Lockpicker è un app open source per DE GNOME che consente di usare Hashcat in modo semplice e formativo su Linux. #Lockpicker #Hashcat #LinuxSecurity #GNOME #CyberTraining

https://www.linuxeasy.org/lockpicker-app-gnome-semplifica-recupero-password/?utm_source=mastodon&utm_medium=jetpack_social

Reset — прохождение сложной машины от Tryhackme

Годная машина на тему Windows AD, Kerberos. В начале разведки получаем доступ к гостевой шаре. Оттуда достаем файл с паролем, но не знаем от какой учетной записи. Проводим разведку юзеров, получаем список и находим 1 пользователя к которому подходит этот пароль. Далее проводим разведку с помощью BloodHound и по цепочке получаем доступ к нескольким аккаунтам у последнего есть права Unconstrained Delegation Privilege на доменный компьютер. С помощью механизма S4U2self, запрашиваем билет на имя администратора и захватываем компьютер.

https://habr.com/ru/articles/1041620/

#windows #reset #kerberos #bloodhound #impacket #hashcat #asrep_roasting #delegation #activedirectory #active_directory

New blog post:
I demo cracking SQL Server 2025 login passwords offline.
hashcat is currently the only viable tool for auditing SQL Server 2025 login passwords.

The results show how #PBKDF2 slows down brute-force attacks both inside and outside of SQL Server compared to the pre-2025 hashing algorithm.

Full methodology, benchmarks, and code included.
https://vladdba.com/2026/04/16/cracking-sql-server-2025-login-passwords-offline-with-hashcat/
#sqlserver #sqldba #microsoftsqlserver #hashcat #cybersecurity #infosec #sql

My Spring gift to the #SQLServer and #InfoSec communities: support for cracking SQL Server 2025's PBKDF2 hashing algorithm with hashcat.
Blog post coming this week.

https://github.com/hashcat/hashcat/pull/4667

#Hashcat #DBA #CyberSecurity #MSSQL #SQL #SQLServer

Hey, fellow hash crackers! What components do you use on your hash cracking rig(s)? Do tell!

https://forum.hashpwn.net/post/11837

#hashcracking #pc #linux #server #rig #infosec #hashcat #mdxfind #jtr #hashpwn

Congrats to HashMob for winning Crack the Con 2026!

1. #HashMob Lite
2. #PizzaPlannet
3. #hash_meltdown

https://forum.hashpwn.net/post/11819

#crackthecon #ctc #cyphercon #hashcat #hashpwn

Released pcfg-go — a full Go rewrite of pcfg_cracker with ~3× faster training, ~40× faster guessing, $HEX[] and multi-byte support, improved trainer parsing...

Full Details: https://forum.hashpwn.net/post/11277

#pcfg #hashcracking #trainer #guesser #wordlist #generator #hashcat #hashpwn

CsP’s @Waffle_Real just released a new tool called hashpipe, and it solves a problem many of us run into with large potfiles: messy, misidentified hash:password entries.

hashpipe automatically validates founds by recomputing them, identifying the correct algorithm, and outputting verified results in an mdxfind format.

If you maintain large cracking datasets or potfiles, this is a great way to verify and clean them up.

Details:
https://forum.hashpwn.net/post/11119

GitHub repo:
https://github.com/Cynosureprime/hashpipe

#hashcracking #hashcat #jtr #hashpipe #CsP #cynosureprime #potfile #hashpwn