Proactive Security Approach - Data Breach Monitoring

Proactive Security Approach - Data Breach Monitoring

Every day, an absurd amount of new data breaches appear online. On top of that, old breaches still circulate, often easily accessible – both for free and for a fee – and they can pose a real threat to your company. Attacks using what are known as “creds” (from credentials), i.e., login:password pair…
Czytaj więcej →
120 minutes that can save your company – a cybersecurity awareness training

120 minutes that can save your company – a cybersecurity awareness training

No big budget needed to significantly improve security. All it takes is two hours. Two hours that won’t change the world, but could protect your company from severe consequences. And this is not theory. This is practice, evident in every incident that could have been avoided. And there are plenty of…
Czytaj więcej →
Introduction to Password Cracking #2 Wordlists

Introduction to Password Cracking #2 Wordlists

Introduction to password cracking #2 - wordlists Intro In the previous post, we learned about one of the attack methods that hashcat offers - the dictionary attack. To perform such attack we need dictionary - a good dictionary, Let's be clear we need solid and (not always) big dictionary to perform …
Czytaj więcej →
Introduction to Password Cracking #3 Rules

Introduction to Password Cracking #3 Rules

Introduction to password cracking #3 - Cracking with rules Intro When you have used and try all your dictionaries and the passwords still does not give up... then you need to extend your attack ( assuming the dictionary is prima sort ). The ways that hashcat offers are several. There is the diction…
Czytaj więcej →
Introduction to Password Cracking #1 Intro

Introduction to Password Cracking #1 Intro

Intro So you want to be a password cracker, huh? Let us show you how it's done. In this post you will learn how to crack passwords with hashcat dictionary attack. First things first. A few things are required for Hashcat to begin cracking in dictionary mode: Hash(es) to crack Hash id for given has…
Czytaj więcej →
Sacrificial session

Sacrificial session

How many times you have run into the problem of replacing the current user Kerberos TGT? Creating the sacrificial process is the way to prevent that from happening. If the current user TGT will be replaced, the authentication to the domain resources will be done using the new TGT. To get back to th…
Czytaj więcej →
CrackMeIFYouCan 2022 DEFCON Writeup

CrackMeIFYouCan 2022 DEFCON Writeup

TL;DR What's that? CrackMeIfYouCan on DEFCON is one of the most popular hash cracking contests in the wild. Best teams in the world compete on a 48h challenge to crack as many hashes as possible. The are 2 classes of competitiors - Pro and Street. We played under AlphaPwners team, and finished on 5t…
Czytaj więcej →
Hash function

Hash function

Currently in Polish only :/
Czytaj więcej →
PBKDF i bcrypt

PBKDF i bcrypt

Currently in Polish only :/
Czytaj więcej →
Bcrypt Cocktail and Hash Extraction

Bcrypt Cocktail and Hash Extraction

Currently only in Polish ;/
Czytaj więcej →