Password cracking can be as easy as \john hashes.txt", but what if that doesn't crack the one password you need? 'Which password cracker should you use, John the Ripper or Hashcat? 'Have you customized your word list to the target? Is the wordlist optimized for your attack type? 'What if you 're password lists are in ASCII, and the password your trying to crack is in unicode? If you have a GPU, are you fully utilizing it? 'If you don't have a GPU, 'are you using maximizing every core in your processor? Listen in to learn how to create better password lists, pick the right cracking tools, get the most your hardware, and learn about some lesser discussed tools that can increase your chances of success in a high stakes password cracking session.
Jon Gorenflo is a SANS instructor and teaches SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC560: Network Penetration Testing and Ethical Hacking.