Password cracking Junior - 1 day - 1500€
Description
Passwords still constitute an essential component of information system security today. During intrusions, different types of password hashes are recovered and being able to break them in a short time can prove decisive.
This training aims at presenting the techniques and tools for breaking password hashes as quickly as possible. A history of password storage developments will also be presented, to highlight bad examples and mistakes made in popular projects.
-
1 day (6 hours)
-
Password cracking optimization techniques
-
Datasets provided
Objectives
- Understand the main password cracking techniques
- Optimize password attack strategies
- Perform practical exercises on real-world datasets
Public and prerequisites
This training is suitable for people having no prior knowledge of password cracking. It is mainly aimed at pentesters, system administrators, and developers.
-
Pentesters
-
System administrators
-
Developers
Content
Password storage and generation theory: storage type, hash functions, function attacks, candidate generation, computational technologies. History of algorithms. Series of practical exercises: identification of algorithms in source code, getting started with John the Ripper (candidate generation modes, development of derivation rules and candidate filters based on a password policy, dynamic formats, implementation or modification of a native format), getting started with Hashcat (advanced candidate generation with prince combination, siga genetic mutations and rule generation).
All the details regarding how the training is conducted are described on this page.