| https://twitter.com/Stealthsploit | |
| In.security | https://In.security |
| Discord | https://discord.gg/aCgUbE8ePD |
We're back and ready to rock at the Black Hat Masterclass in May for a 1-day virtual Insider Threat training and then at #BHUSA in-person with the 2026 editions of both our Hacking Enterprises and Defending Enterprises trainings.
Join us to attack, defend, or both!
CsP’s @Waffle_Real just released a new tool called hashpipe, and it solves a problem many of us run into with large potfiles: messy, misidentified hash:password entries.
hashpipe automatically validates founds by recomputing them, identifying the correct algorithm, and outputting verified results in an mdxfind format.
If you maintain large cracking datasets or potfiles, this is a great way to verify and clean them up.
Details:
https://forum.hashpwn.net/post/11119
GitHub repo:
https://github.com/Cynosureprime/hashpipe
#hashcracking #hashcat #jtr #hashpipe #CsP #cynosureprime #potfile #hashpwn
==============================
! NEW HASHCRACKY EVENT !
EVENT START: 2/20/2026
EVENT END: 2/24/2026
GOOD LUCK, ALL PLAYERS!
https://hashcracky.com/game/8736f4de-457c-4925-bfa1-c091285d7abb
==============================
It's that time of the year again! Brand new year, brand new hashes to crack. Join us as we kick off the 2026 Hashcracky competitive season with a new event. Bring a slice of cake and get ready to celebrate another year of hash-cracking adventures. — Starts: 2026-02-20T20:00:00Z • Ends: 2026-0...
This is incredible. An MTV simulator with almost 30,000 videos, organized by decade along with special sections for Headbanger's Ball and Yo! MTV Raps.
Our first 2026 training is now taking registrations!
Join us for Hacking Enterprises - 2026 Red Edition at Black Hat Asia in Singapore on 21-22 April.
Password cracking enthusiasts, get yourself on @Hashcracky for ongoing CTFs. There's a current event containing hash lists for all the 2025 events with plenty of differing themed challenges.
==============================
! NEW HASHCRACKY EVENT !
EVENT START: 12/5/2025
EVENT END: 12/8/2025
GOOD LUCK, ALL PLAYERS!
https://hashcracky.com/game/c047c831-c9df-4b4c-936a-d23615c50d4b
==============================
A quick run down on some of the attacks and wordlist augmentation options in Hashcatalyst https://in.security/2025/11/11/hashcatalyst-automating-password-cracking
Let’s set the scene… You’re mid-way through an internal infrastructure assessment. One half of you is wondering why the client’s SOC hadn’t sufficiently detected your pass-the-hash attacks and the other half doesn’t care because you’ve leveraged a misconfigured AD CS certificate to get domain admin. After DCSync’ing your way to a few thousand juicy NT […]
Not long to go until @brucon where we'll be running our 3-day Hacking Enterprises - 2025 Red Edition training and we can't wait to meet our students.
There's still some places left, but also hope to see you at the conference afterwards for talks, games, and possibly even a beer 😉
MDXfind 1.130 is released. Waffle's been busy!
Since library inclusion was significantly altered (to reduce dependencies), and mdsplit was change and rolled across all architectures after a long hiatus, testing is requested!
https://www.techsolvency.com/pub/bin/mdxfind/
Changelog:
mdxfind 1.130 (2025-08-19)
All libraries now included in all binaries (to remove dependencies).
Separate '.static' builds have been deprecated and retired.
Symlinks are provided for now, but will be removed in the future.
mdsplit maximum plaintext length increased to 80960 bytes.
Restored mention of the "just show usage" flag (-?).
This flag has been present since 1.115 but accidentally unlisted.
Explicitly made -h (without params) the way to list hash types.
Now also explicitly listed in usage as:
-h Use regex to select hash types, comma separated. OK to use multiple times
New flags:
-V Display version
New hash types: none.
Distribution page expanded significantly; feedback needed.
Cyclone
Hashcracky
Robert McNees
Royce Williams