cewl -h
Kali Linux is a powerful operating system that includes a wide range of password cracking tools, making it essential for security professionals and penetration testers. In this article, I will provide a list of the best password attack tools available in Kali Linux 2021. These tools are open source and can be directly accessed in Kali by default.
One of the tools is CeWL, which is a Ruby application used for crawling specified URLs to a specified depth. It can also follow external links and generate a word list that can be used with tools like John the Ripper for password cracking. CeWL is primarily used to extract keywords from websites to create password dictionaries.
Another tool is Crunch, which is a dictionary generation tool that quickly generates all possible password combinations. It supports combinations of numbers, symbols, uppercase and lowercase letters. For example, you can generate a password dictionary with four-digit combinations using Crunch.
Hashcat is one of the most popular and fastest password recovery tools available. It supports five unique attack modes and over 300 highly optimized hash algorithms. Hashcat can utilize CPU, GPU, and other hardware accelerators, and it also supports distributed password cracking. It offers various options to customize and configure during the password recovery process.
John is a reliable and fast password cracking tool that comes with multiple cracking modes and supports various hash types by default, including DES, MD5, Blowfish, and more. It can handle SHA hashes, Sun MD5 hashes, OpenSSH private keys, PDF files, ZIP, RAR archives, and more.
Medusa is a brute-force login tool designed for speed, reliability, and modularity. It supports parallel testing with multiple threads and offers flexibility in terms of user input. Medusa supports various protocols such as SMB, HTTP, POP3, MSSQL, and SSH version 2.
Wordlists is a password attack tool that includes a wordlist and symbolic links to several password files in the Kali Linux distribution. It provides a collection of commonly used passwords and wordlists.
Hydra is a centralized parallel login cracker that supports multiple attack protocols. It is highly flexible, fast, and reliable, and can be customized by adding new modules. Hydra can be used for unauthorized access to systems and supports various protocols such as FTP, SSH, SMTP, MySQL, and more.
Ncrack is a fast network authentication cracking tool that helps organizations protect their networks from password attacks. It searches for weak passwords by testing hosts and network devices. Ncrack works similar to the NMAP tool and has a dynamic engine to handle network feedback. It supports protocols like SSH, FTP, HTTPS, TELNET, and more.
Mimikatz is a C language tool designed for Windows security. It extracts passwords, PINs, hashes, and Kerberos tickets from the host’s memory and saves them in plain text files. Mimikatz provides services like pass-the-ticket, pass-the-hash, and building golden tickets.
In conclusion, Kali Linux offers a comprehensive set of password cracking tools that are essential for security professionals and penetration testers. These tools provide various methods and techniques to recover passwords and test the security of systems and networks.