Generic SHA-1 Auditor (GSAuditor) is an application that allows you to brute force password hashes derived from SHA-1. NOTE: GSAuditor is an “experimental” tool.

Current version of GSAuditor supports the following algorithms:

* RAW-SHA-1($password) – Mac OS 10.3 ‘Panther’
* SHA-1(UNICODE($password).$salt) – MS SQL 2000/2005 (remember that 2000 uses uppercase password!)
* SHA-1($password.$salt) – ORACLE 11g (the salt is currently 10 bytes)
* SHA-1($username.$password) – PHP
* SHA-1($salt.$password) – Mac OS 10.4 ‘Tiger’
http://evilfingers.com/tools/GSAuditor.php

A free Oracle password cracker written completely in PL/SQL. It is not the intention to replace the fast C based crackers such as woraauthbf but instead to suppliment it and to promote the need to check for weak passwords in customer databases but allow the customer to have a safe and easy method to do it that doesn’t involve downloading binaries, oracle clients, ssl dlls and more.
More info can be found at the author site.
http://www.petefinnigan.com/oracle_password_cracker.htm

ElcomSoft Claims 1 Billion Passwords/Sec Recovery; Uses GPUs in Parallel
Distributes tasks to multiple NVIDIA video accelerators

ElcomSoft has released a new version its Distributed Password Recovery program for recovering system and document passwords at speeds of up to 1 billion passwords per second. (more…)