OnDemand + GIAC = Relevant Skills, Proven Ability


To attend this webcast, login to your SANS Account or create your Account.

Password Cracking: Beyond the Basics

  • Thursday, September 13th, 2018 at 3:30 PM EDT (19:30:00 UTC)
  • Jon Gorenflo
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!


Password cracking can be as easy as "john hashes.txt", but what if that doesn't crack the one password you need? Which password cracker should you use, John the Ripper or Hashcat? Have you customized your word list to the target?  Is the wordlist optimized for your attack type? What if youre password lists are in ASCII, and the password your trying to crack is in unicode? If you have a GPU, are you fully utilizing it? If you dont have a GPU, are you using maximizing every core in your processor?  Listen in to learn how to create better password lists, pick the right cracking tools, get the most your hardware, and learn about some lesser discussed tools that can increase your chances of success in a high stakes password cracking session.

Jon Gorenflo is a SANS instructor and teaches SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC560: Network Penetration Testing and Ethical Hacking.

Speaker Bio

Jon Gorenflo

Jon is the Founder and Principle Consultant of Fundamental Security, a small consulting firm focused on penetration testing, incident response, and strategic security consulting.He has worked in Information Technology since 2004, and has focused on Information Security since 2006. Most recently, he was the Application Security Testing manager a Fortune 500 Financial Institution, and a Security Architect and Penetration Tester for a Fortune 500 retailer. In all, he has performed security engineering, security architecture, incident response, and penetration testing in the government, retail, and finance.

Passionate about security and leadership, he loves trying to ignite those passions in other people. Jon is proud to have served in the Army Reserve for 11 years, where he became a Warrant Officer and served one tour in Afghanistan. He currently maintains the GCIH, GPEN, GAWN, GMOB, CISSP, and Security+.

"I really appreciated Jon's way of teaching, insight and passion. It kept me interested each and every day and I kept looking forward to the next day. Keep up the excellent work!" Homer Rodriguez, Idaho Department of Finance

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.