/usr/share/wordlists
– consolidated set of word lists in Kali
/usr/share/seclists
– consolidated set of word lists in Kali
crunch
– generates custom word list using predefined set of characters
Table of Contents
online bruteforcing
Hydra – SNMP / ssh / rdp
Medusa – HTTP
Ncrack – RDP
offline bruteforce
john
http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats
hashcat
hashcat -m ### --force --username hashfile.txt wordlist.txt
--username
– used if the file format is USERNAME:HASH
--force
– if needed