brute force attacking

I want to know why dictionary attack is not able to perfom its function successfuly? I am talking about online password cracking tools. while checking these tools they always give false password or everytime a diffrent password, In some cases if I put true password in the wordlist still it wont successful.

Please guide me what security tools web servers are being used and how we can find vulnerability?
What? Is this about hacking? I can't even say for sure.
yeah it is. not at all related to hashcat or hash cracking.