Ctrlk

Dict Guess List Mangle

Wordlists

Cewl

Crawl a website to create your own dictionary: Cewl.rb

Lockout

Check your lockout settings before you start making password guesses!

> net accounts /domain

Invalid Username - Hint

Try to login
Notice if Username gives different error "Invalid Username"
We can brute-force this based on error.
Go directly to Hydra

Guessing

Crackingstation

npk - https://github.com/Coalfire-Research/npk
Crackingstation
Cloud: Cpu intense EC2 offer 1 compute unit .10/hr linux
GPU w/33 compute units = 2 nvidia gpu 2.00/hr

Trimming

Cleanup

pw-inspector (hydra)

Hashcat Mangling

PreviousCracking NextGet Hashes

Last updated 2 years ago

Was this helpful?

wc -l dict
sort dict | uniq | wc -l
cat dict | sort -u | uniq > wordlist2.txt

grep -i nibble /opt/.../rockyou.txt > mydict.txt

grep -i 'user\|pass\|host\|name' mess.txt
grep -i -E 'user|pass|host|name' mess.txt

pw-inspector  ..help

-m 6   ..Min 6 digits
-M 12  ..Max 12 digits
-n     ..numbers
-u     ..upper
-l     ..lower
-p     ..non-alphnum
-c 2   ..Combination of 2

cat dict | pw-inspector -n
cat dict | pw-inspector -n > /tmp/newdict
cat dict | pw-inspector -m 6 -M 12 -n -u -l -c 2