PASSWORD CRACKERS

Using these links you are downloading
the applications from the original host.



Unix Password Crackers Area
crack.html 10045
Crack in one line of perl
crack5.0.tar.gz 2964507
THE UN*X password cracker, by Alec Muffett.
crack_dict.txt.gz 151303
Wordlist for use with Crack.
cracklib.2.7.README 8983
sorry, a description is unavailable.
cracklib.2.7.tar.gz 20901
Proactive Password Sanity Library
cracklib.2.7.tar.gz.sig 293
sorry, a description is unavailable.
cracklib.tar.Z 21792
Proactive password security library by Alec Muffett. Prevent users from choosing "Crack"-able passwords.



Password Crackers Download Area
55hb.sh 939
55hb is a SSH account brute force auditing tool written in expect. Allows you to specify hosts, password lists, and a user.  Homepage: http://www.crimelabs.net.Jose Nazario
55hb_v1.sh.txt 1116
55hb is a SSH account brute force auditing tool written in expect. Allows you to specify hosts, password lists, and a user. Changes: Fixed the code. Now you can specify a user file rather then just using one user to streamline things a little bit and made it so it was more stable and efficient.  Homepage: http://www.crimelabs.net.Jose Nazario
95sscrk.zip 87744
sorry, a description is unavailable.
accp.exe 171451
Accp.exe recovers lost passwords on MS Access 97 mdb files. Ported from Java. By Haris Bjelak
aimpw.zip 31232
AOL Instant Messenger password decoder written in Visual Basic. (Includes source code).
aimr2.zip 261871
Aim Recover 2.0 - Decrypts AIM's passwords when they are stored locally. Can also import Buddy Lists. 256k. By Dark Eclipse Software.
aimrecover.zip 18546
AIM Recover v1.01 - This program decrypts AIM's passwords when they are stored locally (in the registry). By Dark Eclipse Software.
alpr.zip 650682
Advanced Lotus Password Recovery v1.02 is a program to recover lost or forgotten passwords to the files/documents created in IBM/Lotus applications (all versions): Organizer, WordPro, 1-2-3 and Approach. The passwords are recovered instantly; multilingual passwords are supported.  Homepage: http://www.elcomsoft.com/alpr.html.
ami.zip 2639
sorry, a description is unavailable.
amicrack.zip 555
sorry, a description is unavailable.
amidecod.zip 2137
sorry, a description is unavailable.
amidecode.zip 1843
sorry, a description is unavailable.
anv20.zip 11741
sorry, a description is unavailable.
apc.c 5635
apc.c (Another Password Cracker) - Designed to brute force UNIX passwords with standard dictionary-based attack; coded in C. By BiffSocko.
apoc-crack.c 6347
Simple brute force unix password cracker on a single password which try's all combinations of every printable 7-bit ascii character. C code. By Adam Rogoyski.
apoc-crack.pl 5495
Simple brute force unix password cracker on a single password which try's all combinations of every printable 7-bit ascii character. Perl version. By Adam Rogoyski.
archpr.zip 733155
Advanced Archive Password Recovery (or ARCHPR for short) can be used to recover lost or forgotten passwords to ZIP (PKZip, WinZip), ARJ/WinARJ, RAR/WinRAR and ACE/WinACE archives. At the moment, there is no known method to extract the password from such compressed files, so the only available methods are "brute force" and dictionary attacks (for ARJ and ZIP formats, known-plaintext attack is also available).  Homepage: http://www.elcomsoft.com/archpr.html.
arjcrack.zip 17878
sorry, a description is unavailable.
arjcrk.zip 21337
sorry, a description is unavailable.
asmcrk256.zip 236619
ASMCrack v2.56 - ASMCrack is a unix password security tool. It checks the password file by trying whether a given word matches an encrypted password that was within the password file. To do so it uses very speed optimized 386 assembly routines, with pentium alignment and command order optimisations. ASMCrack supports five cracking modes: creating words by the login/geco field of the pwd file, and try these pwds only on the corresponding user, trying words, that are read from a dictionary file, creating words by Brute Force (e.g. aaa aab aac aad aae aaf aag ... zzy zzz), creating words by Smart Force (this is a statistic optimized modification of Brute Force, that is about 15 times more effective when cracking (pronouncable) pwds that only consist of letters), creating words by combining a certain number of syllables, that have been extracted from a dictionary file. ASMCrack supports parallel processing and clustered computing environments for increased cracking speed. This is the first public release of this program and it rivals John the Ripper in performance and speed. By David Kühling. Thanks and greetz to scut for the submission.
authforce-0.9.0.tar.gz 200400
Authforce is a brute force www password strength testing tool.  Homepage: http://kapheine.hypa.net/authforce/index.php.
authforce-0.9.2.pi.tar.gz 23466
Authforce is a brute force www password strength testing tool. Changes: This release features a new, more powerful method for handling password files, memwatch support, fewer memory leaks, and some bugfixes.  Homepage: http://kapheine.hypa.net/authforce/index.php.
authforce-0.9.3.tar.gz 23121
Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords. Changes: This release features fixed and improved session support, the replacement of SIGUSR1 with SIGINT (control-c), almost total memory leak annihilation, and many bugfixes.  Homepage: http://kapheine.hypa.net/authforce/index.php.
authforce-0.9.5.tar.gz 77026
Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords. Changes: This release includes internationalization support, authconf/automake support, and some fixes for compiling on various distributions.  Homepage: http://kapheine.hypa.net/authforce/index.php.
authforce-0.9.6.tar.gz 185598
Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords. Changes: Fixed a bug which caused it to crash on large datafiles.  Homepage: http://kapheine.hypa.net/authforce/index.php.
autohack.zip 50673
sorry, a description is unavailable.
