๐ฏ What You'll Learn
- Capture credentials from hosts and traffic
- Crack hashes efficiently
- Run safe password spraying
- Recommend strong defences
About This Workbook
Passwords are still the primary authentication method, and weak policies make them a reliable target. This workbook covers the full lifecycle of password attacks alongside defensive guidance.
Chapter 1 โ Where Credentials Live
Finding secrets on systems and networks.
- Files and configs
- Memory and stores
- Network capture
Chapter 2 โ Cracking
Recovering plaintext from hashes.
- Hash types
- Wordlists and rules
- Hardware considerations
Chapter 3 โ Spraying & Reuse
Scaling credential attacks across an org.
- Spraying safely
- Reuse and pivoting
- Lockout awareness
Chapter 4 โ Defence
How organisations should protect credentials.
- Policy and MFA
- Storage
- Monitoring
Keep going. Work through each chapter in order, then apply what you learned in the matching labs.