Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

Ncrack - High-Speed Network Authentication Cracker

Ncrack is an open source tool for network authentication cracking. It was designed for high-speed parallel cracking using a dynamic engine that can adapt to different network situations.

It can also be extensively fine-tuned for special cases, though the default parameters are generic enough to cover almost every situation. It is built on a modular architecture that allows for easy extension to support additional protocols.

Ncrack is designed for companies and security professionals to audit large networks for default or weak passwords in a rapid and reliable way. It can also be used to conduct fairly sophisticated and intensive brute force attacks against individual services.

The output from Ncrack is a list of found credentials, if any, for each of the targets specified. Ncrack can also print an interactive status report of progress so far and possibly additional debugging information that can help track problems, if the user selected that option.


ncrack [Options] {target and service specification}

Can pass hostnames, IP addresses, networks, etc.
Ex:,,; 10.0.0-255.1-254
-iX : Input from Nmap's -oX XML output format
-iN : Input from Nmap's -oN Normal output format
-iL : Input from list of hosts/networks
--exclude : Exclude hosts/networks
--excludefile : Exclude list from file

Can pass target specific services in ://target (standard) notation or
using -p which will be applied to all hosts in non-standard notation.
Service arguments can be specified to be host-specific, type of service-specific
(-m) or global (-g). Ex: ssh://,at=10,cl=30 -m ssh:at=50 -g cd=3000
Ex2: ncrack -p ssh,ftp:3500,25,ssl
-p : services will be applied to all non-standard notation hosts
-m :: options will be applied to all services of this type
-g : options will be applied to every service globally

Misc options:
ssl: enable SSL over this service
path : used in modules like HTTP ('=' needs escaping if used)

Options which take

Download Ncrack

You might also like:
  • Blue|Smash - A Bluetooth Pentest Suite
  • Harald Scan - A Bluetooth Scanner for Linux and Mac OS X
  • CSRFTester - Cross-Site Request Forgery Vulnerability Tester
  • ModSecurity - An Open Source Web Application Firewall Engine
  • PDFMiner - Python PDF Parser and Analyzer
  • BTS PenTesting Lab - Vulnerable Web Application For Practicing Penetration Testing
  • Flunym0us - Vulnerability Scanner For WordPress and Moodle
  • Fiddler - Free Web Debugging Proxy
  • Capstone - Multi-Platform Disassembly Framework
  • GDB - The GNU Project Debugger
  • FuzzDB - Comprehensive Set Of Known Attack Sequences
  • SecLists - The Pentesters Companion
  • Cansina - Web Content Discovery Tool
  • GoatDroid - Self-Contained Android Pentesting Environment
  • ike-scan - Tool For Discovering, Fingerprinting, & Testing IPsec VPN Systems
  • Wapiti - Web Application Vulnerability Scanner
  • Wireless Attack Toolkit - A Push-button Wireless Hacking & Man-In-The-Middle Attack Toolkit
  • SQL Injection Test Environment - A Collection Of Web Pages Vulnerable To SQL Injection
  • MKBRUTUS - A Password Bruteforcer For MikroTik Devices or Boxes Running RouterOS
  • NoSQLMap - Automated Mongo Database & NoSQL Web Application Exploitation Tool

This post first appeared on Effect Hacking - Hacking Tools, How To Guides An, please read the originial post: here

Share the post

Ncrack - High-Speed Network Authentication Cracker


Subscribe to Effect Hacking - Hacking Tools, How To Guides An

Get updates delivered right to your inbox!

Thank you for your subscription