Award.zip 1881
sorry, a description is unavailable.
award.zip 1881
sorry, a description is unavailable.
azpr244.zip 882161
Advanced Zip Password Recovery 2.44 - Nice program, however note that it is shareware that works with limited functionality until you purchase it (cost currently listed at $30). Supports PKZip 1.0 through modern Winzip, all compression methods, can work with a single file, self-extracting archives supported, bruteforce options include password length and customizable character set, dictionary attack, bruteforce with mask/template, suspend/resume. Homepage here.
b4b0-cr4q.c 3099
Password cracker. By b4b0.
bigdict.gz 4167306
sorry, a description is unavailable.
bios -
Various BIOS Crackers
breakzip.zip 37132
Good and fast Zip Cracker
brkarj10.zip 13501
sorry, a description is unavailable.
brutus.pl 5729
Brutus.pl tries to break in remotely using password bruteforcing for TELNET, FTP and POP3 protocols. By Raptor
brutus05.pl 7158
BRUTUS v0.5 is a remote TCP/IP service brute forcer. It tries to break in using TELNET, FTP and POP3 protocols. Login list generation through SMTP vrfy brute-forcing is also supported.  Homepage: http://www.0xdeadbeef.info. By Raptor
Cain10b.zip 181397
Cain is a GUI multithread application that can be used to recover various passwords on Win 95/98 machines. Features: Screen Saver password decoder, Cached resource recover, OSR2/98 PWL password recover, Local Shares quick modification and password recover, Network Shares password recover, Quick change Screen Saver, Network and Windows passwords, Quick toggle "Password Caching" system features, Dictionary and Brute-Force Attacks, much more.
claymore10.zip 14382
sorry, a description is unavailable.
cmos.zip 1316
sorry, a description is unavailable.
cmoscrack.exe 8778
sorry, a description is unavailable.
cops.1.04.README 11719
sorry, a description is unavailable.
cops_dan_farmer.txt 36020
sorry, a description is unavailable.
crack -
Crack 5.0 - UNIX Password Cracker
crack-2a.tgz 1201630
sorry, a description is unavailable.
cracker13.zip 55823
WiCkEd IRC Password Cracker v1.3. 56k. By BEEFCAKE.
crackerjack.zip 155380
sorry, a description is unavailable.
CrackerNcftp.c 4701
This decrypts the safe passwords of NcFtp Homepage: www.geocities.com/cultbh.
crackfaq.zip 2144
sorry, a description is unavailable.
crackpc.zip 4832
sorry, a description is unavailable.
CracPk18.zip 1102347
sorry, a description is unavailable.
cuteftp-012000.txt 4466
Exploits the weak encryption scheme utilized in CuteFTP. Homepage here. By Black Hand.
datecrac.zip 9069
sorry, a description is unavailable.
deshadow.c 2531
sorry, a description is unavailable.
dhb.zip 97692
Domino Hash Breaker v1.0 is a tool that tries to guess a Lotus Domino HTTP password from his hash and a dictionary file. It needs Lotus Notes R5 client installation and nnotes.dll.  Homepage: http://www.securiteinfo.com. By Valgasu
Dicgen.zip 25448
Dicgen is dictionary file creator (DOS). Easy to use interface and options, extremely fast, introduce any variables and generate any combination type. By ERADiCATOR/Ceara Ratz
dictmake.zip 20812
sorry, a description is unavailable.
dicts.zip 3305951
sorry, a description is unavailable.
djkc95.zip 55025
sorry, a description is unavailable.
dkbf-0.1.1b.tar.gz 72735
Dkbf is a Distributed, Keyboard, Brute-Force program, written in C, for Linux clusters that attacks Windows NT Lanman and NT hashes using the Message Passing Interface (MPI) to distribute the program L0phtCrack by the L0pht.  Homepage: http://dkbf.sourceforge.net. By d4 b0rg
e-pwdcache.zip 91464
e-pwdCache is a program that weeds out all of the cached passwords, such as domain, mail, mapi, windows network, dialups, ie-passwords, etc, on local Windows 95/98 machines. Compact and easy to use. By deepcase, ech0 security.
ecrack-0.1.tgz 2570
ECrack v0.1 - Energymech (StarGlider Class - IRC bot) brute force password cracker. Tested with emech-2.7.6 but should work with other versions also. Homepage here. By Sean Trifero
ecrack-1.0.tgz 2536
ECrack v1.0 - Energymech (StarGlider Class - IRC bot) brute force password cracker. Tested with emech-2.99.65 but should work with other versions also. Homepage here. By Sean Trifero
eggh.tgz 12262
A password cracker for eggdrop (blowfish) passwords, using a wordlist. Supports 1.1.5; By hornet.
egghack.tar.gz 12262
egghack is an eggdrop userfile password cracker, supports 1.1.5 and 1.3+, needs wordfile, Linux. By hrnt, x-organisation.
