Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.
Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more. Protocols supported include RDP, SSH, HTTP(s), SMB, POP3(s), VNC, FTP, SIP, Redis, PostgreSQL, MySQL and Telnet.
Be sure to read the Ncrack man page (https://nmap.org/ncrack/man.html) to fully understand Ncrack usage. If you are a developer and want to write your own Ncrack modules, studying the Ncrack Developer’s Guide (https://nmap.org/ncrack/devguide.html) would be the first step.