Password Attacks: Basic Concepts - Paiet/SEC-335 GitHub Wiki

Objectives:

• Define password cracking
• List and define the common types of password cracking attacks
• Define and describe the different processes for programmatically attacking the encrypted password
• Review the different non-technical password-stealing attacks

---

• Password Cracking
  • What is password cracking
  • Types of password attacks
    • Non-Electric/non-Technical
      • Techniques
        • Shoulder surfing
        • Social engineering
        • dumpster diving
    • Online: ACTIVE
      • Techniques
        • Dictionary
        • Brute-Force
        • Rule-Based
        • Malware/Spyware
        • Guessing/Defaults
        • PTH
        • Internal Monologue
        • LLMNR
      • Tools
        • Hydra
        • Ncrack
        • pth-toolkit
        • Responder
    • Online: PASSIVE
      • Techniques
        • Packet Sniffing
        • MitM
        • Replay
      • Tools
        • Ettercap
        • Bettercap
        • Wireshark
    • Offline
      • Techniques
        • Dictionary
        • Brute-force
        • Rule-Based
        • Rainbow Tables
        • Distributed Network
      • Tools
        • John the Ripper
        • OCL-Hashcat
        • Ophcrack
        • Loftcrack
        • Cain-and-Able