enabler.c 7749
Enabler.c attempts to find the enable password on a cisco system via brute force. Tested on Cisco 2600's and 12008's and has support for login-pass as well as login-only devices.  Homepage: http://www.avatarcorp.org. By Norby
entryle.zip 168898
EliteSys Entry v2.05 - Entry is a remote brute-force security auditing utility, designed to crack passwords for FTP sites, WWW sites, and POP3 email boxes. [read: get passwds for 0-day pr0n sites]. By EliteSys.
eudpass.zip 10354
sorry, a description is unavailable.
excelcrack.zip 2628
sorry, a description is unavailable.
fastcracker.tgz 119763
sorry, a description is unavailable.
fastzip.zip 45695
sorry, a description is unavailable.
fcrackzip-0_2_1.tar.gz 67392
FCrackZip 0.2.0 -Free, fast, portable, featureful. This is a relatively fast command-line bruteforce zip cracker. I like this one. In the author's words: "Why, the hell, another zip cracker? Naturally, programs are born out of an actual need. The situation with fcrackzip was no different... I'm not using zip very much, but recently I needed a password cracker. "Sure", I thought, "there are hundreds of them out there, I'll just gonna get one!". This wasn't so easy, in fact, none of the zipcrackers I found were able to find the passwords, either they didn't accept more than one zipfile, were awfully slow, or didn't do brute force attacks (which I needed). The worst thing was: no source!" Homepage here.
fhb-1.2.2.tar.gz 83554
FTP-Bruteforcer is a quick perl program to brute force FTP accounts. You can switch off ping, it loggs each password even when the session is aborted, it creates automatically a log in your $HOME. It also has a status report on tty8, which shows you the user-pass combination the script checks. By chaozkid
force.exe 23040
force is a brute force cracker designed to crack Hotmail "hints". Requires FSProgressiveDL.ocx. By legion2000.org.
forceSQL.zip 45154
ForceSQL v2.0 is an MS SQL password auditing tool. This is a command-line tool which uses both Brute Force and Dictionary Attacks to guess passwords. Works with SQL Server 7.0/2000  Homepage: http://www.nii.co.in. By Nilesh Burghate
fpw.tgz 22996
Passwd cracker similar to Crack.
Ftp_crack.tar.gz 66893
Ftp_crack.pl is a PERL script that brute forces FTP servers. By B-root
gammalnk.zip 7072
gammalnk v1.3 is a frontend to An Eyewitness' Gammaprog java-based bruteforce password cracker for web-based (hotmail.com, usa.net and yahoo.com) and regular POP3 email accounts. By Sander Bolt.
gammaprog-config.tgz 1147
New config files for gammaprog153.tgz, a bruteforce password cracker for web based e-mail addresses (angelfire.com, usa.net and yahoo.com but you can also define your own) and regular POP3 accounts. Coded in Java and uses the Java Virtual Machine (JRE). By An Eyewitness.
gammaprog.tgz 11923
Gammaprog is a bruteforce password cracker for web based e-mail address (hotmail.com, usa.net and yahoo.com) and regular POP3 account. Java, requires JRE. By Eyewitness.
gammaprog130.tgz 15399
Gammaprog v1.30 - Gammaprog is a bruteforce password cracker for web based e-mail address (hotmail.com, usa.net and yahoo.com) and regular POP3 account. This release includes rules on words and a reverse cracking mode. Java, requires JRE. Source code, precompiled classes and FAQ included. By Eyewitness.
gammaprog140.tgz 17102
Gammaprog is a bruteforce password cracker for web based e-mail address (hotmail.com, usa.net and yahoo.com) and regular POP3 account. This latest release features crack session save and resume options, and benchmark function to test speed. Coded in Java and uses the Java Virtual Machine (JRE). By Eyewitness.
gammaprog150.tgz 21548
Gammaprog is a bruteforce password cracker for web based e-mail address (hotmail.com, usa.net and yahoo.com) and regular POP3 account. This latest release features option to configure the cgi cracking program to crack any cgi you want. Coded in Java and uses the Java Virtual Machine (JRE). By An Eyewitness.
gammaprog151.tgz 20515
Gammaprog is a bruteforce password cracker for web based e-mail address (hotmail.com, usa.net and yahoo.com) and regular POP3 account. This latest release features option to configure the cgi cracking program to crack any cgi you want. Coded in Java and uses the Java Virtual Machine (JRE). This release incorporates the following new features: changed the cgi configure option to handle HTTP headers correctly and added HTTP proxy support. By An Eyewitness.
gammaprog152.tgz 21649
Gammaprog is a bruteforce password cracker for web based e-mail addresses (angelfire.com, usa.net and yahoo.com but you can also define your own) and regular POP3 accounts. This release includes wingate and piping support. Coded in Java and uses the Java Virtual Machine (JRE). Included in the package are gammaprog.java Gammaprog 1.52 source code, compiled classes, help file that explains how to configure the cgi cracking mode, and a small wordlist. By An Eyewitness.
gammaprog153.tgz 26509
Gammaprog is a bruteforce password cracker for web based e-mail addresses (angelfire.com, usa.net and yahoo.com but you can also define your own) and regular POP3 accounts. This release includes wingate and piping support, bugfixes, and POST support for cgi cracking. Coded in Java and uses the Java Virtual Machine (JRE). Included in the package are gammaprog.java Gammaprog 1.53 source code, compiled classes, help file that explains how to configure the cgi cracking mode, and a small wordlist. By An Eyewitness.
glide.zip 14464
sorry, a description is unavailable.
hades.zip 116496
sorry, a description is unavailable.
hc130.zip 197183
sorry, a description is unavailable.
hintcrack.zip 27532
HintCrack is a tool to crack hotmail 'hints' using a dictionary attack. HintCrack takes a user's login, retrieves their hint from hotmail and attempts to crack the hint using words from a wordlist file. It can check around 80 hints a minute on a 56K modem connection. For MSDOS. By magic.
