CySA+
  • CySA+ CS0-002 Exam Objectives
  • Threat Intelligence Cycle
  • Intelligence Sources
  • Security Intelligence Sharing
  • Threat Classification and Threat Actors
  • Threat Research and Indicators of Compromise
  • Attack Frameworks and The Cyber Kill Chain
  • Defining Threat Modeling and Threat Hunting
  • Vulnerability Identification and Validation
  • Vulnerability Scan Results and CVSS Scores
  • Nmap and Enumeration
  • Security Controls
  • Defense in Depth Security Baselines
  • Security Trend Analysis
  • Remediation Issues
  • Asset, Change, and Configuration Management
  • Software Development Lifecycle & Development Models
  • Software Assessment and Code Review
  • Mitigating Attack Types Part 1
  • Mitigating Attack Types Part 2
  • Mitigating Attack Types Part 3
  • Password Cracking and Hashing
  • Privilege Escalation & Man-in-the-Middle
  • Network Based IoCs
  • Host Based IoCs
  • Network Architecture and Segmentation
  • Network Traffic, Packet, and Protocol Analysis
  • Pentesting and Active Defense
  • Firewalls
  • URL Analysis & DNS in Malware
  • Network Access Control and Port Security
  • Identity and Access Management (IAM)
  • Web Application Scanners
  • SSL/TLS Digital Certificate Management
  • Mobile Threats
  • Email Threats and Mitigation
  • Data Loss Prevention (DLP)
  • Endpoint Security and Behavior Analysis
  • Hardware Assurance
  • Blackholes and Sinkholes
  • IoT, Embedded Systems & ICS/SCADA Threats
  • Log Analysis & Continuous Security Monitoring
  • SIEM and Event Correlation
  • Malware Analysis
  • Cloud Models and Service Threats
  • Cloud Automation and Other Cloud Threats
  • VDI, Containers, and Microservices
  • CI/CD, IaC, DevOps
  • AI and Machine Learning
  • Digital Forensics
  • Technical Controls for Securing Data
  • Non-Technical Controls for Securing Data
  • Security Policies and Procedures
  • Continuity Planning and Risk Assessment
  • Incident Response Phases and Communication
Powered by GitBook
On this page

Password Cracking and Hashing

  • Password attacks

    • How can you break a password?

      • Brute-force login (online attack, unlikely!)

      • Hack the server, steal passwords (still unlikely!)

      • Hack the server, steal and crack the hashes (offline attack, more likely!)

      • Social engineering (flawless!)

    • Brute force – try as many passwords as you can

      • Medusa

      • Hydra

      • JohnTheRipper

      • Hashcat

      • Charsets vs dictionary vs hybrid

      • Takes a huge amount of time, especially with complex passwords

      • Easily detected (ban, backoff, lockout policies)

    • Password hashes

      • A one way cryptographic function.

      • A summary of the contents of a piece of text

      • Irreversible

      • Collision = 2 inputs generating the same hash

      • Birthday paradox

        • How many people do you need in a room for a 50% chance of 2 of them to share the same birthday? 23. 30 people is 70%. 70 people its 99.9%

    • Rainbow tables

      • Files with precomputed hashes.

      • Search instead of compute

      • Huge. Gigabytes and terrabytes of storage.

      • Download or generate on our own.

      • Mitigation?

        • Long passwords

        • Password salting. Password + random salt.

    • Horizontal Brute-Force

      • Exploits password reuse

      • Two types:

        • Password spraying: choose one password, try different usernames

        • Credential stuffing: Try the same user/pass combination on multiple services.

PreviousMitigating Attack Types Part 3NextPrivilege Escalation & Man-in-the-Middle

Last updated 2 years ago