Best Offers of the Year Ends Tomorrow - Don't Miss Out! Get an iPad Air with Smart Keyboard or Pixel 4a Smartphone!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Password Cracking: Beyond the Basics

  • Thursday, September 13, 2018 at 3:30 PM EDT (2018-09-13 19:30:00 UTC)
  • Jon Gorenflo

You can now attend the webcast using your mobile device!



Password cracking can be as easy as "john hashes.txt", but what if that doesn't crack the one password you need? Which password cracker should you use, John the Ripper or Hashcat? Have you customized your word list to the target?  Is the wordlist optimized for your attack type? What if youre password lists are in ASCII, and the password your trying to crack is in unicode? If you have a GPU, are you fully utilizing it? If you dont have a GPU, are you using maximizing every core in your processor?  Listen in to learn how to create better password lists, pick the right cracking tools, get the most your hardware, and learn about some lesser discussed tools that can increase your chances of success in a high stakes password cracking session.

Jon Gorenflo is a SANS instructor and teaches SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC560: Network Penetration Testing and Ethical Hacking.

Speaker Bio

Jon Gorenflo

Jon is the Founder and Principle Consultant of Fundamental Security, a small consulting firm focused on penetration testing, incident response, and strategic security consulting.He has worked in Information Technology since 2004, and has focused on Information Security since 2006. Most recently, he was the Application Security Testing manager a Fortune 500 Financial Institution, and a Security Architect and Penetration Tester for a Fortune 500 retailer. In all, he has performed security engineering, security architecture, incident response, and penetration testing in the government, retail, and finance.

Passionate about security and leadership, he loves trying to ignite those passions in other people. Jon is proud to have served in the Army Reserve for 11 years, where he became a Warrant Officer and served one tour in Afghanistan. He currently maintains the GCIH, GPEN, GAWN, GMOB, CISSP, and Security+.

"I really appreciated Jon's way of teaching, insight and passion. It kept me interested each and every day and I kept looking forward to the next day. Keep up the excellent work!" Homer Rodriguez, Idaho Department of Finance

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.