HotmailHack.zip 240534
HotmailHack attempts to brute force hotmail accounts from a dictionary file. By Student 80
howtocrk.zip 124200
sorry, a description is unavailable.
hv-pop3crack.pl 4433
Perl script that executes dictionary file based brute force attacks on POP3 account passwords. By d0ct0r_x, Hackers Venezuela.
hypno.zip 27799
Hypnopaedia is a brute force POP3 password cracker that connects to a given mail server, and attempts to crack the password of any specified account, using a dictionary file. With GUI, for Windows. By NullString.
jack14.zip 122657
sorry, a description is unavailable.
jcon.zip 221485
JCon is a security-scanner and brute-force password breaking tool. It can scan ports, FTP and mailer daemons, and check for CGI-vulnerabilities. It is easy to use, platform independent, easily extensible, and can perform all of its actions on lists of hosts/IP addresses.  Homepage: http://cyberdemon.ellicit.org.
jill_v20.zip 80136
sorry, a description is unavailable.
john-1.6.31-dev.tar.gz 132940
John the Ripper is a very fast password cracker which is available for many flavors of Unix, DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well. Changes: HP-UX tcb files support has been added, the default wordlist rules have been made Y2K-aware, and various minor fixes have been applied.  Homepage: http://www.openwall.com/john/.
john-1.6.32.tar.gz 133124
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well. This is the current development version which offers significant performance improvements over the 1.6 release, but no documentation and charset files are provided, and more testing is needed.  Homepage: http://www.openwall.com/john/. By Solar Designer
john-1.6.tar.gz 497341
John the Ripper v1.6 (UNIX -- source distribution) - High quality UNIX password cracker, probably the fastest available. New Features: Batch mode, Kerberos AFS passwords support, WinNT passwords support, Idle priority support on Linux, Rule reject flags: can reject entire rules on condition, New utility: 'unique' (removes duplicated lines without re-ordering), New options: '-stdout', '-status', GNU-style long options support, New make targets for AIX, HP-UX, IRIX, Bug and portability fixes, and new bugs. By Solar Designer.
john-15d.zip 435525
John the Ripper v1.5d
john-15w.zip 734576
John the Ripper v1.5w
john-16d.zip 710007
John the Ripper v1.6 (DOS -- binaries) High quality UNIX password cracker, probably the fastest available.
john-16w.zip 780047
John the Ripper v1.6 (Win32 -- binaries) - High quality UNIX password cracker, probably the fastest available.
john-1_5_tar.gz 349186
John the Ripper v1.5
k2vl017.zip 9371
This program will also unveil passwords hidden behind *'s, but this one is more for the 'remote user', for it creates a hidden file in c:\ called system.dup when you run the program (no need to highlight the password boxes with the mouse). When you view this encrypted system.dup file with the enclosed viewer, you get current Dial Up Networking passwords, as well as OLD dial up networking passwords. By Weird, ThuNderSoft. Snarfed from The Flammable Pheces.
kaufcrk.pl 1119
Kaufcrk.pl is a perl script which decrypts encrypted passwords found in the Kaufman Mail Warrior accounts file (MW35_Accounts.ini). Tested with Mail Warrior v3.57.  Homepage: http://www.rhs-ck.com. By Xcript
kc9_11.tar 225280
sorry, a description is unavailable.
killcmos.zip 8433
sorry, a description is unavailable.
killercracker.zip 41212
sorry, a description is unavailable.
koskrack.zip 1085705
sorry, a description is unavailable.
kuang2 -
directory:
sorry, a description is unavailable.
lard2.arj 49344
sorry, a description is unavailable.
lcrack-1.0.1.tar.gz 28086
Lepton crack is a password cracker that works on Cygwin and Linux and cracks MD4 hashes, MD5 hashes, NTLM, and HTTPpassword hashes from Domino R4.  Homepage: http://usuarios.lycos.es/reinob.
LDAP_Brute.pl 4178
LDAP_Brute.pl is an OpenLDAP brute force auditing application. Written under Slackware 8.0. Brute forces Manager password then Dumps entire Database of user and passwords in format for John the Ripper.  Homepage: http://sec.angrypacket.com. By Victim1
libcodict-0.4.tar.gz 206642
Libcodict is a user friendly "combo dictionary" C API developed in order to ease dictionary handling when developing open source security audit tools. Combo dictionaries are a different approach than the traditional plain dictionary with a user list and a list of commonly used passwords. When auditing a server environment, one of the biggest tasks are to remove all default users from old UNIX machines that never got any attention after installation. Using a list of default users and their commonly used passwords is the main idea behind this library.  Homepage: http://www.sr-71.nu/libcodict. By Blh
lincrack.c 9431
This is a very flexible, easy to use password cracker for the Linux/Unix platform. Just specify the dictionary file and the passwd file and your set. It attempts to crack each password in the passwd file using the words from the dictionary file. By w0rm.
