Phone Number +1-202-802-9399 (US)

ThycoticCentrify is now Delinea!

Thycotic PAM, IT and
Cyber Security Webinars

Ongoing education, on-demand


Kali Linux: Using John the Ripper, Hashcat and Other Tools to Steal Privileged Accounts

Wednesday, November 15, 2017 | 11:00 AM ET

To protect resources like privileged accounts you need to understand the tools and methods used by the bad guys. One of the easiest ways to do this safely is to leverage tool kits designed for pen-testers and the best example of that is Kali Linux.

Kali Linux is a Linux distro derived from Debian that can run from a USB drive if you like. Kali contains over 600 pen-testing tools. If there’s a way to hack it, there’s usually a tool in Kali that implements the method.

But Kali is safer than downloading bad guy tools you find in hacker communities because it’s developed in a secure environment, under the supervision of a white-hat info-sec company, Offensive Security.

In this webinar, I will introduce you to Kali Linux, show you how to setup a portable Kali system, and provide an overview of its large suite of tools.

Then we’ll specifically zero in on some of the tools in Kali that can be used to scan systems, identify privileged accounts, steal credential artifacts and then crack those artifacts back to the original password or just use them as-is for accessing systems – such as by pass-the-hash.

Here are some of the tools we’ll look at:
– John the Ripper – is a free and open source password cracker. This tool can crack more types of password hashes than I can list here
– Johnny – is an open source GUI frontend to John the Ripper making it much easier to use
– Hashcat – is another password cracking / recovery tool. We’ll talk about the differences
– Mimikatz – another tool commonly-used for dumping hashes and clear text credentials straight from memory
– Ghost Phisher – why go through all the trouble, use this tool to simply ask for the password

After I introduce you to Kali and these tools, Joseph Carson, from our sponsor Thycotic, will take over and show you how bad guys use these tools or the methods implemented by these tools to locate and get access to privileged accounts on your network. We will cover the Anatomy of a Privileged Account Hack that will walk through each step and technique the bad guys use to get the keys to the kingdom. Joseph will finish up by demonstrating how Thycotic’s privileged account management technology protects your privileged accounts from these attacks.