Archive | Password Cracking

Advertisements


26 January 2016 | 3,777 views

RWMC – Retrieve Windows Credentials With PowerShell

RWMC is a Windows PowerShell script written as a proof of concept to Retrieve Windows Credentials using only PowerShell and CDB command-line options (Windows Debuggers). It allows to retrieve credentials from Windows 2003 to 2012 and Windows 10 (It was tested on 2003, 2008r2, 2012, 2012r2 and Windows 7 – 32 and 64 bits, Windows […]

Continue Reading


21 January 2016 | 989 views

123456 Still The Most Common Password For 2015

So sadly, but also unsurprisingly ‘123456’ is still the most common password for 2015 (based on leaked password lists) the same as it was in years before, e.g. The 25 Worst Passwords Of 2013 – “password” Is Not #1. Way back in 2006, it clocked in at number 5 in a rather UK centric look […]

Continue Reading


29 December 2015 | 6,638 views

LaZagne – Password Recovery Tool For Windows & Linux

The LaZagne project is an open source password recovery tool used to retrieve passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases and so on). This tool has been developed for the purpose of finding these passwords for the most commonly-used software. At this moment, […]

Continue Reading


28 July 2015 | 6,229 views

Mimikatz – Gather Windows Credentials

Mimikatz is a tool to gather Windows credentials, basically a swiss-army knife of Windows credential gathering that bundles together many of the most useful tasks that you would perform on a Windows machine you have SYSTEM privileges on. It supports both Windows 32-bit and 64-bit and allows you to gather various credential types. Techniques such […]

Continue Reading


11 July 2015 | 4,614 views

Passgen – Random Character Generator For WPA/WPA2 Key Cracking

Passgen is an simple Python alternative for the random character generator Crunch which attempts to solve cracking WPA/WPA2 keys by randomizing the output as opposed to generating a list like so (aaaaaaaa, aaaaaaab, aaaaaac, etc). Example usage with aircrack-ng:

Some other options are: The Associative Word List Generator (AWLG) – Wordlists for Password Cracking […]

Continue Reading


18 June 2015 | 4,799 views

Apple’s Password Storing Keychain Cracked on iOS & OS X

And another password shocker, a few days after ‘cloud’ password service LastPass was pretty seriously hacked (yah if you’re using it, change your master password) critical 0-day flaws in Apple’s password storing keychain have been exposed. Which is kinda funny, as after the LastPass hack I saw some people espousing the usage of Apple’s keychain […]

Continue Reading


09 June 2015 | 3,552 views

Patator – Multi-threaded Service & URL Brute Forcing Tool

Patator is an extremely flexible, module, multi-threaded, multi-purpose service & URL brute forcing tool written in Python that can be used in many ways. Basically the author got tired of using Medusa, Hydra, ncrack, metasploit auxiliary modules, nmap NSE scripts and the like because: They either do not work or are not reliable (got me […]

Continue Reading


28 April 2015 | 4,449 views

CeWL v5.1 – Password Cracking Custom Word List Generator

CeWL is a Custom Word List generator which spiders a given site to create a word list of all words it finds on that site. It can also grab email addresses and usernames found in the HTML and in some document types including Office and PDF. Useful for targeted penetration testing which involves brute force […]

Continue Reading


09 March 2015 | 1,796 views

MessenPass – Recover MSN, Yahoo Messenger, ICQ, Trillian Passwords

MessenPass is a password recovery tool that reveals the passwords of the many popular Instant Messaging applications. MessenPass can only be used to recover the passwords for the current logged-on user on your local computer, and it only works if you chose the remember your password in one of the above programs. You cannot use […]

Continue Reading


17 February 2015 | 8,452 views

Windows Credentials Editor (WCE) – List, Add & Change Logon Sessions

Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets). This tool can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.), obtain Kerberos […]

Continue Reading


Advertisements