lodowep-src-1_2_1.zip 64471
Lodowep 1.2.1 is a tool for analyzing password strength of user accounts on a Lotus Domino webserver system by using dictionary attacks. Lodowep is multi-threading and supports both session- and basic-authentication. The binary version of this tool can be found here.  Homepage: http://www.cqure.net
mincrack.zip 11384
Uof MN POPMail Password Cracker v1.1
mscdkey.zip 66388
sorry, a description is unavailable.
msnmsgpasswd.zip 1004
Windows ActivePerl source to a script which proves the encryption being used by MSN Messenger v4.6 is weak. Does a base64 decode of a registry key.  Homepage: http://perl.ob5cure.com. By Obscure
msnmsgpwd.exe.zip 443126
Windows ActivePerl executable which proves the encryption being used by MSN Messenger v4.6 is weak by doing a base64 decode of a registry key.  Homepage: http://perl.ob5cure.com. By Obscure
msqlfast.c 3543
A high-speed brute-force password cracker for MySQL hashed passwords. It can break an 8-character password containing any printable ASCII characters in a matter of hours. By Secret Squirrel
mssqlpwd.zip 4900
MS SQL 6.5/7.0 brute force password cracking tool. By Max V. Uzunov
msword.zip 20291
sorry, a description is unavailable.
mysqlpassword.c 4636
MySQL brute force password cracker - Uses a dictionary attack against an encrypted mysql password. By Chris Given
nbrute.tar.gz 11408
A program to brute force valid Newspro logins/passwords by wh1sky
newpw.zip 131795
sorry, a description is unavailable.
nirvana.tgz 32742
Perl based brute force attack on telnet. Takes input from a list. By Vladimir Lohov
NT -
Windows NT Password Crackers
ntsweep.zip 510296
NTSweep v1.0 - NTSweep takes a different approach to brute forcing NT passwords. It will gather a list of network users, and scan through their accounts for common passwords. Unlike L0phtCrack, any user can run this (provided you have NT) - so you don't have to access the registry or SAM database. Basically, it will communicate with the NT servers to try and determine passwords, only using access rights that the most basic user has. By Hale of Wiltered Fire.
ntucrack.zip 110661
sorry, a description is unavailable.
nutcrack.1.0.tar.gz 9865
Nutcracker is a simple, fast, and effective password cracker for UNIX and Linux systems. It is faster than the other crackers available. Disabled accounts and accounts with no password are detected. Results are shown in a nicely-formatted table. A sample password file and dictionary file are included, although you can use any word list you wish (including the file '/usr/dict/words' included with most Linux distributions). Nutcracker will work with '/etc/passwd' or '/etc/shadow' files. Homepage here. By Ryan Rhea
nutcracker-1.5.tar.gz 17007
Nutcracker is a simple, fast, and effective password cracker for UNIX and Linux systems. It is faster than the other crackers available. Disabled accounts and accounts with no password are detected. Results are shown in a nicely-formatted table. A sample password file and dictionary file are included, although you can use any word list you wish (including the file '/usr/dict/words' included with most Linux distributions). Nutcracker will work with '/etc/passwd' or '/etc/shadow' files. Changes: Uses the Perl Module Screen.pm for improved display, including the ability to view a status line showing the current activity. Several new command line options and runtime commands have been added. Homepage: http://www.northernlights.bizland.com. By Ryan Rhea
og-brute101.tgz 3505
Og-Brute is a perl package to brute force pop3 and ftp account passwords and probe smtp for valid logins with wingate support.  Homepage: http://og.chickenz.net. By Elicit
passhack.mrc 6495
Brute Force password cracker for mIRC.
passthief.exe 18944
Takes the asterisks (*) in a password field and converts to plaintext.
password-gen.c 642
A real simple password generator generating mixed upper and lowercase letters and numbers. By The c5 Project.
pbrute.tar.gz 11575
A program to brute force valid POP3 logins/passwords by wh1sky
pc-1.1-dist.zip 176935
PalmCrack, the password testing tool for the Palm Computing Platform. Designed to help security professionals determine the strength of passwords, PalmCrack is able to check UNIX and NT passwords against a dictionary and decrypt certain Cisco router passwords. PalmCrack runs on PalmOS 2 and PalmOS 3 devices, including the PalmPilot Professional through the PalmVII and the IBM WorkPad series. Changes: Includes programs to allow you to create your own wordlist databases. Homepage here. By Steve Lodin
pent.pl 2834
Pent.pl uses smbclient to brute force NT shares and passwords. Changes: Updated to work under BSD.  Homepage: http://sec.angrypacket.com. By Tony Lambiris
pgpcrack.zip 54426
sorry, a description is unavailable.
pgppass.zip 49381
PGPPass is a dictionary-based attack (password cracking) program for use against PGP secret key rings, any version. By AccessData.
phobia.tgz 57136
sorry, a description is unavailable.
php-ssl-brute.zip 1799
Php-ssl-brute is a php script that uses curl to brute force ssl protected website login screens. By Dejchai Srihakim
pop3hack.c 5731
sorry, a description is unavailable.
POP3HACK.C 4111
pop3 password cracker. By ech0 Security.
