Kerberos pre-authentication.

Ophcrack

C

Windows password cracker based on rainbow tables - cracks LM and NTLM hashes via time-memory tradeoff.

Name-That-Hash

Python

Instantly identify hash types from unknown hashes - supports 300+ hash formats with confidence ratings.

CUPP

Python

Common User Passwords Profiler. Generates targeted wordlists based on personal information about the target.

Patator

Python

Multi-purpose brute force tool. Modular design for attacking SSH, FTP, HTTP, SMB, LDAP, and dozens of other protocols.

Mentalist

Python

Wordlist generation GUI. Visual chain-based rule builder that outputs wordlists or hashcat/JtR rule files.

Ciphey

Python

AI-powered automated decryption and decoding tool. Feed it encrypted/encoded text and it determines the cipher and decodes it.

hate_crack

Python

Hashcat automation tool with intelligent rule chaining, methodology-based attack workflows, and custom wordlist generation.