CrackQ Password Cracking Manager is an Interface for Hashcat Served by a REST API and a JavaScript Web App
Hashcat is billed as the world's fastest password cracker. It uses the power of graphical processing units (GPUs) to compare guessed plaintext passwords with known password hashes at high speed -- often at hundreds of billions of guesses per second -- until a match is found. It has become an important tool for red teamers and pentesters analyzing the strength of customers' passwords.
But like all such raw tools, users can benefit from additional features and improved operational management. At Black Hat Europe in London, UK, cybersecurity and managed security services provider Trustwave has announced the release of CrackQ (alpha version), available from GitHub. Developed over the last year by Trustwave principal security consultant Dan Turner, CrackQ, he says, is "an intuitive interface for Hashcat served by a REST API and a JavaScript front-end web application for ease of use."
Never quite content with the cracking rigs he has used, Turner started to develop his own -- initially just wanting something written in Python so that he could add additional features as required. But the project grew into CrackQ, a Hashcat password cracking manager. The ability to add additional features remains. Turner has "a multitude of useful features planned for future releases", and also hopes the GitHub community will assist with future development.
It doesn't use shell commands to interface with Hashcat but does so directly through the libhashcat library using PyHashcat C bindings. It uses SAML2 authentication allowing the use of MFA, and can alternatively use LDAP. But while the current version includes features not found elsewhere, other ..
Support the originator by clicking the read the rest link below.
![[Ben Krasnow] Builds a Mass Spectrometer](upload/news/image_1575482436_37310828.png)