Pop_crack.tar.gz 66927
Pop3 Crack is a pop3 account brute forcer in perl. By B-root
popcrack.zip 13368
U of MN POPMail Password Cracker v1.0
pwd-gen.c 1668
pwd-gen.c is a password generator. Works well with user accounts. Homepage here. By Tomas of the C5 Group
pwdump.ex_ 114688
sorry, a description is unavailable.
pwdump.zip 19583
sorry, a description is unavailable.
pwl9x-0.04-dev.tar.gz 24851
The Windows 9x Password List reader is a program that will allow you to see the passwords contained in your Windows pwl database under Unix. You can check the security of these files and try to recover the main password using the bruteforce mode. Changes: A processor detection routine was added. Resume was added to bruteforce mode.
pwl9x-0.06-dev.tar.gz 71519
The Windows 9x Password List reader is a program that will allow you to see the passwords contained in your Windows pwl database under Unix. You can check the security of these files and try to recover the main password using the bruteforce mode. Changes: New integer cracking core, works especially well on AMD K7. Some bugs were fixed.
pwl9x-0.07-dev.tar.gz 71880
The Windows 9x Password List reader is a program that will allow you to see the passwords contained in your Windows pwl database under Unix. You can check the security of these files and try to recover the main password using the bruteforce mode. Changes: Now displays the next password to check if it is interrupted while in bruteforce mode.
qrack-1.0.tgz 9187
Qrack is a simple, fast, and quick unix password cracker. It brute forces ciphertext generated by the crypt() function. It can report disabled accounts as well as accounts with no passwords, a 2400 word dictionary file is included. Ideal for system administrators to look for weak passwords. Written in Perl, and tested on FreeBSD and Linux but should work on any Unix variety with Perl installed. Homepage: http://web.refute.org. By Tyler Lu
rawcopy.zip 143200
sorry, a description is unavailable.
rempass.zip 8711
sorry, a description is unavailable.
revel11.zip 1278668
sorry, a description is unavailable.
revelation.1.1.exe 1292961
Revelation password cracker.
RiPFTPServer.zip 191189
RiP FTP Server 1.0 - Simple Win32 program that allows you to extract plaintext passwords from FTP server client software, such as .ini or registry settings. By iTeC, and based on ftp-spoof.pl by ManicX.
RLRPAconv1.0.tar.gz 6562
Remote Password Assassin (RPA) is a powerful security tool to test passwords across networks. In a simple way, RPA is a Network Password Cracker using Brute Force Attack and able to attack very common ports on servers. When RPA is finish it will generate a HTML report, easy to follow and detailing the session. Homepage here.
rm-brutal.tar.gz 2922
Brutal.pl v0.5 is a perl program that will try to get valid accounts on the remote server using a POP3 brute force method thru wordlist files. By Dead Sector
saltine-cracker-1.05.00.tar.gz 24051
Saltine Cracker v1.05 is a TCP/IP Distributed Network Password Auditing Tool for NTHASH (MD4) and POSIX LibDES Crypt(3) passwords. With the incorporated cross-compatiblity, you can audit Win9X/NT client passwords attached to POSIX servers and vice-versa. By Ambient Empire.
samdump.zip 33705
sorry, a description is unavailable.
scp -
Snap Cracks POP is a simple to use POP3 and FTP cracker written in Java.
scrack15.zip 234300
Saltine Cracker v1.05 is a TCP/IP Distributed Network Password Auditing Tool for NTHASH (MD4) and POSIX LibDES Crypt(3) passwords. With the incorporated cross-compatiblity, you can audit Win9X/NT client passwords attached to POSIX servers and vice-versa. DOS version. By Ambient Empire.
scrncrak.zip 2744
sorry, a description is unavailable.
shadow.c 186
Reconstructs the password file from a shadow.
slurpie.tgz 8117
sorry, a description is unavailable.
smbbf-0.9.1.tar.gz 30528
The SMB Auditing Tool is a password auditing tool for the Windows and the SMB platform. It makes it possible to exploit the timeout architecture bug in Windows 2000/XP, making it extremely fast to guess passwords on these platforms. Running a large password file against Windows 2000/XP, shows statistics up to 1200 logins/sec. This means that you could run a commonly used English dictionary with 53 000 words against a server under a minute. Supports SMB over Netbios and native SMB over tcp port 445. Compiles on Linux, BSD, and Cygwin. By Patrik Karlsson
snmpbrute-fixedup.c 10503
Snmpbrute-fixedup.c is a fixed version of snmpbrute.c, a very fast snmp brute forcer. Since it doesn't need to wait for a response, it can guess community's very fast. Tested on Slackware 3.6. By Aidan
snmpbrute.c 9001
Snmpbrute.c is a very fast snmp brute forcer. Since it doesn't need to wait for a response, it can guess community's very fast. Tested on Slackware 3.6. By Aidan
spg.tar.gz 4865
The Unix Sequence Password Generator creates password files and allows on-the-fly cracking when used with other tools. Also supports all sets of characters.  Homepage: http://www.hack.gr/users/killah/. By Killah
sqlbf-all-src-1.0.1.zip 74411
This tool should be used to audit the strength of Microsoft SQL Server passwords offline. The tool can be used either in BruteForce mode or in Dictionary attack mode. The performance on a 1 Ghz Pentium (256mb) is around 750,000 guesses/sec. This is the source - Windows and Linux binaries available here.  Homepage: http://www.cqure.net. By Patrik Karlsson
sqlbf.zip 4497
sqlbf - MSSQL server brute force tool. This is a tool for auditing the strength of your SQL login passwords. c++ source. By Xaphan
sscrack.zip 2744
sorry, a description is unavailable.
starcrak.zip 89635
sorry, a description is unavailable.
