Brutus Password Cracker – Download AET2

If you don’t know, Brutus Password Cracker is one of the fastest, most flexible remote password crackers you can get your hands on – it’s also free to download Brutus. It is available for Windows 9x, NT and 2000, there is no UN*X version available although it is a possibility at some point in the future.

Brutus was first made publicly available in October 1998 and since that time there have been at least 70,000 downloads and over 1.6 Million visitors to this page. Development continues so new releases will be available in the near future.

Brutus Password Cracker - Download Brutus AET2

What is Brutus Password Cracker For?

In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system. A common approach (brute-force attack) is to try guesses repeatedly for the password and check them against an available cryptographic hash of the password.

Read more here.

Brutus was written originally to help me check routers etc. for default and common passwords.


Brutus version AET2 is the current release and includes the following authentication types:

  • HTTP (Basic Authentication)
  • HTTP (HTML Form/CGI)
  • POP3
  • FTP
  • SMB
  • Telnet

Other types such as IMAP, NNTP, NetBus etc are freely downloadable from this site and simply imported into your copy of Brutus. You can create your own types or use other peoples.

The current brutus password release includes the following functionality :

  • Multi-stage authentication engine
  • 60 simultaneous target connections
  • No username, single username and multiple username modes
  • Password list, combo (user/password) list and configurable brute force modes
  • Highly customisable authentication sequences
  • Load and resume position
  • Import and Export custom authentication types as BAD files seamlessly
  • SOCKS proxy support for all authentication types
  • User and password list generation and manipulation functionality
  • HTML Form interpretation for HTML Form/CGI authentication types
  • Error handling and recovery capability inc. resume after crash/failure.

There are other options to check out too such as:

JTR (Password Cracking) – John the Ripper 1.7 Released – FINALLY
Bruter 1.0 Released – Parallel Windows Password Brute Forcing Tool

Brutus Password Cracker download here (the password is darknet123): Brutus AET2

Posted in: Hacking Tools, Networking Hacking Tools, Password Cracking Tools, Windows Hacking

, , ,

Latest Posts:

Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.

61 Responses to Brutus Password Cracker – Download AET2

  1. ZDF September 7, 2006 at 6:37 pm #


  2. Emma September 8, 2006 at 12:22 am #

    bebo has been blocked at out school. wats a website that we can get onto it at school?

  3. alex September 8, 2006 at 9:20 pm #

    So why did you have to remove the file due to Homeland Security?

  4. Darknet September 10, 2006 at 6:07 am #

    alex: Because my host pulled the plug on the server until all the files were deleted because they got notifaction that it was malware and contrivined the homeland security act or something like that.

  5. nsidiuz September 11, 2006 at 4:25 am #

    Brutus is a really old tool that hasn’t been updated since 2000. It has always been buggy and slow. The best remote password cracker has to be Hydra, there’s even Windows port.

  6. Darknet September 11, 2006 at 6:21 am #

    There are other alternative too don’t forget..

    Jack the Ripper is still king
    Medusa is good
    Ophcrack for Rainbow Tables
    LCP for a good free alternative to L0phtcrack

  7. nsidiuz September 12, 2006 at 10:05 am #

    Agreed all great tools but your not comparing apples with apples, only Medusa is a *remote* password cracker. Also check out LMCrack for fast offline Windows password cracking.

    Great site, keep up the good work!

  8. Darknet September 12, 2006 at 11:49 am #

    Yah I would agree, thc-hydra probably is the best when it comes to remote, Medusa is looking good though. Will check out LMCrack, will write about it if it’s cool :)

  9. salaikapte September 15, 2006 at 3:45 am #

    I am from myanmar and I used Dial-up connection to Bagan (ISP)

    And I connect from Chin Land (Falam)

    My connection was 30 Kps.

    And Pls advice me… I want to learn more and more about Computer.

  10. Aditya September 16, 2006 at 7:57 pm #

    i downloaded from, but the zip dosen’t contains any exe or something. It contains some .doc files and .bad file.
    How Iam I supposed to make it work ?… I mean from where can I get the UI part as it is not included in download package..

