Plundering and pillaging password and passphrase plains for profit (PG)

No ratings

Presented at STEELCON 2025 by

Will Hunt

In this talk we’ll look beyond the basics of password cracking and arm you with further attacks when you feel you’re out of options. We’ll look at multiple paths for cracking delimited passphrases and review when you’d want to use these attacks and why. Target-specific Markov tables will be shown to illustrate how you could be missing out on elusive plains without even realising it, as well as getting the best bang for your buck out of your rule-based attacks by identifying non-efficient operations. After covering some password placebos in data breaches and looking at foreign language and transliterated password attacks, we’ll wrap up with a tool to help you automate the initial heavy lifting of your attack cycles.