SUPassConvert.tgz 4998
The following is a utility I wrote to quickly convert the unix style passwords in a Serv-U.ini file into standard unix password style for cracking. Serv-U Ftp uses standard unix password encryption which can be cracked with most unix password crackers. I have included a java class file and a windows executable.  Homepage: http://www.2cic.com/design. By J Noonan
Telnet_crack.tar.gz 33137
Telnet Crack is a perl script which brute forces telnet. By B-root
tforce-1.0.0.tgz 11163
tForce is a HTTP realm brute forcing utility which utilizes wordlists for passwords against the Basic Authentication Scheme described in RFC 2068 (section 11.1). There's no limit to the number of tries you can attempt against an HTTP server, so in fact, if you have good wordlists, it's only a matter of time unless the victim has chosen a very secure password.  Homepage: http://www.truncode.org. By Necrose
thermoprog.zip 6096
Thermoprog is a bruteforce password cracker for Angelfire password reminder. If you can't crack the real password, maybe you'll have more luck with the Password Hint Question. Coded in Java, and utilizes the Java virtual machine (download JDK or JRE). By Terminator.
thetaprog.tgz 26914
Thetaprog is a bruteforce password cracker for Hotmail password reminder. If you can't crack the real password, maybe you'll have more luck with the Password Hint Question. Things like "the last four digits of your social security number" are really easy to crack. This is a new version designed to work with the recently changed Hotmail Hint format. Java, requires JRE. By An Eyewitness.
trmphack.zip 11716
sorry, a description is unavailable.
ucffire.zip 8288
sorry, a description is unavailable.
ucfjohn1.zip 84981
sorry, a description is unavailable.
ucfjohn2.zip 705147
sorry, a description is unavailable.
ultraprog.zip 6100
Ultraprog is a brute force cracker for the MailCity.com password reminder. Coded in Java, and utilizes the Java virtual machine (download JDK or JRE). By Terminator.
umncrack.zip 11317
U of MN SLIP Password Cracker v1.1
Unabr_dict.zip 689971
sorry, a description is unavailable.
Unsecurev1.2.zip 601767
Unsecure v1.2 is a HTTP auth brute force cracker. By Juliam
update.exe 1872
update.exe
userl4nd.v1.tar.gz 7652
Description: Userl4nd is a simple package that will brute force accounts via ftpd. Though simple and effective at times, FTPd activity is easily and most likely logged. Currently works best against Linux systems with traffic on fair bandwidth. By Presto
vcrack.tar.gz 8956
V-Crack Zero++ (UNIX) is a poly-alphabetic XOR cipher cracker, for the totally useless and insecure XOR algorithm that many software vendors nevertheless use. By Ambient Empire.
vcrack.zip 37865
V-Crack Zero++ (DOS) is a poly-alphabetic XOR cipher cracker, for the totally useless and insecure XOR algorithm that many software vendors nevertheless use. By Ambient Empire.
vcu10.exe 281088
Velocity Cracking Utilities (VCU) is a suite of utilities to aid in cracking UNIX password files. This is accomplished with tools that create and manipulate wordlists, as well as some front-ends for popular DOS based cracking programs (such as John the Ripper). VCU attempts to make the cracking of passwords a simple task for computer users of any experience level. By Wiltered Fire.
viper13.tar.gz 6319
Viper is a standard unix password cracker, but instead of using a wordlist it will generate all the password combinations for the character sets and length you specify. New in this version is the ability to load and save from a progress file, define a minimum password length, and set the number of hours to run. Included in this package is the perl source, which shouldn't be a problem on a unix machine, but for win32 you will need to install the perl interpreters (ActivePerl [at] http://www.activestate.com). By Hale
vmsc10.zip 257080
sorry, a description is unavailable.
vnc-crack.patch 3061
Patch to VNC which allows a brute force dictionary attack. The fun with vnc is that the password is 8 characters or smaller, and that vnc has no concept of users, which brings down the number of possibilities to try. Homepage: http://www.pine.nl/~patrick/. By Patrick Oonk
vncdec.c 14485
Decrypts the password for VNC, a pcanywhere like program. Tested on linux.
vncpwdump-src-1_0_0.zip 36596
VNCPwdump can be used to dump and decrypt the registry key containing the encrypted VNC password in a few different ways. It supports dumping and decrypting the password by: Dumping the current users registry key, retrieving it from a NTUSER.DAT file, decrypting a command line supplied encrypted password, and injecting the VNC process and dumping the owner's password.  Homepage: http://www.cqure.net/tools.jsp?id=12. By Patrik Karlsson
vnx4.c 15335
vnx4.c is a VNC attack program ported to Windows. Features cracking of the password in the registry, online brute force against VNC server or cracking a sniffed challange/response handshake.  Homepage: http://www.phenoelit.de. By Fx
wbrute.tar.gz 11349
HTML brute force cracker. Now works on FreeBSD too.. By Wh1sky
wc30b2.zip 906597
WebCracker 3.0 Beta 2 (wc30b2.zip) is a password cracker designed to brute force login/password combinations for web sites that use HTTP-based password authentication. [script kiddies read: get free pr0n site access!] Features: supports sessions so you can save and resume cracking from where you left off, automatically logs all valid accounts found, supports running multiple instances so you can crack multiple targets at once, support for proxy servers, allows customized User ID and Password dictionary attacks, automatically tries the user id as the first password - a common weakness on many systems, allows on-the-fly variable replacement so user ids can be incorporated into passwords, allows on-the-fly ID and/or password case changes for case sensitive servers, uses standard HTTP 1.0 calls for compatibility with just about any web site, minimum password length check so you don't send passwords shorter than the target system allows, easy to use interface and options, extremely fast, much more. New in this release: multi-threaded cracking for faster results, now supports CGI and other "non-standard" login scripts, new and much improved user interface, no limit to the size of password lists which can be used, extended logging capabilities, much better progress indicators, statistics screen that provides details about the speed and efficiency of your cracking sessions. Freeware. By Daniel Flam.
wcrk20.zip 270224
Web Cracker v2.0 - Web Cracker is a remote brute-force password cracker designed to check the security of password authentication-based web sites. [read: get passwds for 0-day pr0n sites]. WebCracker web site.
