Now this is interesting a proper mathematical calculation for using cloud computing to crack passwords, now Amazon has opened up their EC2 (Elastic Compute Cloud) the cost of massive parallel processing power has come right down.
And guess what, someone thought of using it to crack passwords. It seems the cut-off would be a 12 character [...]

KrbGuess is a small and simple tool which can be used during security testing to guess valid usernames against a Kerberos environment. It allows you to do this by studying the response from a TGT request to the KDC server. The tool works against both Microsoft Active Directory, MIT and Heimdal Kerberos implementations. In addition [...]

You may remember some time back we did a fairly exhaustive post on Password Cracking Wordlists and Tools for Brute Forcing.
Wyd the Password Profiling Tool also does something similar to AWLG but it’s a PERL script rather than being based online.

I’d prefer if AWLG let us download an offline version too personally.
About AWLG
The Associative Word [...]

So it turns out you don’t need any fancy password cracking software like John the Ripper or Cain and Abel you just need a handful of £5 gift vouchers for Marks and Spencers!
But we had discussed this in part before, some people will give out their passwords if you just ask, some if you offer [...]

It’s been a long time coming but here it is, after almost a year (Remember Medusa 1.3?) finally version 1.4 is here!
Version 1.4 of Medusa is now available for public download!
What is Medusa? Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net.
The Key Features are as [...]

Piggy is yet another tool for performing online password guessing against Microsoft SQL servers.
It supports scanning multiple servers using a dictionary file or a file with predefined accounts (username and password combinations).

It’s a pretty simple tool and has a Win32 binary verson – it is a command line tool however.
Piggy v1.0.1 by patrik@cqure.net
——————————–
usage: piggy [options]

options:
[...]

This Phenoelit tool called ObiWaN is written to carry out brute force security testing on Webservers.
The idea behind this is webservers with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. In fact this is the point to start from. Every user with a [...]

Ah another trojan, this time targeting MSN Live logins for. The trojan has been made public by some kind citizen calling himself “Our Godfather” on the BitTorrent network.
The sad thing is…I guess it works and hundreds of people will have installed it.

Malware designed to steal users’ Windows Live Messenger password has been released onto the [...]

THC-Hydra rocks, it’s pretty much the most up to date and currently developed password brute forcing tool around at the moment.
It supports a LOT of services and protocols too.
Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallelized login cracker which supports numerous protocols to attack. [...]

The famous Phenoelit Default Password List has been updated, it’s been quite some time since an update.

http://www.phenoelit.de/dpl/dpl.html
This is a must have resource on your pen-drive and backed up offline somewhere for those important times when you need to know the login for a router/switch