This page looks best with JavaScript enabled

Password attacks

 ·  ☕ 1 min read  ·  ✍️ Ben Mason

/usr/share/wordlists – consolidated set of word lists in Kali
/usr/share/seclists – consolidated set of word lists in Kali

crunch – generates custom word list using predefined set of characters

online bruteforcing

Hydra – SNMP / ssh / rdp
Medusa – HTTP
Ncrack – RDP

offline bruteforce

john

http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats

hashcat

hashcat -m ### --force --username hashfile.txt wordlist.txt
--username – used if the file format is USERNAME:HASH
--force – if needed

https://hashcat.net/wiki/doku.php?id=example_hashes

Share on
Ben Mason
WRITTEN BY
Ben Mason
Computer Security – Reverse Engineering – Malware – Electronics Hobbyist – Sometimes Photographer – Spaceflight – Cat Enthusiast

See Also