Skip to main content

Types Of Brute Force Attack In (2020)

Types of Brute Force Attack

There are a number of different types of brute force attack, each of which has the same goals detailed above.
Hybrid Brute Force Attacks
You may have heard of dictionary attacks. These are one of the most common forms of brute force attack and use a list of words in a dictionary to crack passwords. Other types of attack may use a list of commonly used passwords. If your password is 'password', for example, a brute force bot would be able to crack your password within seconds.
Reverse Brute Force Attack
Reverse brute force attacks don't target a specific username, but instead, use a common group of passwords or an individual password against a list of possible usernames.
Credential Stuffing
When a username and password pairing is known by the attacker, they can use this information to gain access to multiple websites and network resources. For example, many users choose the same password to access many different websites for the sake of simplicity. Taking precautions like using two-factor authentication and using different passwords for every different network resources can help to prevent brute force attacks that rely on credential stuffing.


Industries in which passwords are a high priority:

  • Banking & Finance
  • Share Trading 
  • Military
  • Espionage
  • Social Media
  • Telecommunication & Gadgets
  • Corporate



1. THC Hydra

THC hydra is one of the oldest password cracking tools developed by “The Hackers Community“. By far, Hydra has the most protocol coverage than any other password cracking tool as per our knowledge, and it is available for almost all the modern operating systems. THC Hydra can perform rapid dictionary attacks against many protocols such as Telnet, FTP, HTTP, SMB etc.

2. Aircrack-Ng

Aircrack-ng is another most popular brute force wireless hacking tool which is further used to assess WiFi network security. Generally it focuses on different 4 areas of WiFi security i.e. Monitoring, Attacking, Testing and Cracking.
Aircrack-ng is a set of tools widely used to crack/recover WEP/WPA/ WPA2-PSK. It supports various attacks such as PTW, which can be used to decrypt WEP key with a less number of initialization vectors, and dictionary/brute force attacks, which can be used against WPA/WPA2-PSK. It includes a wide variety of tools such as packet sniffer and packet injector. The most common ones are airodump-ngaireply-ng, and airmon-ng.

3) Hashcat

Hashcat is the world’s fastest and most advanced password recovery utility, supporting 5 unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking.

4) Cain & Able

Cain and Abel (often abbreviated to Cain) is a password recovery tool for Microsoft Windows only. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks.

5) Rainbow Crack

Rainbow crack can not only be used to crack password hashes by using rainbow tables, but it can also help you create your own rainbow tables in case you don’t want to download them; but remember that if you are generating a large rainbow table, you should make sure that you have ample hard drive space.

6) John the Ripper

John the Ripper (JTR) is an open source password cracker; it’s one of the fastest password crackers around and is pre-installed in Kali Linux OS. It can be used to perform both bruteforce attacks and dictionary-based attacks. It also comes with a pre-installed wordlists.

7) Medusa

Medusa is another tool for password cracking like THC Hydra. It is known to be a speedy parallel, login brute forcing tool and modular. When cracking the password; host, password and username can be a flexible input while the performance of the attack.
Medusa is popular for being the command line tool, so one need to understand commands before utilizing the tool. Tool’s efficiency depends on network’s connectivity. It can test 2000 passwords per minute on a local system.
In this tool the attacker can also carry out parallel attacks at one time. It allows one to crack passwords of multiple email accounts simultaneously. He can specify the username list along with the password list.

8) OphCrack

OphCrack is available for free which is a rainbow-table based tool for password cracking on Windows. It is a popular Windows password cracking tool which can also be used on Linux or Mac. It can crack LM and NTLM hashes. For cracking Windows 7, Vista or Windows XP, free rainbow-tables are made available.
A live CD of OphCrack is made available for the simplification of the cracking. One can utilize the Live CD of OphCrack to crack the Windows-based passwords. This tool is made available for free.

9. L0phtCrack

L0phtCrack serves as substitute to OphCrack. It makes various attempts on cracking Windows passwords from hashes. For cracking these passwords, it utilizes the primary controllers of domain, workstations (windows), network server, also Active Directory. It also makes use of dictionary attack and brute force attacking in guessing and generating of passwords. It became an acquisition to Symantec and discontinued in the year 2006. Later developers of L0pht again re-acquired it and launched their L0phtCrack in the year 2009.
It is available with an audit feature of schedule routine. One can set daily, weekly or monthly audit, it will still start scanning on the scheduled time.



Comments

Post a Comment

Popular posts from this blog

What Is Brute Force

  What is a Brute-force attack? A  brute force  attack is an attempt to crack a password or username or find a hidden web page, or find the key used to encrypt a message, using a trial and error approach and hoping, eventually, to guess correctly. This is an old attack method, but it's still effective and popular with hackers. Brute-force attack when an attacker uses a set of predefined values to attack a target and analyze the response until he succeeds. Success depends on the set of predefined values. If it is larger, it will take more time, but there is better probability of success. The most common and easiest to understand example of the brute-force attack is the dictionary attack to crack the password. In this, attacker uses a password dictionary that contains millions of words that can be used as a password. Then the attacker tries these passwords one by one for authentication. If this dictionary contains the correct password, attacker will succeed. ...
Post a Comment
Read more

penetration Testing

                                      W What Is Penetration Testin g Penetration Testing                                 Penetration testing can help you improve both the security and quality of your product. It’s a complex yet creative process where you must understand what you’re doing and why you’re doing it. It's like in the movie. where hacker-consultants break into your corporate networks to find weaknesses before attackers do. It’s a simulated cyber attack where the pentester or ethical hacker uses the tools and techniques available to malicious hackers. Back in ye olde days of yore, hacking was hard and required a lot of manual bit fiddling. Today, though, a full suite of automated testing tools turn hackers into cyborgs, computer-enhanced humans who can test far more than ever before. ...
Post a Comment
Read more

Types Of Ethical Hackers

Types Of Hackers And Its Information Hi Today Video Is About What Is Ethical Hacking Most If Us Where Thing That’s Hacking Is A  Crime And Hacking Is Illegal… But In The Modern Technology Hacking IS Leads To EveryThing But why Hacking has many types  And there are many types of Hackers in the world but here about it we should know what are the types of hackers in the world And we are going to learn here  First Of All Who Is A Hacker A Hacker is a person who finds and exploits the weakness in computer systems and/or networks to gain access. Hackers are usually skilled computer programmers with knowledge of computer security. ... Script kiddies: A non-skilled person who gains access to computer systems using already made tools A Hacker is a person who is intensely interested in the mysterious workings of any computer operating system. Hackers are most often programmers. They gather advanced knowledge of operating systems and programmin...
Post a Comment
Read more