WebCrack40.zip 1299587
Webcracker is a security tool that allows you to attempt to brute force id and password combinations on your web site. If you're able to guess a user's password with this program, chances are some hacker will be able to also. Webcracker helps you find these vulnerablilities and fix them before they're exploited by some unknown attacker. Changes: Multi-threaded for faster scanning, more flexible URL formats, and wordfile manipulation. Homepage here. By Daniel Flam
wetcracker.exe 17408
sorry, a description is unavailable.
wgdecode.c 2036
wgdecode extracts WinGate administrator passwords from Windows 9x/NT machine registries and decodes them. By Ralph.
win95pw.txt 3496
sorry, a description is unavailable.
winperl.zip 382834
winperl files needed for Windows 9x/NT version of Viper v1.2. (put the files in windows/system directory). By Hale, Wiltered Fire.
wordcrk.zip 20291
sorry, a description is unavailable.
wordex.exe 115200
Wordex is a small, free Windows program to generate wordlists recursively from all files in a directory. Homepage here. By Laurentiu Nicula
wordlists -
directory:
sorry, a description is unavailable.
wordmake0.1.pl 1681
WordMake is a dictionary file creator. It takes a text file and makes dictionary files from them. By Linga
wordmake0.2.pl 2375
WordMake is a dictionary file creator. It takes a text file and makes dictionary files from them. Changes: There was a minor bug with filtering word sizes which has been corrected and I added some extra functionality which I found to be necessary - Now accepts a whole directory of text files to merge. By Linga
wp1.zip 10733
sorry, a description is unavailable.
wpcrack.zip 28530
sorry, a description is unavailable.
wpcrackb.zip 9143
sorry, a description is unavailable.
ws_ftp.passwd.cracker 4378
sorry, a description is unavailable.
wwprt11d.zip 35225
sorry, a description is unavailable.
wwwhack.zip 440948
wwwhack - Automates the process of trying to crack logins/passwds for www sites that use basic HTTP authentication. Homepage here.
xcrack.pl 3782
xcrack v1.0 (.pl) - Latest version of ManicX's Unix/Linux Password Cracker, coded in perl. Features: quite fast (300,000 crypt's and compares per minute on a p133) for a ~65 line program, checks for disabled accounts and non-passworded accounts, lots of code optimization over last release. By ManicX.
xcrack.zip 11759
xcrack v1.0 (zipped) - Latest version of ManicX's Unix/Linux Password Cracker, coded in perl. Features: quite fast (300,000 crypt's and compares per minute on a p133) for a ~65 line program, checks for disabled accounts and non-passworded accounts, lots of code optimization over last release. By ManicX.
xit20.zip 102341
sorry, a description is unavailable.
xpass10.zip 4375
This program unveils passwords hidden behind *'s. By Weird, ThuNderSoft. Snarfed from The Flammable Pheces.
xpert.c 974
Xpert.c decodes the password from Ftpexpert which is stored in sites.ini. By Zipper X
xyprog.tgz 6308
Xyprog is a bruteforce password cracker for ICQ. Enter a UIN and feed the program with a word list. After a while you'll get the password if you're lucky. Java, requires JRE. By Eyewitness.
zipcracker-0.0.5-1.i386.rpm 26876
ZipCracker will try to find the correct password for a given file in a zip archive, by using the Brute force method (TM). By Jonas Borgström.
zipcracker-0.1.0.tar.gz 149490
ZipCracker for linux cracks password protected zip archives with brute force. Changes: A new GNOME UI, and no Win32 support. Homepage here. By Jonas Borgstrom
zipcracker-0.1.1.tar.gz 213123
Zipcracker for linux cracks password protected zip archives with brute force. Changes: BeoWulf (PVM) support and a Swedish translation. Homepage here. By Jonas Borgstrom
zipcracker-win32-0.0.4.zip 26964
ZipCracker 0.0.4 for Win32 - See below for description. This is the Win95/98/NT binary.
zipcracker-win32-0.0.5.zip 26847
ZipCracker will try to find the correct password for a given file in a zip archive, by using the Brute force method (TM). By Jonas Borgström.
zipcracker_0.0.4.orig.tar.gz 59878
ZipCracker 0.0.4 for *nix - ZipCracker cracks password protected zip archives with brute force(TM). It can be compiled with PVM support, which makes it able to take advantage of the computing power of a Beowulf Cluster. This version uses zlib instead of the unzip executable and comes with a performance increase of about 10 times compared to the previous version. The ZipCracker's Homepage
zipcracker_0.0.5.orig.tar.gz 60707
ZipCracker will try to find the correct password for a given file in a zip archive, by using the Brute force method (TM). By Jonas Borgström.
by: $0cr4t3$