Password Cracking Anyone? Here Are 10 Tools To Help You!

Password Cracking Anyone? Here Are 10 Tools To Help You!

20140629-102016-37216072.jpg

Thursday, April 24, 2014: While a great deal of time and effort is invested in designing and developing a software, it only takes a few seconds to bring it down on its knees via hacking. You might choose one of the most secure passwords (according to you, that is) for your online activities, but the fact is cracking the same is no big deal. With the right tools at hand, cracking a password can be a walk in the park. However, in all purposes, do remember the deed takes considerable risk. Do it at your own risk!

1.Brutus

Brutus is one of the fastest, most flexible remote password crackers you can get your hands on – it’s also free. It is available for Windows 9x, NT and 2000, there is no UNIX version available although it is a possibility at some point in the future. Brutus was first made publicly available in October 1998 and since that time there have been at least 70,000 downloads and over 175,000 visitors to this page.

2.Wfuzz

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.

3.RainbowCrack

RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. It crack hashes with rainbow tables. RainbowCrack uses time-memory tradeoff algorithm to crack hashes. It differs from brute force hash crackers.

4.SolarWinds

Transform the complexity of IT security and compliance management with SolarWinds Log & Event Manager (LEM) — powerful, easy-to-use Security Information & Event Management (SIEM) in an affordable, all-in-one virtual appliance.

5.L0phtCrack

L0phtCrack 6 is packed with powerful features such as scheduling, hash extraction from 64 bit Windows versions, multiprocessor algorithms, and networks monitoring and decoding. Yet it is still the easiest to use password auditing and recovery software available. Software runs On Windows XP and higher. Operates on networks with Windows NT, 2000, XP, Server 2003 R1/R2, Server 2008 R1/R2, on 32- and 64-bit environments, as well as most BSD and Linux variants with an SSH daemon.

6.Medusa

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible.

7.Ophcrack

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.

8.THC-Hydra

A very fast network logon cracker which support many different services.

9.John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.

10.Aircrack

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimisations like KoreK attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools.

Saurabh Singh, EFYTIMES News Network

Advertisements

Revealed: How governments can take control of smartphones

Revealed: How governments can take control of smartphones

“Our latest research has identified mobile modules that work on all well-known mobile platforms, including as Android and iOS”

RT.com
June 25, 2014

‘Legal malware’ produced by the Italian firm Hacking Team can take total control of your mobile phone. That’s according to Russian security firm Kaspersky Lab and University of Toronto’s Citizen Lab(which also obtained a user manual).

Operating since 2001, the Milan-based Hacking Team employs over 50 people and offers clients the ability to “take control of your targets and monitor them regardless of encryption and mobility,” while “keeping an eye on all your targets and manage them remotely, all from a single screen.”

It’s the first time Remote Control Systems (RCS) malware has been positively linked with mobile phones and it opens up a new privacy threat potential to mobile phone users.

“Our latest research has identified mobile modules that work on all well-known mobile platforms, including as Android and iOS,” wrote Kaspersky researcher Sergey Golovanov.

“These modules are installed using infectors – special executables for either Windows or Macs that run on already infected computers. They translate into complete control over the environment in and near a victim’s computer. Secretly activating the microphone and taking regular camera shots provides constant surveillance of the target – which is much more powerful than traditional cloak and dagger operations.”

20140625-164404-60244101.jpg
Image from citizenlab.org

Police can install the spy malware directly into the phone if there is direct access to the device, or if the owner of the phone connects to an already infected computer, according to Wired.

Various softwares can also lure users to download targeted fake apps.

Once inside an iPhone, for instance, it can access and activate all of the following: control of Wi-Fi, GPS, GPRS, recording voice, e-mail, SMS, MMS, listing files, cookies, visited URLs, cached web pages, address book, call history, notes, calendar, clipboard, list of apps, SIM change, live microphone, camera shots, support chats, WhatsApp, Skype, and Viber.

20140625-164453-60293182.jpg
Image from citizenlab.org

While the malware can be spotted by some of the more sophisticated anti-virus software, it takes special measures to avoid detection – such as “scouting” a victim before installation, “obfuscating”its presence, and removing traces of its activity.

