# Install truecrack with Homebrew, Nix

Brute-force password cracker for TrueCrypt. Version 3.5 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:truecrack
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install truecrack
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#truecrack
```

  Evidence: nixpkgs package indexes: pkgs/by-name/tr/truecrack/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:truecrack
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/truecrack>
- **Version:** 3.5
- **Source summary:** Brute-force password cracker for TrueCrypt
- **Homepage:** <https://github.com/lvaccaro/truecrack>
- **Repository:** <https://github.com/lvaccaro/truecrack>
- **Upstream docs:** <https://github.com/lvaccaro/truecrack#readme>
- **License:** GPL-3.0-or-later
- **Source archive:** <https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/truecrack/truecrack_v35.tar.gz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- truecrack (cli)
- truecrack (alias)

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_big_sur, arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, big_sur, catalina, monterey, sonoma, ventura

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 3.5
- Local data: ok
- Upstream repository: https://github.com/lvaccaro/truecrack
- info: No package-manager update timestamp was available.
- info: No cached GitHub release or tag data was available.
## Project history and usage

TrueCrack is a GPLv3 brute-force password cracker for TrueCrypt volumes. The official README identifies version 3.6, Linux support, CUDA optimization, and both GPU and CPU execution.

### Project history

TrueCrack belongs to the older TrueCrypt-era password-recovery and forensic tooling niche. Its README says the software is based on TrueCrypt and supports PBKDF2 key derivation functions using RIPEMD160, SHA512, and Whirlpool, plus XTS mode with AES, Serpent, and Twofish.

The project is intentionally focused rather than broad: it handles file-hosted and partition/device-hosted TrueCrypt volumes, hidden volumes, backup headers, dictionary attacks, and generated alphabet attacks. The README's performance section compares CPU and NVIDIA GPU timings, reflecting the period when CUDA acceleration was a major differentiator for brute-force recovery tools.

### Adoption history

Reliable source-backed adoption evidence is thin beyond the official repository and package-manager presence. The Homebrew and Nix packages make the tool discoverable to security practitioners and collectors of legacy crypto/password tools, but the project itself documents a narrow, resource-heavy workflow and recommends a dedicated GPU board.

In package-manager catalogs, TrueCrack persists mostly as a specialized utility: useful when someone needs TrueCrypt-volume password recovery experiments, but not a general password-auditing framework.

### How it is used

The README documents dictionary attacks with `truecrack -t truecrypt_file -w passwords_file` and alphabet attacks with `truecrack -t truecrypt_file -c alphabet -m maxlength`, with options for key derivation function, encryption algorithm, backup headers, hidden volumes, restore points, and CUDA/CPU configuration.

Build and installation follow the classic Autotools path: `./configure`, `make`, and `sudo make install`, with configure options for CUDA debug mode, CPU-only mode, and CUDA path selection.

### Why package nerds care

TrueCrack is package-nerd-significant as a preserved C/CUDA security tool tied to the TrueCrypt ecosystem. It is the kind of package that matters less for daily use and more for keeping a historically important crypto-recovery workflow buildable from package managers.

Its formula is also a reminder that package collections include legacy forensic utilities whose upstream documentation is sparse but operationally specific.

### Timeline

- v3.6: The README identifies the project as TRUECRACK v3.6.
- TrueCrypt basis: README says the software is based on TrueCrypt and targets TrueCrypt volumes.
- Current README: documented usage includes dictionary attacks, generated alphabet attacks, GPU/CPU operation, hidden volumes, backup headers, and Autotools installation.

### Related projects

- TrueCrypt, CUDA, PBKDF2, RIPEMD160, SHA512, Whirlpool, AES, Serpent, Twofish

### Sources

- <https://github.com/lvaccaro/truecrack#readme>
- <https://github.com/lvaccaro/truecrack/blob/master/README>


## Security Notes

escape, surveillance, or offensive capability signal.

- **Geiger risk:** red / medium
- escape, surveillance, or offensive capability signal

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** truecrack
- **Version Scheme:** 0
- **Revision:** 0
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Nix - truecrack: normalized package name match | nixpkgs package indexes: pkgs/by-name/tr/truecrack/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [fcrackzip](https://www.automicvault.com/pkg/brew/fcrackzip/) - Shares av.db curated category or tags: brute-force, cli, password-recovery, security.
- [hashcat](https://www.automicvault.com/pkg/brew/hashcat/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [pdfcrack](https://www.automicvault.com/pkg/brew/pdfcrack/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [pdfrip](https://www.automicvault.com/pkg/brew/pdfrip/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [wirouter_keyrec](https://www.automicvault.com/pkg/brew/wirouter-keyrec/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [ophcrack](https://www.automicvault.com/pkg/brew/ophcrack/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [pixiewps](https://www.automicvault.com/pkg/brew/pixiewps/) - Shares av.db curated category or tags: brute-force, cli, security.
- [acme.sh](https://www.automicvault.com/pkg/brew/acme-sh/) - Shares av.db curated category or tags: cli, security.
- [hydra](https://www.automicvault.com/pkg/brew/hydra/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, cracker, password, security.

## Combined YAML source

View the package source record on GitHub. [combined/truecrack.yml](https://github.com/automic-vault/db/blob/main/combined/truecrack.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
