John the Ripper (JTR) and Hydra

JTR is a cryptography tool that allows you to perform brute force attacks against passwords. JTR supports a vast array of encryption algorithms such as SHA-1, DES, Windows' LM/NTLM hashes, and more. Some of the main features of JTR are as follows:

• It performs dictionary attacks and brute force capabilities
• It has the ability to run as a cron job
• It offers customization of brute force rules and dictionary attack lists

Hydra, which is commonly used alongside JTR, provides support for a wide range of network protocols. Hydra is an online password cracker, whereas JTR is an offline password cracker. Some of the main features of Hydra are as follows:

• It supports a wide range of protocols
• It performs dictionary attacks and brute force capabilities
• It has the ability to add modules to extend functionality

In Chapter 6, Understanding Password Attacks, we will begin using JTR and Hydra to perform password attacks.