    Any help on this will be greatly appreciated…


  11. Darknet September 20, 2006 at 12:00 pm #

    I just downloaded the file again as a test and the EXE is there named BrutusA2.exe within the from Maybe your net connection is scanned and it was removed as malware?

  12. zuma October 6, 2006 at 12:30 am #

    hello there…where can i get from an very efficient password stealer? please help

  13. Brain devil October 19, 2006 at 10:09 pm #

    Does anyone know how to hack hotmail accounts ?

  14. Fancy October 22, 2006 at 12:35 pm #

    I’m looking for a TOP hacker, to hack a few yahoo screen names. $$ “rewarded” if names are recovered.

    screen name is also the same, or oh_so_fancy

  15. Bigman October 24, 2006 at 2:19 am #

    Does anyone have any info on being able to steal facebook passwords?

  16. Lina Z December 22, 2006 at 10:58 pm #

    Please help me. Can you refer me to someone who can obtain my cheating husbands email password? I need help badly.


  17. reno volpe December 23, 2006 at 6:14 pm #

    I get Brutus

  18. eric January 1, 2007 at 12:03 am #

    i downloaded some prog from your site but whene i extract the files it always askes me for a password can i know what the password is or how to avoid this. (i am subscribed)

  19. Darknet January 1, 2007 at 7:40 am #

    The password would be darknet123

  20. eric January 2, 2007 at 12:29 am #

    thanks man and because i am a newb at hacking how could i penetrate into my friends e-mail? (just a practical joke) nothing evil

  21. adam January 3, 2007 at 4:28 pm #

    what is this for???

  22. eric January 7, 2007 at 1:12 am #

    to spam all of his friends

  23. yso January 16, 2007 at 3:25 pm #


  24. sadwife January 24, 2007 at 6:55 pm #

    Need help cracking facebook password. Will pay for help.

  25. eric January 24, 2007 at 10:46 pm #

    hehehe hom much? i just want to learn how to not have somebody do it 4 me? is there any way u can tell me for free? pleaz :)

  26. mercurysolace January 25, 2007 at 12:54 pm #

    can brutus be used for hacking email – yahoo & hotmail? or even friendster?

  27. cantor January 26, 2007 at 7:17 pm #

    brutus is far from the fastest and most flexible remote password crackers….imo.

  28. another sadwife January 27, 2007 at 12:29 am #

    also need help with cracking password for email from cheating husband. :-( please contact me.

  29. matthew February 2, 2007 at 3:11 am #

    I tried to download Brutus from (the master image)and Avast found a Trojan in the .zip file:

    So much for wanting to try a software that suppose to crack passwords… “Hack to learn” is the motto, eh?

    Nice “touch” inserting a trojan into the zip file just to fuck up with people’s computers, eh ….darknet?
    Good thing Avast rocks and douche bags like you are stopped every now and then.

    Oh, by the way….. specify in the stupid box with “please add 5 and 8” or whatever numbers that what the system requires is not to just write those numbers in the box, but requires a mathematical operation… Who said that all the hackers are smart?

  30. samantha February 24, 2007 at 1:58 pm #

    hi i need help getting a facebook password. can anyone help??? i am willing to pay!

  31. An annoyed male March 7, 2007 at 2:26 am #

    Hi all, I need some help… I need to hack into my ex-girlfriends e-mail account but have no idea how to go about it as i am a complete newbie at this hacking… She is using a freeserve/orange account if that helps and i am willing to pay a reward if anyone has any luck… Cheers

  32. darren March 8, 2007 at 10:37 am #

    can u please tell me how too crack my bebo password.. i have forgotton it and REALLY dont want to set up a new one. thanks!

  33. giokun March 10, 2007 at 1:46 pm #

    ok i already have the brutus thing. but can anyone pls tell me how to use it to steal a password from a yahoo mail account? i have the username, i want to know the password… pls help… (good intentions)

  34. solusvir March 11, 2007 at 8:12 pm #

    yea ok… i’ve got the Brutus, but how do i use it crack yahoo/hotmail passwords? can u plz help?

