Archive | Password Cracking


22 July 2008 | 80,752 views

TSGrinder – Brute Force Terminal Services Server

This is a tool that has been around quite some time too, it’s still very useful though and it’s a very niche tool specifically for brute forcing Windows Terminal Server. TSGrinder is the first production Terminal Server brute force tool, and is now in release 2. The main idea here is that the Administrator account, [...]

Continue Reading


28 May 2008 | 13,994 views

fgdump 2.1.0 and pwdump 1.7.1 Released – Dump LanMan & NTLM Hashes

The major change is both tools now support 64-bit targets! Good news for us. pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on pwdump3e, and should be stable on XP SP2 and 2K3. [...]

Continue Reading


14 February 2008 | 495,076 views

Password Cracking Wordlists and Tools for Brute Forcing

I quite often get people asking me where to get Wordlists, after all brute forcing and password cracking often relies on the quality of your word list. Do note there are also various tools to generate wordlists for brute forcing based on information gathered such as documents and web pages (such as Wyd – password [...]

Continue Reading


31 January 2008 | 43,093 views

Bruter 1.0 Released – Parallel Windows Password Brute Forcing Tool

Bruter 1.0 BETA 1 has been released. Bruter is a parallel login brute-forcer. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of Bruter is to support a variety of services that allow remote authentication. Bruter is a tool for the Win32 platform only. PROTOCOL SUPPORT It currently supports the [...]

Continue Reading


19 December 2007 | 14,221 views

Inguma 0.0.6 Released for Download – Free Pen-testing Framework

Quite a few people seem to be interested in this tool, so here is the latest revision – Inguma 0.0.6. For those that don’t know, Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, [...]

Continue Reading


16 November 2007 | 67,419 views

Medusa 1.4 – Parallel Password Cracker Released for Download

It’s been a long time coming but here it is, after almost a year (Remember Medusa 1.3?) finally version 1.4 is here! Version 1.4 of Medusa is now available for public download! What is Medusa? Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. The Key [...]

Continue Reading


14 November 2007 | 8,435 views

Inguma 0.0.5 Released for Download – Penetration Testing Toolkit

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler. We did mention it back in August when it first hit the streets. With new QT interface: If you haven’t used [...]

Continue Reading


09 November 2007 | 34,706 views

Graphics Cards – The Next Big Thing for Password Cracking?

Interesting research from Elcomsoft, using the parallel processing capacity of graphics cards to speed up the password cracking process. Pretty inventive thinking, as graphics cards get more and more powerful, and they are created to do massive parallel tasks for all the latest and greatest games, why not apply it to password cracking! A technique [...]

Continue Reading


02 November 2007 | 11,723 views

Pass-The-Hash Toolkit v1.1 Available for Download

The concept of passing the hash on Windows came about a while ago, now there’s a tool for it in it’s second revision (which fixed some problems with foreign language Windows versions and Windows 2003). The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These [...]

Continue Reading


31 August 2007 | 46,142 views

Download pwdump6 and fgdump version 1.6.0 available now.

New versions of the excellent pwdump6 and fgdump have been released (1.6.0 for both!). For those that don’t know what pwdump or gfdump are.. pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on [...]

Continue Reading