Digital Forensic Scientist

less than 1 minute read

Password cracking often takes a long time. Brute force is normally your last option. But before that, a wordlist usually helps guess the password faster.

Popular wordlists like Rockyou are good for general cases, but making password lists specific to the user can produce faster results. One of the best data sources to produce a customized wordlist is a target’s RAM.

We show how to use strings to extract password candidates from a RAM dump and use the resulting wordlist with Hashcat, a high-powered password cracking software.

Links:

You may also enjoy

iLEAPP and RLEAPP updates and dev thoughts

Alex (@kviddy) has been pushing some extremely useful updates to the open-source Android forensic tool - [ALEAPP](https://github.com/abrignoni/ALEAPP]. Speci...

What data can you find in RAM?

To determine if you need to collect Random Access Memory on-scene, it is useful to know what kinda of investigation-relevant data is often available in RAM.

Modular artifact scripts coming to iLEAPP

kviddy has been pushing some great core updates to ALEAPP. Specifically, artifact scripts are now self-contained. This means that script authors no longer ne...