  35. Bastard March 14, 2007 at 4:04 am #

    Being a programmer myself, getting software for free even with a trojan is worth it. I used to add keyloggers into my programs to see what people did with them and I could know every word they typed on their computers, you wouldnt believe how dumb ppl are.
    Hacking yahoo and other emails accounts are fairly hard but if you know what to do might as well give it a shot.

  36. wulfi March 15, 2007 at 3:16 pm #

    my keylogger doesn’t work with a penson im trying to get a password. i’ve got the Brutus too, but how do i use it crack yahoo/hotmail/gmail passwords too? can u plz help?

  37. john March 19, 2007 at 7:10 am #

    trying to get girlfriends facebook password….willing to pay for quick replys!!!

  38. brian April 3, 2007 at 9:57 pm #

    how do i hack bebo accounts? (some freak is bulling my little sister)

  39. lee April 3, 2007 at 10:55 pm #

    can any one tell me how to install hydra coz i cant do it

  40. ceecee April 17, 2007 at 11:47 am #

    situatuion: someone some how hacked into my bebo and changed my password.. so i tried to reset the password. buut, i cudnt get into my hotmail account, as they changed this password aswel. soo i tried to rest my hotmail password.. but they changed my secret question and i have no idea wat the answer is… any ideas of what to do?

  41. Urboshy May 6, 2007 at 10:45 am #

    Just out of curiocity.. what is Hacking means
    IS It just going on other ppl computer? Or just reading some one’s else email and conversation?

  42. onlyforfun June 25, 2007 at 12:32 pm #

    hello,this is a good site for learing crack, thank you all.

    I am looking for some tools for cracking encrypted proxy(proxy need username and password), I need it very much.

    would you please tell me?

    thanks in advance

  43. Des August 5, 2007 at 12:41 pm #

    Please can someone tell me why Brutus will tell me there is ‘positive authentication’ with a certain user name but it will not tell me the password. I’ve tried it in ‘brute force’ mode but it does exactly the same. Thanks in advance.
    Also, Bastard, I tried your link for the tutorials but it doesn’t seem to work.
    Thanks again.

  44. Des August 5, 2007 at 6:17 pm #

    Now it keeps giving me a one letter password (different each time), or telling me the password is academia (sometimes academic).
    None of them are right. I don’t understand.
    Am I doing something wrong?
    Please get back to me.

  45. fever April 8, 2008 at 6:46 pm #

    wow didn’t know you could hire a hacker on this site. anyways brute crackers are great if you can’t get the pass any other way. there is always a chance of being detected though. that is if someone is paying attention or setup a tries limit. otherwise it requires password files or hashes or something of the nature to use some of the other progs mentioned.

  46. Marie May 2, 2008 at 1:32 am #

    Can anyone tell me what program would be best to retrieve a password to a blog/message board? Thank you so much.

  47. Bogwitch May 2, 2008 at 8:54 am #

    You will notice that your previos message was deleted by the moderators as you were asking for advice as to how to perform an illegal act.

    I sympathise with your situation but breaking the law will not help you. As you have little knowledge of Information Security, etc, you would get caught and I’m sure you and your daughter would not benefit from that.

    If you are concerned with what your daughter is doing online, might I suggest that you monitor her activities, physically, by locating your computer into a shared area in your house.

    There are other methods which will fall into greyer areas of the law depending on ownership of the computer system, the country you are in, the age of your daughter, etc.

    I apologise if I am coming across as a bit preachy but there is no substitute for proper parenting.

  48. Marie May 2, 2008 at 9:59 am #

    I’m sorry, but you may be confused. I posted right above your last post (my post is still there and hasn’t been removed) and I do not have a daughter. I have no idea what you’re talking about. The same message was also sent to my private email, so I think you accidentally answered me but meant to answer someone else. Please see my post above. Thank you.

  49. Bogwitch May 2, 2008 at 11:24 am #

    My apologies,

    Someone using the exact same name posted a message onto this thread asking the same question as you, although with a bit more detail, that message was deleted by the moderators. I assumed that Marie and Marie were the same person.

    Easy mistake to make!

  50. Marie May 2, 2008 at 1:46 pm #

    No problem at all. I should have used a symbol after my name but didn’t notice the other user. BTW, is my question one that you can answer or does it fall into the same category as the other Marie? Thank you

  51. Bogwitch May 2, 2008 at 9:00 pm #

    I’ll try.
    If you want to retrieve a password for a blog or message site, there is usually a link to follow entitled ‘Forgot password?’ or similar, that would be the way to go.

  52. Takehiko May 4, 2008 at 9:32 am #

    Ummm….Okay it goes like this. I really wanna learn some what of hacking just to get to know what I might deal with in the future with me getting more indepth with computers. I’ve tried to download Brute Force but for some reason everytime I go to -or what ever it is- the web page doesn’t load. Could anyone give me another site or something, I’m new to this but I really wanna learn.

  53. Johnny May 11, 2008 at 8:12 am #

    common guys google-it and you find plentiful downloads

    Can I also suggest something: Why not move this website some on a Russian server? At lease no homeland narrow-minded idiots will interfere :)

  54. deeofborg May 20, 2008 at 2:27 am #

    Johnny you so right haha i love ? ????? ??? ???????? ????? lol

  55. watcher May 20, 2008 at 1:59 pm #

    brutus was pretty awesome back in the day, its still a great program for someone taking their first steps in to password auditing.
    If a new version came out I’d personally love to see it be able to compete with hydra as far as performance, and effectiveness.

  56. grav June 28, 2008 at 7:56 pm #

    Has anybody found that brute force hacking is highly ineffective?
    The best way is to find some vulnerability on the page and exploit it.
    I think brute force should be the last thing tried.
    FOr one thing, it is highly suspicious in the logs as having one IP address go through a couple hundred, or even thousand, tries to log in unsuccessfully!

  57. Navin June 29, 2008 at 5:28 am #

    @ phantom, it’d depend on the type of “login” used to hook onto the MMORPG server

    @grav obviously man, and now some servers prevent multiple login attempts from a given ip to prevent such attacks…. thats the reason phishing is preferred….most skiddies go for it and succeed coz us humans are after all the dumbest species in the universe!!The percentage of people who know even a bit about ARP poisoning or BlindSQL attacks is miniscule outside the security professional world

  58. zupakomputer June 30, 2008 at 4:54 pm #

    Well, thanks for that gem of wisdom there hikup.

    I’d agree with grav there too – even if you sit behind an fortress doing brute attacks, you’re going to get seen by someone. Maybe not the people who are meant to be the network admin on the sites or servers being bruted – but someone is going to see that traffic, and they’ll certainly be taking all kinds of interests in you or at the least, your own hardware / network / etc.

    I think brutes are best used – in testing, cause you need to account for the possibility of someone else (or their botnet) using such methods, and not-online brutes, eg – decrypting a drive or some such that you have actually with you. Which is also of course, why they are legit apps also.

  59. grav June 30, 2008 at 6:16 pm #

    The best way to get a password – or for that matter any personal information is social engineering. A system can be impenetrable, but there is always one flaw, and that is the human element. Social engineers run the most risks (there is no proxy string to hide behind)
    but in the long run, they are the ones that get the most out of anything with the least amount of actual “hacking”

    A really good example is with the “hacking” of Paris Hilton’s SideKick. The ppl who stole all of her photos and stuff were pretty much hacking amateurs, but they were able to convince one of the T-Mobile personnel to give them the correct access codes and such to allow them to pull off the “heist”

    Its the same thing with brute forcing, either you can try to brute force a website or ftp server or whatever, or with a quick phone call, you can find out everything you wanted to find out.

  60. zupakomputer June 30, 2008 at 7:11 pm #

    ? – the personnel shouldn’t ever have anyone’s actual passwords and details to give away, they’re only allowed to reset passwords.

    And that shouldn’t ever happen over a phonecall, unless you can verify the number calling and say they use a videophone and then you can see it’s them too.

    Mind you T-mobile are off their heads so that doesn’t surprise me anyway.

  61. dakota September 9, 2008 at 10:05 pm #

    Interested in getting as much info on this program as possible. Im trying to bruteforce or dictionary attack a router login, and keep getting timeout/throttle and no results (allready have password and login) ….just curious