As a security consultant, job functions include Penetration Testing and Vulnerability Assessments. The aim of these types of engagements is to demonstrate risk to the customer. One of the steps involved in demonstrating risk is password auditing (“cracking”) in order to assess the strength and quality of passwords in use in the environment. On a […]
Password Cracking
Medusa Fast Parallel Password Cracker 1.3 Released
[ad] Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application: Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords […]
Wyd – Automated Password Profiling Tool
Wyd is a neat tool I found recently for Password Profiling. In current IT security environments, files and services are often password protected. In certain situation it is required to get access to files and/or data even when they are protected and the password is unknown. wyd.pl was born out of those two of situations: […]
Most Damaging Computer Attacks Rely on Stolen Logins
[ad] A sterling case for two factor authentication if I ever saw one. The rule is use two of the 3 methods of authentication, if possible use all 3. What you have (A USB key or Token) What you are (Biometrics – Fingerprint or Iris scan) What you know (A password or passphrase) More than […]
Brutus Password Cracker – Download brutus-aet2.zip AET2
If you don’t know, Brutus Password Cracker is one of the fastest, most flexible remote password crackers you can get your hands on – it’s also free to download Brutus. It is available for Windows 9x, NT and 2000, there is no UN*X version available although it is a possibility at some point in the […]