passwords
Collecting Contacts from zoominfo.com
This post will specifically focus on targeting client contact collection from a site we have found to be very useful (zoominfo.com) and will describe some of the hurdles we needed to overcome to write automation around site scraping.
Get-AzurePasswords: A Tool for Dumping Credentials from Azure Subscriptions
Get-AzurePasswords.ps1 is a PowerShell script for automating the credential gathering process for Microsoft Azure subscriptions.
Targeting Passwords for Managed and Federated Microsoft Accounts
This blog dives into the two different ways a Microsoft domain can support cloud authentication; managed and federated.
Decrypting WebLogic Passwords
The following blog walks through part of a recent penetration test and the the decryption process for WebLogic passwords that came out of it.
NetSPI's Top Cracked Passwords for 2014
This blog focuses on the Windows domain hashes (LM/NTLM) that we’ve cracked this year, these statistics also translate into the other hashes that we run into (MD5, NetNTLM, etc.) during penetration tests.
GPU Password Cracking – Building a Better Methodology
In an attempt to speed up our password cracking process, we have run a number of tests to better match our guesses with the passwords that are being used by our clients. This is by no means a definitive cracking methodology, as it will probably change next month, but here's a look at what worked for us on a recent cracking test.