top of page

Effective Password Cracking by BCS Group

Date: April 13 & 14 2023
On-Site (In Person)
2 Day

Training Abstract

Cracking passwords is a critical skill for today's information security professionals. With the increasing amount of sensitive information and systems relying on passwords, protecting against unauthorized access is more important than ever. Whether you are looking to crack passwords to gain access to systems, or auditing systems for weak passwords to make them more secure – you will gain a deeper understanding of what various common hashing algorithms are, and how to effectively crack passwords using those hashing algorithms. By the end of this training, you will have a solid foundation of password cracking techniques and be equipped with the knowledge to use password cracking for offence and defence. We will cover obtaining hashes from common systems, creating powerful wordlists and rules (and why you need them), the tools used to crack hashes and advanced techniques. This training will give you the skills you need to be more effective and have a higher hit rate in the passwords you crack.


​(P) Indicates that you will perform practical steps along with the instructor on your own

Password Cracking Overview

  • About Hashes
    o Why do we use hashes?
    o Secure password storage – the right and the wrong way.
    o Common hashing algorithms and how they work.

  • Password Cracking Hardware
    o GPU vs CPU
    o Setting up a cracking environment
    o Tools and how to configure them
    o Common pitfalls in choosing your password cracking system

  • The Tools
    o Overview of Hashcat
    o Overview of John
    o Other tools.

Obtaining Hashes

  • ​Windows AD/Domains
    o Obtaining passwords from domain controllers (assumes compromise)
       - NTLM

  • Other Systems and Networks
    o Obtaining passwords on the network
       - NetNTLMv(1/2)
       - DCC
       - Others
    o Obtaining passwords from applications/systems
       - PHPass/Wordpress/Joomla
       - SHA-512 (various salts)
       - Cisco
       - Wi-Fi Hashes (WPA2)
       - PDF Documents
       - MySQL and MSSQL

Password Cracking Techniques

  • Brute-Force Attacks – Why, When?

  • Rules
    o What are rules
    o Effective use of rules
    o Customizing rules

  • Wordlists
    o What makes effective wordlists – Why bigger is not always better
    o Pitfalls in wordlists
    o Wordlist management tools

  • Masks
    o What are masks?
    o When to use masks?

  • Combining for success
    o Using wordlists with rules
    o Using wordlists with masks
    o Multi-layered attacks with multiple tools
    o Re-using cracked passwords

All About Hashcat

  • A history of the tool

  • Supported hash types (P)

  • Basic functionality (P)

  • Advanced functionality (P)

  • $[HEX]-what? (P)

  • Other tools for advanced attacks

  • Using hashcat with all Password Cracking Techniques (P)

  • Hashcat Brain – what and why?

*** Hands-on Practice 1*** (P)

  • Cracking passwords using what you’ve learnt

  • Scoring and explanation of the exercise.

Cracking Passwords in Foreign Languages

  • Key concepts of cracking other languages

  • Building foreign-language wordlists with online tools
    o Arabic
    o Russian
    o Chinese
    o French
    o Emoji

  • Brute-forcing foreign characters

  • Pitfalls and key information about cracking other languages

  • Generating sentences and passphrases using n-grams (P)

  • Training predictive models for effective password phrase wordlists (and passwords)

  • Creating complex passphrase wordlists using AI (ChatGPT)

Advanced Cracking - Emojis

  • Emojis and passwords

  • Creating Emoji Wordlists

  • Creating Emoji Wordlists using intent (From English)

Less Common (but just as important) Wordlist Sources

  • How to build wordlists for:
    o Credit-card numbers
    o Social Security/Passports

    o Domain Names and DNS names

***Hands-On Practical 2*** (P)

  • Crack passwords from all hash types and sources we’ve discussed.

  • Scoring and analysis of the exercise.

  • Creating password strength reports/password audit tools.

Closing Comments

  • Closing information

  • Final Q&A

Who Should Attend

This course is designed to increase your skills in the core concepts of cracking and recovering passwords either once you have obtained hashes through performing attacks on systems, (as a red-teamer, penetration tester etc.) or through an audit of systems by obtaining the hashed passwords using authorised methods (blue-team, auditor or someone assessing passwords from their own systems). Some knowledge of the Linux operating system will be advantageous.

What You Need

  • A laptop running Windows or Linux (preferred) with an onboard GPU*

  • A laptop running Windows or Linux (preferred) that can SSH to our student labs in

place of using your own onboard GPU.
*Note that running password cracking on an onboard laptop/notebook GPU may cause excessive heat and over-use on the device. If you are concerned about damage, we suggest using our student lab environment.

Trainer Bios


Dimitri Fousekis

CTO, BCS Group

Speaker Bio:

Dimitri (who holds OSCP, CPTE, CISA, CISSP, CSSLP) is currently the Chief Technology Officer at BCS Group and its subsidiary Bitcrack Cyber Security. Having over 17 years’ experience in cybersecurity, he has a keen interest in passwords and password cracking, deceptive security, and web application hacking. Dimitri has been a speaker at multiple conferences including ZACon, PasswordsCon Cambridge University, PasswordsCon Las Vegas, BSides Las Vegas and BSides Cape Town amongst others. In his current role, Dimitri oversees technology research, the assessment (red-team) security team and the security operations center.

Ethan Crane

Red-Team Lead, BCS Group

Speaker Bio:

Ethan (who holds eJPT, Pentest+, eMAPT) is an information security consultant at Bitcrack Cyber Security in South Africa. He has a keen interest in mobile and web application hacking and finding vulnerabilities in production systems. His primary focus is on high value transactional systems. He also enjoys password cracking and finding new ways to approach the cracking of passwords.

unnamed (1).png
    bottom of page