Skip to main content
TrustRadius
John the Ripper

John the Ripper

Overview

What is John the Ripper?

John the Ripper is a penetration testing tool used to find and crack weak passwords.

Read more
Recent Reviews
Read all reviews
Return to navigation

Pricing

View all pricing
John the Ripper

John the Ripper

N/A
Unavailable

What is John the Ripper?

John the Ripper is a penetration testing tool used to find and crack weak passwords.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

12 people also want pricing

Alternatives Pricing

Wireshark

Wireshark

Free
What is Wireshark?

Wireshark is a free and open source network troubleshooting tool.

Acunetix by Invicti

Acunetix by Invicti

$4,500
What is Acunetix by Invicti?

AcuSensor from Maltese company Acunetix is application security and testing software.

Return to navigation

Product Details

What is John the Ripper?

John the Ripper Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(2)

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why
June 07, 2022

Excellent, Long-Established Password Cracker.

Azhar Chaudri | TrustRadius Reviewer
Azhar Chaudri
Security Team Lead Analyst
Venator (Information Technology & Services, 1001-5000 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We had to undertake a password auditor project recently, so one of the key performance indicators was to use a password cracker to check the veracity of the passwords. The best-known one was 'John the Ripper' so we went ahead and used it. Its main strength lies in detecting password hashes and running against the very best ones (apart from AES). The password crackers can be run from one location for convenience and this also adds to the effectiveness of the application. 'John the Ripper' mainly relies on incorporating brute force attacks and dictionary table attacks on plaintext passwords and this is where t is more effective.
Pros and Cons
  • Easily finds plantect passwords.
  • Simply detects passwords hashes.
  • Has a fully bespoke cracker that can be modified to users requirements.
  • Excellent for UNIX and Windows usage.
  • It needs to be modified to be able to break SHA 256, 512 and the lastest hashes.
  • Can be slow and wildly against the lastest hashes.
  • Require admin access to set up account.
  • Old and is being superseded by better applications.
Likelihood to Recommend
It is best suited in those environments where complexity is not the key. We've used it fairly extensively in our UNIX to find weak UNIX passwords and in Windows environments too. It's very easy to get hold of as it is essentially Open Source, although a paid version is now available and we are thinking of looking at this proposition in-depth to see if it is viable. We found it easy to install and deploy across our systems. Patching was fairly regular, so we always had the latest version. It holds its own against DES and Blowfish encryption algorithms among many others.
Most Important Features
  • Easy of use.
  • Speed of operation.
  • Supports countless Hashes.
  • Runs on numerous Operating Systems.
  • Is Open source, so free effectively to use.
  • Excellent at auto detecting Hashes.
  • Continues to develop.
Return on Investment
  • Helped us achieve initial Password Auditor goals and targets.
  • Simple and cheap to deploy, so have saved greatly compared to paid for products.
Alternatives Considered
'John the Ripper' being open source was free to use, whereas the others had to be paid for. It was very simple to install and runs against many hundreds of hashes and crypts. It is always developing thanks to large communities on GitHub.
Return to navigation