Brute-forcing a really important method that a hacker or a pentester must be aware of and he will use in various places. Password files are the files which contains various passwords and random symbol combination that can be potential password to an account or an server admin login. who knows? the main problem faced by any hacker is how to make this password file more efficient and more productive and he will be having the question that is the password i am searching for is in this file and is he using a weak password to tackle this issue there is a logical way create a password file that has all the combinations available for it between 4-30 i am taking 4 as it is the minimum the websites will ask and 32 is the maximum anyone can remember so lets talk about various methods and there outcomes:- PROGRAMES:- you need to know basic python to do this and some command line knowhow see for random password generating the generators which go in a systematic order are the best like , , , 1111 1112 1113 1114 after the last letter it goes to the next Colom and for this there are hundreds of programs u can refer or if u want u can code it on ur own if u are a pro and u have done a complete OSINT (opensource intelligence) on your target so u can use its a tool in python based on opensource intelligence but the passwords may work only for one person not everyone. cupp password generating Generator Requirements the pass generator requires characters to choose the letters and take the combinations out of it the characters are a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z, , , , , , , , , , ,!,@,#,$,%,^,&,*,(,),_,+,-,=,/,,,\, 1 2 3 4 5 6 7 8 9 0 ',",;,:,?,.,>,< with special characters and all in total it comes to 91-95 if u wish to exclude some characters to convert the output of the file to a txt file some programs will have inbuilt but if it is not there and prints out the combinations when executed then u can do this in the command prompt or terminal. python main.py >> password.txt Size and amount of passwords for a perspective rockyou.txt contains passwords and its size in the compressed state is now if we calculate how many passwords can i store in 1 mb we get 14341564 134mb MB= / = PASSWORDS GB= MB* = PASSWORDS 1 14341564 134 107026 1 1 1000 107026000 but due to high compression rate which my pc offers i get passwords and i will consider this for the future 1073741824 i am considering size of the file as the combination will give us numbers in trillions and it is difficult to understand so i am thinking the size of the file will be an accurate representation coming back to the file i am using a pen-drive for certain reasons and at last in it i get of storage and in that space i have my password file now if i calculate the passwords i can fit in it with the compression and all it will like this:- 32 GB 28 GB GB= GB= * = PASSWORDS 1 107026000 28 107026000 14 3006475107000 its a lot of passwords and after a lot of brain-storming i got to know the last combination was of 30 length and it was nearing the end of all combinations if i provided some more space. PROCESSING-TIME-CONSUMED each password cracking and brute-forcing tool have there own specific speed of password cracking i will be discussing about 5 tools they are :- medusa hydra hatch aircrack-nghashcat MEDUSA & HYDRA medusa and hydra are one of the fastest ssh and telnet brute-forcers it can process about passwords in an hour so if i could increase it to with better upgrades the time consumed to complete the task will be 1000 2000 P/HR = HOURS = DAYS P/HR = HOURS = DAYS 1000 30064755072 12000 2000 1503235536 6000 i guess by then u will find the password by that time :) . HATCH Hatch is a web-brute-forcer it can basically hack any login page and can hack into any social media accounts the article and video it is efficient but can process about 100 passwords with an high internet speed and we can achieve that by upgrading our  Wi-Fi-cards and our service providers and increase the rate to nullbyte YouTube 200 per hour P/HR = HOURS = DAYS P/HR = HOURS = DAYS 100 300647550720 120000 200 15032355360 60000 i recommend u to use a dedicated device with a really fast sd card for this purpose only . raspberry pi 4 8-gb ram AIRCRACK-NG this is a capture brute-forcing  tool to brute-force handshake captured for WIFI pentesting  and for an device it runs at a max speed of pass per hour in u can achieve an increase it by upgrading it to 4800 pass per hour then the time calculation for this will be 8 gb ram 2000 4 gb ram P/SEC = / = SEC = MIN = HOURS = DAYS 4800 3006475536000 4800 626349070 10439151 173985.85 7249 yep even this takes a lot of time but i suggest the same to use a dedicated for this also raspberry pi 4 8-gb ram HASHCAT HASHCAT is a password cracking tool which uses GPU and CPU to fast crack password handshakes and if u use a god pc u can easily complete the whole thing within a day it complete this whole thing in a day but u need the best configs to do it like RTX-3090 graphics card and i9 extreme processor with full watercolling and 64 gb of ram and 1TB of ssd storage these are best specification for this pc . NOTE i suggest u have the passfile in ur pendrive as for the following reasons fast moble efficient can be used with two or more pc's and u can find various videos in youtube on how to increase the compression rates and how to make pendrives communication fasterand these numbers are the numbers i got after i personally experienced and and roughly calculated it might not be accurate but is worth a notice follow me i am very active in my twitter and if u want to appreciate like this artical twitter :- morpheuslord2 instagram :- morpheuslord_9034 email:- morpheuslord@protonmail.com

Instagram

Target

Twitter

YouTube

Introducing Metasploit

Personal Website

LinkedIn

HuggingFace

Github

Cybersecurity Engineer Intern

Researcher & Developer

Offensive Security Engineer Intern

CyberSecurity Engineer

Too Long; Didn't Read

Great Methods To Create A Password File To Prevent Brute-Force Attacks

Great Methods To Create A Password File To Prevent Brute-Force Attacks

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

All the Methods You Can Use to Hack into a Website

10 Reasons Wordpress Sites Get Hacked and How to Avoid Them

10 Features of a Secure Website

10 Cybersecurity Books Every Business Owner Should Read

10 Cybersecurity Tips Everyone Should Follow

121 Stories To Learn About Data Protection

All the Methods You Can Use to Hack into a Website

10 Reasons Wordpress Sites Get Hacked and How to Avoid Them

10 Features of a Secure Website

10 Cybersecurity Books Every Business Owner Should Read

10 Cybersecurity Tips Everyone Should Follow

121 Stories To Learn About Data Protection

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps