The dictstat Python script is a great little tool for password cracking results analysis or for regular wordlist analysis. The dictstat application is located in the /pentest/passwords/pack directory on Backtrack 5 R3 and can be run using “python dictstat.py” from within that directory. Written by iphelix during the 2010 Crack Me If You Can password cracking competition and is part of a larger toolset called PACK or Password Analysis and Cracking Kit. Below we show some examples of dictstat in action along with some details of the available parsing mechanisms that are in place.
Recently I have started using Hashcat-gui a lot more to test the strength of various passwords for certain clients. One of the things I wasn’t sure of at first was how to save charsets in the Bruteforce Settings window and while it would be nice if you could have a text file that included various charsets you could select from the drop down menu it is also easy to save your preferred charsets as Hashcat Jobs. Below is information on how to save charsets as Hashcat Jobs as well as recommended charsets you might want to save.
I had a document the other day that I needed to search through on my Windows laptop and find specific number combinations that started with a specific three digits and ended with another digit. For example I had a list of thousands of numbers and needed to find any number that matched 333xxx4 where the xxx could be any number combination. At first I wasn’t sure what application I should use on Windows but then I remembered that Notepad++ had regular expression search and replace support. Below is an example of searching for the combination I mention above along with a list of other regular expressions that can be used for matching variables in documents opened with Notepad++.