757-216-3656 | Monday–Friday 8:30 AM – 4:30 PM | info@itdojo.com
www.itdojo.com
757-216-3656
info@itdojo.com
Advanced Password Analysis & Recovery
Duration: 5 Days  |  Instructor-Led · Live Remote Online or On-Site

Advanced Password Analysis & Recovery

Course Duration

5 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

No prerequisites required.

Course Description

This course equips students with the knowledge and skills needed to perform password auditing using tools like Hashcat and John the Ripper. Students gain a thorough understanding of password cracking techniques, methodologies for different hash types, and hardware optimization for password recovery. Special focus is placed on the application of advanced attack modes using Hashcat and John the Ripper, ensuring students can audit standard and complex password scenarios in real-world environments.

Learning Objectives

  • Understand password storage mechanisms, hash types, and common weaknesses in password-based authentication
  • Configure and operate Hashcat and John the Ripper for a variety of password auditing scenarios
  • Apply wordlist, brute-force, mask, rule-based, and combination attack modes effectively
  • Optimize hardware configurations (CPU and GPU) for high-performance password recovery
  • Analyze and crack password hashes from common operating systems and applications
  • Conduct sanctioned password audits in compliance with applicable policies and legal requirements

Course Outline

Introduction to Password Security
  • Password storage and hashing fundamentals
  • Common hash types (MD5, SHA, NTLM, bcrypt, etc.)
  • Why passwords fail and how auditors find weaknesses
Hashcat Fundamentals
  • Installation, configuration, and hardware optimization
  • Attack modes: straight, combination, brute-force, mask, hybrid
  • Rule-based attacks and custom rule creation
  • Wordlists and candidate generation strategies
John the Ripper Fundamentals
  • Installation and configuration
  • Format detection and hash extraction
  • Incremental, wordlist, and rules-based cracking
Advanced Attack Techniques
  • Markov chains and PRINCE attacks
  • Cracking complex and enterprise password policies
  • Distributed cracking and cluster setup
Real-World Scenarios and Lab Exercises
  • Extracting and cracking hashes from Windows, Linux, and applications
  • Auditing Active Directory password hashes
  • Reporting and remediation recommendations
Request Info & Pricing

Get details on scheduling, pricing, and delivery options for this course.

757-216-3656
Upcoming Course Dates

Classes are forming now, contact us about upcoming dates.

Can't find what you're looking for?

Let us know! Chances are we have access to the training that you need.

Have questions or need more information?

Contact us today at:

757-216-3656 info@itdojo.com
About Our Instructors

All IT Dojo courses are taught by certified, active industry practitioners.

Meet Our Instructors

For scheduling, pricing, and enrollment information, please contact IT Dojo:

Phone: 757-216-3656    Email: info@itdojo.com    Web: www.itdojo.com

IT Dojo, Inc. • 4176 South Plaza Trail, Suite 207 • Virginia Beach, VA 23452

Employer-sponsored training only. Serving Federal Government, DoD, and Corporate clients since 2003.

You May Also Be Interested In

Request Any Training
Get More Information

We cannot work with the general public. We only work with Government Agencies, Military, government contractors, and corporate clients.