Hacking Team has maintained that its products are used for lawful governmental interceptions, adding that it does not sell items to countries blacklisted by NATO or repressive regimes.

Wired reported that there have been cases where the spying apps were used in illegal ways in Turkey, Morocco, and Saudi Arabia.

Citizen Lab discovered spying malware hiding in a legitimate news app for Qatif Today, an Arabic-language news and information service that reports on events in Saudi Arabia’s eastern Qatif region. It also argued that circumstantial evidence pointed to Saudi Arabia’s government using the spying malware against Shia protesters in the area.

“This type of exceptionally invasive toolkit, once a costly boutique capability deployed by intelligence communities and militaries, is now available to all but a handful of governments. An unstated assumption is that customers that can pay for these tools will use them correctly, and primarily for strictly overseen, legal purposes. As our research has shown, however, by dramatically lowering the entry cost on invasive and hard-to-trace monitoring, the equipment lowers the cost of targeting political threats for those with access to Hacking Team and Gamma Group toolkits,” Citizen Lab said in its report.

20140625-164550-60350694.jpg
Map showing the countries of the current HackingTeam servers’ locations (Image from securelist.com)

Hacking Team controls the spying malware remotely via command-and-control servers. Kaspersky has discovered more than 350 such servers in more than 40 countries. A total of 64 servers were found in the US – more than in any other country. Kazakhstan came in second, with a total of 49 servers found. Thirty-five were found in Ecuador and 32 in the UK.

How to create strong passwords

How to create strong passwords June 4, 2014 By: Marta López

20140608-140501-50701206.jpg

Quite honestly, you can never be told enough about strengthening your passwords and their security! Of course, that is my opinion.

We have often said that having strong passwords can save you a lot of headaches when it comes to protecting your digital life.

Today we are going to offer you a few tips on how to make a password that will make things a bit more difficult for those malicious individuals who want to take control of your email or social network accounts or any other online services you use.

How to create strong passwords
Use numbersInclude letters as wellCombine upper and lower caseAdd symbols such as: @, #, ? or %Where possible, it should be a minimum of eight characters long. The longer it is, the more difficult it will be to guessNever use a sequence of numbers or letters: 123456, 987654, abc123Don’t use a sequence of adjacent keyboard letters either: qwer123; asd987Ideally, your passwords shouldn’t be something directly related to you. Don’t use your name or date of birth

Things you shouldn’t do with your password
Use the same password for different services, social networks, online banking, etc. If you always use the same one, if someone gets hold of it, they will have access to your entire digital world.Write it down somewhere: mobile phone, address book, etc. Neither should you leave it next to your computer!Leave it stored in browser histories. Even though it’s more hassle, it’s better to enter your password manually whenever you visit a site.

What you should do with your passwords
* There are many tools available on the Internet to check their strength.

* Change them from time to time.

* Use a password manager like the one in Panda Global Protection 2014. This way, you will only have to remember one password and, as you don’t have to memorize all of them, you can set different, more complex passwords for each service.

Priority Matrix helps you prioritize work and life

Priority Matrix helps you prioritize work and life

20140604-185030-67830076.jpg

Manage Projects On The Go
Priority Matrix helps busy people who need access to important project information anywhere, anytime, and never be constrained by lack of internet access. Our mobile apps won numerous awards and trusted by tens of thousands of customers.

Get Things Done Effectively
Priority Matrix is designed with proven time management methodologies in mind. Together, we help you figure out what needs to be done today across all your responsibilities. Getting the right things done is the most value a high value manager can add, and we want to help you do that.

20140604-185112-67872740.jpg

Collaborate & Prioritize
Priority Matrix works across your team of one or one hundred. As a manager and executive, you always know your team’s priorities, and have a ultimate single source of truth. You can, within seconds, generate reports of work done for you and your team members.

Integrate With Your Existing Workflow
Priority Matrix lets you see your work in Outlook, iCal, Lotus, Google Calendar — for all your projects and for your entire team! You can drag files, emails, links, pdfs directly onto Priority Matrix. Delegate tasks to team mates outside of Priority Matrix and they can work with you directly from their emails inbox.