THE

SPRAWL

  •  
  •  
  •  
  • journalreleases

    08 aug
    2013
    smarter password cracking with pack

    Last week I gave a talk during the Password '13 security conference on various password analysis and pattern detection attacks using the Password Analysis and Cracking Kit. You can download slides for the presentation here.

    The conference itself was an absolute blast with great organization by Per Thorsheim and Jeremi Gosney. The conference gathered a fascinating crowd which spawned hours of great discussions on password security, cryptography, politics and everything in between. However, I especially enjoyed meeting in real life with many members of Team Hashcat.

    Team Hashcat had another great run at the CMIYC during Defcon where we placed 2nd. As always I ended up spending most of the conference in the hotel room or the chill room at Defcon, but that's part of the fun doing contests. Russia-based team Inside-Pro placed first by scoring more points on harder hashes, молодцы ребята!

    Today, I have finally finished writing documentation for the many changes and adding the final polish to the next release of PACK 0.0.4. There should be noticeable performance bumps for all of the tools in the toolkit especially Rulegen which is now finally using multiple CPU cores. You should also try out the completely rewritten 'maskgen' which is now capable of generating highly optimized mask collections for use with Hashcat suite of tools (see presentation slides above for more details). Enjoy and most importantly have fun with password cracking! Read more.

    11 sep
    2011
    sprawl 5.0

    The Sprawl project has undergone another major overhaul. The new site is designed to enhance usability and security by using the Django framework as a foundation. Read more.

    26 apr
    2011
    password analysis and cracking kit

    A product of my research into password cracking methods, PACK (Password Analysis and Cracking Kit) is a collection of several utilities to assist in statistical password analysis and generation of cracking rule sets. Read more.

    16 jan
    2010
    2600 magazine article

    My article on the Tor control protocol was published in the Winter 2009-2010 issue of the 2600 Magazine. Read more.

    π
    ///\oo/\\\